From d5d3f8a975139309b3fe6bfa6e02504223ec565c Mon Sep 17 00:00:00 2001 From: Marko Korhonen Date: Sat, 26 Feb 2022 13:25:54 +0200 Subject: [PATCH] Convert rest of docker-compose files to TOML --- docker/authentik/docker-compose.toml | 77 ++++++++++++++++++ docker/authentik/docker-compose.yaml | 83 -------------------- docker/freshrss/docker-compose.toml | 56 +++++++++++++ docker/freshrss/docker-compose.yaml | 61 -------------- docker/gitea/docker-compose.toml | 29 +++++++ docker/gitea/docker-compose.yaml | 36 --------- docker/index.korhonen.cc/docker-compose.toml | 25 ++++++ docker/index.korhonen.cc/docker-compose.yaml | 28 ------- docker/jellyfin/docker-compose.toml | 38 +++++++++ docker/jellyfin/docker-compose.yaml | 38 --------- docker/mumble/docker-compose.toml | 10 +++ docker/mumble/docker-compose.yaml | 12 --- docker/nextcloud/docker-compose.toml | 76 ++++++++++++++++++ docker/nextcloud/docker-compose.yaml | 81 ------------------- docker/pihole/docker-compose.toml | 34 ++++++++ docker/pihole/docker-compose.yaml | 41 ---------- docker/postgres/docker-compose.toml | 18 +++++ docker/postgres/docker-compose.yaml | 19 ----- docker/remotely/docker-compose.toml | 23 ++++++ docker/remotely/docker-compose.yaml | 24 ------ docker/tftp/docker-compose.toml | 9 +++ docker/tftp/docker-compose.yaml | 12 --- docker/traefik/docker-compose.toml | 52 ++++++++++++ docker/traefik/docker-compose.yaml | 57 -------------- docker/tvheadend/docker-compose.toml | 32 ++++++++ docker/tvheadend/docker-compose.yaml | 37 --------- 26 files changed, 479 insertions(+), 529 deletions(-) create mode 100644 docker/authentik/docker-compose.toml delete mode 100644 docker/authentik/docker-compose.yaml create mode 100644 docker/freshrss/docker-compose.toml delete mode 100644 docker/freshrss/docker-compose.yaml create mode 100644 docker/gitea/docker-compose.toml delete mode 100644 docker/gitea/docker-compose.yaml create mode 100644 docker/index.korhonen.cc/docker-compose.toml delete mode 100644 docker/index.korhonen.cc/docker-compose.yaml create mode 100644 docker/jellyfin/docker-compose.toml delete mode 100644 docker/jellyfin/docker-compose.yaml create mode 100644 docker/mumble/docker-compose.toml delete mode 100644 docker/mumble/docker-compose.yaml create mode 100644 docker/nextcloud/docker-compose.toml delete mode 100644 docker/nextcloud/docker-compose.yaml create mode 100644 docker/pihole/docker-compose.toml delete mode 100644 docker/pihole/docker-compose.yaml create mode 100644 docker/postgres/docker-compose.toml delete mode 100644 docker/postgres/docker-compose.yaml create mode 100644 docker/remotely/docker-compose.toml delete mode 100644 docker/remotely/docker-compose.yaml create mode 100644 docker/tftp/docker-compose.toml delete mode 100644 docker/tftp/docker-compose.yaml create mode 100644 docker/traefik/docker-compose.toml delete mode 100644 docker/traefik/docker-compose.yaml create mode 100644 docker/tvheadend/docker-compose.toml delete mode 100644 docker/tvheadend/docker-compose.yaml diff --git a/docker/authentik/docker-compose.toml b/docker/authentik/docker-compose.toml new file mode 100644 index 0000000..7fee304 --- /dev/null +++ b/docker/authentik/docker-compose.toml @@ -0,0 +1,77 @@ +[services] + +[services.redis] +container_name = "authentik-redis" +image = "redis:alpine" +restart = "unless-stopped" +networks = ["authentik"] + +[services.authentik] +container_name = "authentik" +image = "${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4}" +restart = "unless-stopped" +command = "server" +volumes = [ + "/docker/authentik/media:/media", + "/docker/authentik/custom-templates:/templates", + "/docker/authentik/geoip:/geoip", +] +env_file = [".env"] +networks = ["authentik", "postgres", "proxy"] +ports = ["9000:9000"] +labels = [ + "traefik.enable=true", + "traefik.http.routers.authentik-redirect.entrypoints=http", + "traefik.http.routers.authentik-redirect.rule=Host(`sso.korhonen.cc`)", + "traefik.http.routers.authentik-redirect.middlewares=http2https@file", + "traefik.http.routers.authentik.entrypoints=https", + "traefik.http.routers.authentik.rule=Host(`sso.korhonen.cc`)", + "traefik.http.routers.authentik.service=authentik", + "traefik.docker.network=proxy", + "traefik.http.services.authentik.loadbalancer.server.port=9000", +] + +[services.authentik-worker] +container_name = "authentik-worker" +image = "${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4}" +restart = "unless-stopped" +command = "worker" +networks = ["authentik", "postgres"] +user = "root" +volumes = [ + "/docker/authentik/backups:/backups", + "/docker/authentik/media:/media", + "/var/run/docker.sock:/var/run/docker.sock", + "/docker/authentik/custom-templates:/templates", + "/docker/authentik/geoip:/geoip", +] +environment = [ + "AUTHENTIK_POSTGRESQL__HOST", + "AUTHENTIK_POSTGRESQL__USER", + "AUTHENTIK_POSTGRESQL__NAME", + "AUTHENTIK_POSTGRESQL__PASSWORD", + "AUTHENTIK_SECRET_KEY", +] +env_file = [".env"] + +[services.geoipupdate] +container_name = "authentik-geoip" +image = "maxmindinc/geoipupdate:latest" +volumes = ["/docker/authentik/geoip:/usr/share/GeoIP"] +env_file = [".env"] +networks = ["authentik"] + +[services.geoipupdate.environment] +GEOIPUPDATE_EDITION_IDS = "GeoLite2-City" +GEOIPUPDATE_FREQUENCY = "8" + +[networks] + +[networks.authentik] +external = true + +[networks.postgres] +external = true + +[networks.proxy] +external = true diff --git a/docker/authentik/docker-compose.yaml b/docker/authentik/docker-compose.yaml deleted file mode 100644 index ec2161c..0000000 --- a/docker/authentik/docker-compose.yaml +++ /dev/null @@ -1,83 +0,0 @@ -services: - - redis: - container_name: authentik-redis - image: redis:alpine - restart: unless-stopped - networks: - - authentik - - authentik: - container_name: authentik - image: ${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4} - restart: unless-stopped - command: server - volumes: - - /docker/authentik/media:/media - - /docker/authentik/custom-templates:/templates - - /docker/authentik/geoip:/geoip - env_file: - - .env - networks: - - authentik - - postgres - - proxy - ports: - - 9000:9000 - labels: - - "traefik.enable=true" - - - "traefik.http.routers.authentik-redirect.entrypoints=http" - - "traefik.http.routers.authentik-redirect.rule=Host(`sso.korhonen.cc`)" - - "traefik.http.routers.authentik-redirect.middlewares=http2https@file" - - - "traefik.http.routers.authentik.entrypoints=https" - - "traefik.http.routers.authentik.rule=Host(`sso.korhonen.cc`)" - - "traefik.http.routers.authentik.service=authentik" - - "traefik.docker.network=proxy" - - "traefik.http.services.authentik.loadbalancer.server.port=9000" - - authentik-worker: - container_name: authentik-worker - image: ${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4} - restart: unless-stopped - command: worker - networks: - - authentik - - postgres - user: root - volumes: - - /docker/authentik/backups:/backups - - /docker/authentik/media:/media - - /var/run/docker.sock:/var/run/docker.sock - - /docker/authentik/custom-templates:/templates - - /docker/authentik/geoip:/geoip - environment: - - AUTHENTIK_POSTGRESQL__HOST - - AUTHENTIK_POSTGRESQL__USER - - AUTHENTIK_POSTGRESQL__NAME - - AUTHENTIK_POSTGRESQL__PASSWORD - - AUTHENTIK_SECRET_KEY - env_file: - - .env - - geoipupdate: - container_name: authentik-geoip - image: "maxmindinc/geoipupdate:latest" - volumes: - - /docker/authentik/geoip:/usr/share/GeoIP - environment: - GEOIPUPDATE_EDITION_IDS: "GeoLite2-City" - GEOIPUPDATE_FREQUENCY: "8" - env_file: - - .env - networks: - - authentik - -networks: - authentik: - external: true - postgres: - external: true - proxy: - external: true diff --git a/docker/freshrss/docker-compose.toml b/docker/freshrss/docker-compose.toml new file mode 100644 index 0000000..538cb1f --- /dev/null +++ b/docker/freshrss/docker-compose.toml @@ -0,0 +1,56 @@ +[services] + +[services.freshrss] +image = "linuxserver/freshrss" +container_name = "freshrss" +restart = "unless-stopped" +networks = ["freshrss", "postgres", "proxy"] +environment = ["PUID=1000", "PGID=985", "TZ=Europe/Helsinki"] +depends_on = ["bibliogram"] +volumes = [ + "/docker/freshrss/freshrss:/config", + "/etc/localtime:/etc/localtime:ro", +] +labels = [ + "traefik.enable=true", + "traefik.http.routers.freshrss-redirect.entrypoints=http", + "traefik.http.routers.freshrss-redirect.rule=Host(`rss.korhonen.cc`)", + "traefik.http.routers.freshrss-redirect.middlewares=http2https@file", + "traefik.http.routers.freshrss.entrypoints=https", + "traefik.http.routers.freshrss.rule=Host(`rss.korhonen.cc`)", + "traefik.http.routers.freshrss.service=freshrss", + "traefik.docker.network=proxy", + "traefik.http.services.freshrss.loadbalancer.server.port=80", +] + +[services.bibliogram] +image = "cloudrac3r/bibliogram" +container_name = "bibliogram" +restart = "unless-stopped" +volumes = [ + "/docker/freshrss/bibliogram/db:/app/db", + "/docker/freshrss/bibliogram/config.js:/app/config.js", +] +networks = ["freshrss", "proxy"] +labels = [ + "traefik.enable=true", + "traefik.http.routers.bibliogram-redirect.entrypoints=http", + "traefik.http.routers.bibliogram-redirect.rule=Host(`bibliogram.korhonen.cc`)", + "traefik.http.routers.bibliogram-redirect.middlewares=http2https@file", + "traefik.http.routers.bibliogram.entrypoints=https", + "traefik.http.routers.bibliogram.rule=Host(`bibliogram.korhonen.cc`)", + "traefik.http.routers.bibliogram.service=bibliogram", + "traefik.docker.network=proxy", + "traefik.http.services.bibliogram.loadbalancer.server.port=10407", +] + +[networks] + +[networks.freshrss] +external = false + +[networks.postgres] +external = true + +[networks.proxy] +external = true diff --git a/docker/freshrss/docker-compose.yaml b/docker/freshrss/docker-compose.yaml deleted file mode 100644 index b1bb806..0000000 --- a/docker/freshrss/docker-compose.yaml +++ /dev/null @@ -1,61 +0,0 @@ -services: - freshrss: - image: linuxserver/freshrss - container_name: freshrss - restart: unless-stopped - networks: - - freshrss - - postgres - - proxy - environment: - - PUID=1000 - - PGID=985 - - TZ=Europe/Helsinki - depends_on: - - bibliogram - volumes: - - /docker/freshrss/freshrss:/config - - /etc/localtime:/etc/localtime:ro - labels: - - "traefik.enable=true" - - - "traefik.http.routers.freshrss-redirect.entrypoints=http" - - "traefik.http.routers.freshrss-redirect.rule=Host(`rss.korhonen.cc`)" - - "traefik.http.routers.freshrss-redirect.middlewares=http2https@file" - - - "traefik.http.routers.freshrss.entrypoints=https" - - "traefik.http.routers.freshrss.rule=Host(`rss.korhonen.cc`)" - - "traefik.http.routers.freshrss.service=freshrss" - - "traefik.docker.network=proxy" - - "traefik.http.services.freshrss.loadbalancer.server.port=80" - - bibliogram: - image: cloudrac3r/bibliogram - container_name: bibliogram - restart: unless-stopped - volumes: - - /docker/freshrss/bibliogram/db:/app/db - - /docker/freshrss/bibliogram/config.js:/app/config.js - networks: - - freshrss - - proxy - labels: - - "traefik.enable=true" - - - "traefik.http.routers.bibliogram-redirect.entrypoints=http" - - "traefik.http.routers.bibliogram-redirect.rule=Host(`bibliogram.korhonen.cc`)" - - "traefik.http.routers.bibliogram-redirect.middlewares=http2https@file" - - - "traefik.http.routers.bibliogram.entrypoints=https" - - "traefik.http.routers.bibliogram.rule=Host(`bibliogram.korhonen.cc`)" - - "traefik.http.routers.bibliogram.service=bibliogram" - - "traefik.docker.network=proxy" - - "traefik.http.services.bibliogram.loadbalancer.server.port=10407" - -networks: - freshrss: - external: false - postgres: - external: true - proxy: - external: true diff --git a/docker/gitea/docker-compose.toml b/docker/gitea/docker-compose.toml new file mode 100644 index 0000000..dc4c922 --- /dev/null +++ b/docker/gitea/docker-compose.toml @@ -0,0 +1,29 @@ +[services] + +[services.gitea] +container_name = "gitea" +image = "gitea/gitea:1" +environment = ["TZ=Europe/Helsinki", "USER_UID=1000", "USER_GID=1000"] +restart = "unless-stopped" +networks = ["postgres", "proxy"] +ports = ["3000:3000", "22:22"] +volumes = ["/docker/gitea:/data", "/etc/localtime:/etc/localtime:ro"] +labels = [ + "traefik.enable=true", + "traefik.http.routers.gitea-redirect.entrypoints=http", + "traefik.http.routers.gitea-redirect.rule=Host(`git.korhonen.cc`)", + "traefik.http.routers.gitea-redirect.middlewares=http2https@file", + "traefik.http.routers.gitea.entrypoints=https", + "traefik.http.routers.gitea.rule=Host(`git.korhonen.cc`)", + "traefik.http.routers.gitea.service=gitea", + "traefik.docker.network=proxy", + "traefik.http.services.gitea.loadbalancer.server.port=3000", +] + +[networks] + +[networks.postgres] +external = true + +[networks.proxy] +external = true diff --git a/docker/gitea/docker-compose.yaml b/docker/gitea/docker-compose.yaml deleted file mode 100644 index 1f1318a..0000000 --- a/docker/gitea/docker-compose.yaml +++ /dev/null @@ -1,36 +0,0 @@ -services: - gitea: - container_name: gitea - image: gitea/gitea:1 - environment: - - TZ=Europe/Helsinki - - USER_UID=1000 - - USER_GID=1000 - restart: unless-stopped - networks: - - postgres - - proxy - ports: - - "3000:3000" - - "22:22" - volumes: - - /docker/gitea:/data - - /etc/localtime:/etc/localtime:ro - labels: - - "traefik.enable=true" - - - "traefik.http.routers.gitea-redirect.entrypoints=http" - - "traefik.http.routers.gitea-redirect.rule=Host(`git.korhonen.cc`)" - - "traefik.http.routers.gitea-redirect.middlewares=http2https@file" - - - "traefik.http.routers.gitea.entrypoints=https" - - "traefik.http.routers.gitea.rule=Host(`git.korhonen.cc`)" - - "traefik.http.routers.gitea.service=gitea" - - "traefik.docker.network=proxy" - - "traefik.http.services.gitea.loadbalancer.server.port=3000" - -networks: - postgres: - external: true - proxy: - external: true diff --git a/docker/index.korhonen.cc/docker-compose.toml b/docker/index.korhonen.cc/docker-compose.toml new file mode 100644 index 0000000..ea4eb28 --- /dev/null +++ b/docker/index.korhonen.cc/docker-compose.toml @@ -0,0 +1,25 @@ +[services] + +[services.nginx] +image = "fraoustin/fancyindex" +container_name = "index.korhonen.cc" +environment = ["DISABLE_AUTH=true", "CONTAINER_TIMEZONE=\"Europe/Helsinki\""] +volumes = ["/docker/index.korhonen.cc:/share"] +networks = ["proxy"] +restart = "unless-stopped" +labels = [ + "traefik.enable=true", + "traefik.http.routers.index-redirect.entrypoints=http", + "traefik.http.routers.index-redirect.rule=Host(`index.korhonen.cc`)", + "traefik.http.routers.index-redirect.middlewares=http2https@file", + "traefik.http.routers.index.entrypoints=https", + "traefik.http.routers.index.rule=Host(`index.korhonen.cc`)", + "traefik.http.routers.index.service=index", + "traefik.docker.network=proxy", + "traefik.http.services.index.loadbalancer.server.port=80", +] + +[networks] + +[networks.proxy] +external = true diff --git a/docker/index.korhonen.cc/docker-compose.yaml b/docker/index.korhonen.cc/docker-compose.yaml deleted file mode 100644 index a14b852..0000000 --- a/docker/index.korhonen.cc/docker-compose.yaml +++ /dev/null @@ -1,28 +0,0 @@ -services: - nginx: - image: fraoustin/fancyindex - container_name: index.korhonen.cc - environment: - - DISABLE_AUTH=true - - CONTAINER_TIMEZONE="Europe/Helsinki" - volumes: - - /docker/index.korhonen.cc:/share - networks: - - proxy - restart: unless-stopped - labels: - - "traefik.enable=true" - - - "traefik.http.routers.index-redirect.entrypoints=http" - - "traefik.http.routers.index-redirect.rule=Host(`index.korhonen.cc`)" - - "traefik.http.routers.index-redirect.middlewares=http2https@file" - - - "traefik.http.routers.index.entrypoints=https" - - "traefik.http.routers.index.rule=Host(`index.korhonen.cc`)" - - "traefik.http.routers.index.service=index" - - "traefik.docker.network=proxy" - - "traefik.http.services.index.loadbalancer.server.port=80" - -networks: - proxy: - external: true diff --git a/docker/jellyfin/docker-compose.toml b/docker/jellyfin/docker-compose.toml new file mode 100644 index 0000000..0ea17c7 --- /dev/null +++ b/docker/jellyfin/docker-compose.toml @@ -0,0 +1,38 @@ +[services] + +[services.jellyfin] +image = "jellyfin/jellyfin:10.8.0-alpha5" +container_name = "jellyfin" +environment = ["TZ=Europe/Helsinki"] +ports = ["8096:8096"] +networks = ["proxy", "authentik"] +restart = "unless-stopped" +volumes = [ + "/docker/jellyfin/config:/config", + "/docker/jellyfin/cache:/cache", + "/mnt/Storage/Media:/media", + "/etc/localtime:/etc/localtime:ro", +] +devices = [ + "/dev/dri/renderD128:/dev/dri/renderD128", + "/dev/dri/card0:/dev/dri/card0", +] +labels = [ + "traefik.enable=true", + "traefik.http.routers.jellyfin-redirect.entrypoints=http", + "traefik.http.routers.jellyfin-redirect.rule=Host(`jellyfin.korhonen.cc`)", + "traefik.http.routers.jellyfin-redirect.middlewares=http2https@file", + "traefik.http.routers.jellyfin.entrypoints=https", + "traefik.http.routers.jellyfin.rule=Host(`jellyfin.korhonen.cc`)", + "traefik.http.routers.jellyfin.service=jellyfin", + "traefik.docker.network=proxy", + "traefik.http.services.jellyfin.loadbalancer.server.port=8096", +] + +[networks] + +[networks.proxy] +external = true + +[networks.authentik] +external = true diff --git a/docker/jellyfin/docker-compose.yaml b/docker/jellyfin/docker-compose.yaml deleted file mode 100644 index b546400..0000000 --- a/docker/jellyfin/docker-compose.yaml +++ /dev/null @@ -1,38 +0,0 @@ -services: - jellyfin: - image: jellyfin/jellyfin:10.8.0-alpha5 - container_name: jellyfin - environment: - - TZ=Europe/Helsinki - ports: - - "8096:8096" - networks: - - proxy - - authentik - restart: unless-stopped - volumes: - - /docker/jellyfin/config:/config - - /docker/jellyfin/cache:/cache - - /mnt/Storage/Media:/media - - /etc/localtime:/etc/localtime:ro - devices: - - /dev/dri/renderD128:/dev/dri/renderD128 - - /dev/dri/card0:/dev/dri/card0 - labels: - - "traefik.enable=true" - - - "traefik.http.routers.jellyfin-redirect.entrypoints=http" - - "traefik.http.routers.jellyfin-redirect.rule=Host(`jellyfin.korhonen.cc`)" - - "traefik.http.routers.jellyfin-redirect.middlewares=http2https@file" - - - "traefik.http.routers.jellyfin.entrypoints=https" - - "traefik.http.routers.jellyfin.rule=Host(`jellyfin.korhonen.cc`)" - - "traefik.http.routers.jellyfin.service=jellyfin" - - "traefik.docker.network=proxy" - - "traefik.http.services.jellyfin.loadbalancer.server.port=8096" - -networks: - proxy: - external: true - authentik: - external: true diff --git a/docker/mumble/docker-compose.toml b/docker/mumble/docker-compose.toml new file mode 100644 index 0000000..fa1afaa --- /dev/null +++ b/docker/mumble/docker-compose.toml @@ -0,0 +1,10 @@ +[services] + +[services.mumble] +container_name = "mumble" +image = "phlak/mumble" +user = "1000:985" +environment = ["TZ=Europe/Helsinki"] +network_mode = "host" +volumes = ["/docker/mumble:/etc/mumble", "/etc/localtime:/etc/localtime:ro"] +restart = "unless-stopped" diff --git a/docker/mumble/docker-compose.yaml b/docker/mumble/docker-compose.yaml deleted file mode 100644 index 570697e..0000000 --- a/docker/mumble/docker-compose.yaml +++ /dev/null @@ -1,12 +0,0 @@ -services: - mumble: - container_name: mumble - image: phlak/mumble - user: "1000:985" - environment: - - TZ=Europe/Helsinki - network_mode: host - volumes: - - /docker/mumble:/etc/mumble - - /etc/localtime:/etc/localtime:ro - restart: unless-stopped diff --git a/docker/nextcloud/docker-compose.toml b/docker/nextcloud/docker-compose.toml new file mode 100644 index 0000000..75bd91e --- /dev/null +++ b/docker/nextcloud/docker-compose.toml @@ -0,0 +1,76 @@ +[services] + +[services.nextcloud] +image = "nextcloud:apache" +container_name = "nextcloud" +restart = "always" +ports = ["1869:80"] +networks = ["nextcloud", "postgres", "proxy"] +volumes = [ + "/docker/nextcloud:/var/www/html", + "/mnt/Storage/Nextcloud:/var/www/html/data", + "/mnt/Storage/Syncthing:/Syncthing", + "/mnt/Storage/Media/Music:/Music", + "/etc/localtime:/etc/localtime:ro", +] +environment = [ + "TZ=Europe/Helsinki", + "REDIS_HOST=redis", + "REDIS_HOST_PASSWORD=123", +] +depends_on = ["redis"] +labels = [ + "traefik.enable=true", + "traefik.http.routers.nextcloud-redirect.entrypoints=http", + "traefik.http.routers.nextcloud-redirect.rule=Host(`cloud.korhonen.cc`)", + "traefik.http.routers.nextcloud-redirect.middlewares=http2https@file", + "traefik.http.routers.nextcloud.entrypoints=https", + "traefik.http.routers.nextcloud.rule=Host(`cloud.korhonen.cc`)", + "traefik.http.routers.nextcloud.service=nextcloud", + "traefik.http.routers.nextcloud.middlewares=secHeaders@file,nextcloud-dav@file", + "traefik.docker.network=proxy", + "traefik.http.services.nextcloud.loadbalancer.server.port=80", +] + +[services.redis] +image = "redis:alpine" +container_name = "redis" +networks = ["nextcloud"] +restart = "always" +command = "redis-server --requirepass 123" + +[services.cron] +image = "nextcloud:apache" +container_name = "nextcloud-cron" +restart = "always" +volumes = ["/docker/nextcloud:/var/www/html"] +entrypoint = "/cron.sh" +depends_on = ["redis"] + +[services.coturn] +image = "instrumentisto/coturn" +container_name = "coturn" +restart = "unless-stopped" +env_file = ".env" +ports = ["3478:3478/tcp", "3478:3478/udp"] +networks = ["nextcloud"] +command = [ + "-n", + "--log-file=stdout", + "--min-port=49160", + "--max-port=49200", + "--realm=cloud.korhonen.cc", + "--use-auth-secret", + "--static-auth-secret=${STATIC_AUTH_SECRET}", +] + +[networks] + +[networks.nextcloud] +external = false + +[networks.postgres] +external = true + +[networks.proxy] +external = true diff --git a/docker/nextcloud/docker-compose.yaml b/docker/nextcloud/docker-compose.yaml deleted file mode 100644 index 94b3e7a..0000000 --- a/docker/nextcloud/docker-compose.yaml +++ /dev/null @@ -1,81 +0,0 @@ -services: - nextcloud: - image: nextcloud:apache - container_name: nextcloud - restart: always - ports: - - "1869:80" - networks: - - nextcloud - - postgres - - proxy - volumes: - - /docker/nextcloud:/var/www/html - - /mnt/Storage/Nextcloud:/var/www/html/data - - /mnt/Storage/Syncthing:/Syncthing - - /mnt/Storage/Media/Music:/Music - - /etc/localtime:/etc/localtime:ro - environment: - - TZ=Europe/Helsinki - - REDIS_HOST=redis - - REDIS_HOST_PASSWORD=123 - depends_on: - - redis - labels: - - "traefik.enable=true" - - - "traefik.http.routers.nextcloud-redirect.entrypoints=http" - - "traefik.http.routers.nextcloud-redirect.rule=Host(`cloud.korhonen.cc`)" - - "traefik.http.routers.nextcloud-redirect.middlewares=http2https@file" - - - "traefik.http.routers.nextcloud.entrypoints=https" - - "traefik.http.routers.nextcloud.rule=Host(`cloud.korhonen.cc`)" - - "traefik.http.routers.nextcloud.service=nextcloud" - - "traefik.http.routers.nextcloud.middlewares=secHeaders@file,nextcloud-dav@file" - - "traefik.docker.network=proxy" - - "traefik.http.services.nextcloud.loadbalancer.server.port=80" - - redis: - image: redis:alpine - container_name: redis - networks: - - nextcloud - restart: always - command: redis-server --requirepass 123 - - cron: - image: nextcloud:apache - container_name: nextcloud-cron - restart: always - volumes: - - /docker/nextcloud:/var/www/html - entrypoint: /cron.sh - depends_on: - - redis - - coturn: - image: instrumentisto/coturn - container_name: coturn - restart: unless-stopped - env_file: .env - ports: - - "3478:3478/tcp" - - "3478:3478/udp" - networks: - - nextcloud - command: - - -n - - --log-file=stdout - - --min-port=49160 - - --max-port=49200 - - --realm=cloud.korhonen.cc - - --use-auth-secret - - --static-auth-secret=${STATIC_AUTH_SECRET} - -networks: - nextcloud: - external: false - postgres: - external: true - proxy: - external: true diff --git a/docker/pihole/docker-compose.toml b/docker/pihole/docker-compose.toml new file mode 100644 index 0000000..27f4af6 --- /dev/null +++ b/docker/pihole/docker-compose.toml @@ -0,0 +1,34 @@ +[services] + +[services.pihole] +container_name = "pihole" +image = "pihole/pihole:latest" +ports = ["53:53/tcp", "53:53/udp", "67:67/udp", "8069:80/tcp"] +networks = ["proxy"] +volumes = [ + "/docker/pihole/pihole:/etc/pihole/", + "/docker/pihole/dnsmasq:/etc/dnsmasq.d/", +] +dns = ["127.0.0.1", "1.1.1.1"] +cap_add = ["NET_ADMIN"] +restart = "unless-stopped" +labels = [ + "traefik.enable=true", + "traefik.http.routers.pihole-redirect.entrypoints=http", + "traefik.http.routers.pihole-redirect.rule=Host(`pihole.korhonen.cc`)", + "traefik.http.routers.pihole-redirect.middlewares=http2https@file", + "traefik.http.routers.pihole.entrypoints=https", + "traefik.http.routers.pihole.rule=Host(`pihole.korhonen.cc`)", + "traefik.http.routers.pihole.service=pihole", + "traefik.docker.network=proxy", + "traefik.http.services.pihole.loadbalancer.server.port=80", +] + +[services.pihole.environment] +TZ = "Europe/Helsinki" +WEBPASSWORD = "${WEBPASSWORD}" + +[networks] + +[networks.proxy] +external = true diff --git a/docker/pihole/docker-compose.yaml b/docker/pihole/docker-compose.yaml deleted file mode 100644 index 0a0f9c2..0000000 --- a/docker/pihole/docker-compose.yaml +++ /dev/null @@ -1,41 +0,0 @@ -services: - pihole: - container_name: pihole - image: pihole/pihole:latest - ports: - - "53:53/tcp" - - "53:53/udp" - - "67:67/udp" - - "8069:80/tcp" - networks: - - proxy - environment: - TZ: "Europe/Helsinki" - WEBPASSWORD: "${WEBPASSWORD}" - volumes: - - "/docker/pihole/pihole:/etc/pihole/" - - "/docker/pihole/dnsmasq:/etc/dnsmasq.d/" - dns: - - 127.0.0.1 - - 1.1.1.1 - # Recommended but not required (DHCP needs NET_ADMIN) - # https://github.com/pihole/docker-pihole#note-on-capabilities - cap_add: - - NET_ADMIN - restart: unless-stopped - labels: - - "traefik.enable=true" - - - "traefik.http.routers.pihole-redirect.entrypoints=http" - - "traefik.http.routers.pihole-redirect.rule=Host(`pihole.korhonen.cc`)" - - "traefik.http.routers.pihole-redirect.middlewares=http2https@file" - - - "traefik.http.routers.pihole.entrypoints=https" - - "traefik.http.routers.pihole.rule=Host(`pihole.korhonen.cc`)" - - "traefik.http.routers.pihole.service=pihole" - - "traefik.docker.network=proxy" - - "traefik.http.services.pihole.loadbalancer.server.port=80" - -networks: - proxy: - external: true diff --git a/docker/postgres/docker-compose.toml b/docker/postgres/docker-compose.toml new file mode 100644 index 0000000..4c5049a --- /dev/null +++ b/docker/postgres/docker-compose.toml @@ -0,0 +1,18 @@ +[services] + +[services.postgres] +container_name = "postgres" +image = "postgres:13" +environment = ["TZ=Europe/Helsinki", "POSTGRES_PASSWORD=12345"] +ports = ["5432:5432"] +networks = ["postgres"] +volumes = [ + "/docker/postgres:/var/lib/postgresql/data", + "/etc/localtime:/etc/localtime:ro", +] +restart = "unless-stopped" + +[networks] + +[networks.postgres] +external = true diff --git a/docker/postgres/docker-compose.yaml b/docker/postgres/docker-compose.yaml deleted file mode 100644 index 4355ba9..0000000 --- a/docker/postgres/docker-compose.yaml +++ /dev/null @@ -1,19 +0,0 @@ -services: - postgres: - container_name: postgres - image: postgres:13 - environment: - - TZ=Europe/Helsinki - - POSTGRES_PASSWORD=12345 - ports: - - 5432:5432 - networks: - - postgres - volumes: - - /docker/postgres:/var/lib/postgresql/data - - /etc/localtime:/etc/localtime:ro - restart: unless-stopped - -networks: - postgres: - external: true diff --git a/docker/remotely/docker-compose.toml b/docker/remotely/docker-compose.toml new file mode 100644 index 0000000..8876584 --- /dev/null +++ b/docker/remotely/docker-compose.toml @@ -0,0 +1,23 @@ +[services] + +[services.remotely] +image = "translucency/remotely" +container_name = "remotely" +networks = ["proxy"] +volumes = ["/docker/remotely:/remotely-data"] +labels = [ + "traefik.enable=true", + "traefik.http.routers.remotely-redirect.entrypoints=http", + "traefik.http.routers.remotely-redirect.rule=Host(`remotely.korhonen.cc`)", + "traefik.http.routers.remotely-redirect.middlewares=http2https@file", + "traefik.http.routers.remotely.entrypoints=https", + "traefik.http.routers.remotely.rule=Host(`remotely.korhonen.cc`)", + "traefik.http.routers.remotely.service=remotely", + "traefik.docker.network=proxy", + "traefik.http.services.remotely.loadbalancer.server.port=5000", +] + +[networks] + +[networks.proxy] +external = true diff --git a/docker/remotely/docker-compose.yaml b/docker/remotely/docker-compose.yaml deleted file mode 100644 index a7b4168..0000000 --- a/docker/remotely/docker-compose.yaml +++ /dev/null @@ -1,24 +0,0 @@ -services: - remotely: - image: translucency/remotely - container_name: remotely - networks: - - proxy - volumes: - - /docker/remotely:/remotely-data - labels: - - "traefik.enable=true" - - - "traefik.http.routers.remotely-redirect.entrypoints=http" - - "traefik.http.routers.remotely-redirect.rule=Host(`remotely.korhonen.cc`)" - - "traefik.http.routers.remotely-redirect.middlewares=http2https@file" - - - "traefik.http.routers.remotely.entrypoints=https" - - "traefik.http.routers.remotely.rule=Host(`remotely.korhonen.cc`)" - - "traefik.http.routers.remotely.service=remotely" - - "traefik.docker.network=proxy" - - "traefik.http.services.remotely.loadbalancer.server.port=5000" - -networks: - proxy: - external: true diff --git a/docker/tftp/docker-compose.toml b/docker/tftp/docker-compose.toml new file mode 100644 index 0000000..bdb6db4 --- /dev/null +++ b/docker/tftp/docker-compose.toml @@ -0,0 +1,9 @@ +[services] + +[services.tftp] +container_name = "tftp" +image = "pghalliday/tftp" +environment = ["TZ=Europe/Helsinki"] +restart = "unless-stopped" +ports = ["69:69/udp"] +volumes = ["/etc/localtime:/etc/localtime:ro", "/docker/tftp:/var/tftpboot"] diff --git a/docker/tftp/docker-compose.yaml b/docker/tftp/docker-compose.yaml deleted file mode 100644 index 47d6d3c..0000000 --- a/docker/tftp/docker-compose.yaml +++ /dev/null @@ -1,12 +0,0 @@ -services: - tftp: - container_name: tftp - image: pghalliday/tftp - environment: - - TZ=Europe/Helsinki - restart: unless-stopped - ports: - - 69:69/udp - volumes: - - /etc/localtime:/etc/localtime:ro - - /docker/tftp:/var/tftpboot diff --git a/docker/traefik/docker-compose.toml b/docker/traefik/docker-compose.toml new file mode 100644 index 0000000..828784d --- /dev/null +++ b/docker/traefik/docker-compose.toml @@ -0,0 +1,52 @@ +[services] + +[services.traefik] +image = "traefik:latest" +container_name = "traefik" +restart = "unless-stopped" +ports = ["80:80", "443:443/tcp", "443:443/udp"] +environment = ["TZ=Europe/Helsinki"] +security_opt = ["no-new-privileges:true"] +networks = ["proxy"] +volumes = [ + "/etc/localtime:/etc/localtime:ro", + "/var/run/docker.sock:/var/run/docker.sock:ro", + "/docker/traefik/traefik/traefik.toml:/traefik.toml:ro", + "/docker/traefik/traefik/dynamic.toml:/dynamic.toml:ro", + "/docker/traefik/traefik/dashboard-users:/dashboard-users:ro", + "/docker/traefik/traefik/acme.json:/acme.json", + "/docker/traefik/traefik/log:/var/log", +] +labels = [ + "traefik.enable=true", + "traefik.http.routers.redirect.entrypoints=http", + "traefik.http.routers.redirect.rule=Host(`traefik.korhonen.cc`)", + "traefik.http.routers.redirect.middlewares=http2https@file", + "traefik.http.routers.dashboard.entrypoints=https", + "traefik.http.routers.dashboard.rule=Host(`traefik.korhonen.cc`)", + "traefik.http.middlewares.dashboard-auth.basicauth.usersfile=/dashboard-users", + "traefik.http.routers.dashboard.middlewares=dashboard-auth", + "traefik.http.routers.dashboard.service=api@internal", + "traefik.docker.network=proxy", +] + +[services.fail2ban] +image = "crazymax/fail2ban:latest" +container_name = "fail2ban" +restart = "unless-stopped" +network_mode = "host" +cap_add = ["NET_ADMIN", "NET_RAW"] +environment = ["TZ=Europe/Helsinki"] +volumes = [ + "/etc/localtime:/etc/localtime:ro", + "/docker/traefik/traefik/log:/var/log/traefik:ro", + "/docker/traefik/fail2ban:/data", + "/docker/gitea/gitea/log/gitea.log:/var/log/gitea:ro", + "/docker/homeautomation/home-assistant/home-assistant.log:/var/log/hass", + "/mnt/Storage/Nextcloud/nextcloud.log:/var/log/nextcloud:ro", +] + +[networks] + +[networks.proxy] +external = true diff --git a/docker/traefik/docker-compose.yaml b/docker/traefik/docker-compose.yaml deleted file mode 100644 index 3eed22d..0000000 --- a/docker/traefik/docker-compose.yaml +++ /dev/null @@ -1,57 +0,0 @@ -services: - traefik: - image: traefik:latest - container_name: traefik - restart: unless-stopped - ports: - - '80:80' - - '443:443/tcp' - - '443:443/udp' - environment: - - TZ=Europe/Helsinki - security_opt: - - no-new-privileges:true - networks: - - proxy - volumes: - - /etc/localtime:/etc/localtime:ro - - /var/run/docker.sock:/var/run/docker.sock:ro - - /docker/traefik/traefik/traefik.toml:/traefik.toml:ro - - /docker/traefik/traefik/dynamic.toml:/dynamic.toml:ro - - /docker/traefik/traefik/dashboard-users:/dashboard-users:ro - - /docker/traefik/traefik/acme.json:/acme.json - - /docker/traefik/traefik/log:/var/log - labels: - # Serve dashboard - - 'traefik.enable=true' - - 'traefik.http.routers.redirect.entrypoints=http' - - 'traefik.http.routers.redirect.rule=Host(`traefik.korhonen.cc`)' - - 'traefik.http.routers.redirect.middlewares=http2https@file' - - - 'traefik.http.routers.dashboard.entrypoints=https' - - 'traefik.http.routers.dashboard.rule=Host(`traefik.korhonen.cc`)' - - 'traefik.http.middlewares.dashboard-auth.basicauth.usersfile=/dashboard-users' - - 'traefik.http.routers.dashboard.middlewares=dashboard-auth' - - 'traefik.http.routers.dashboard.service=api@internal' - - 'traefik.docker.network=proxy' - - fail2ban: - image: crazymax/fail2ban:latest - container_name: fail2ban - restart: unless-stopped - network_mode: "host" - cap_add: - - NET_ADMIN - - NET_RAW - environment: - - TZ=Europe/Helsinki - volumes: - - /etc/localtime:/etc/localtime:ro - - /docker/traefik/traefik/log:/var/log/traefik:ro - - /docker/traefik/fail2ban:/data - - /docker/gitea/gitea/log/gitea.log:/var/log/gitea:ro - - /docker/homeautomation/home-assistant/home-assistant.log:/var/log/hass - - /mnt/Storage/Nextcloud/nextcloud.log:/var/log/nextcloud:ro -networks: - proxy: - external: true diff --git a/docker/tvheadend/docker-compose.toml b/docker/tvheadend/docker-compose.toml new file mode 100644 index 0000000..c3aef50 --- /dev/null +++ b/docker/tvheadend/docker-compose.toml @@ -0,0 +1,32 @@ +[services] + +[services.tvheadend] +image = "linuxserver/tvheadend" +container_name = "tvheadend" +environment = ["TZ=Europe/Helsinki", "PUID=1000", "PGID=985"] +volumes = [ + "/docker/tvheadend:/config", + "/mnt/Storage/Media/PVR:/recordings", + "/mnt/Storage/picons:/picons", + "/etc/localtime:/etc/localtime:ro", +] +ports = ["9981:9981", "9982:9982"] +devices = ["/dev/dvb:/dev/dvb"] +restart = "unless-stopped" +networks = ["proxy"] +labels = [ + "traefik.enable=true", + "traefik.http.routers.tvheadend-redirect.entrypoints=http", + "traefik.http.routers.tvheadend-redirect.rule=Host(`tvheadend.korhonen.cc`)", + "traefik.http.routers.tvheadend-redirect.middlewares=http2https@file", + "traefik.http.routers.tvheadend.entrypoints=https", + "traefik.http.routers.tvheadend.rule=Host(`tvheadend.korhonen.cc`)", + "traefik.http.routers.tvheadend.service=tvheadend", + "traefik.docker.network=proxy", + "traefik.http.services.tvheadend.loadbalancer.server.port=9981", +] + +[networks] + +[networks.proxy] +external = true diff --git a/docker/tvheadend/docker-compose.yaml b/docker/tvheadend/docker-compose.yaml deleted file mode 100644 index 6c6dabc..0000000 --- a/docker/tvheadend/docker-compose.yaml +++ /dev/null @@ -1,37 +0,0 @@ -services: - tvheadend: - image: linuxserver/tvheadend - container_name: tvheadend - environment: - - TZ=Europe/Helsinki - - PUID=1000 - - PGID=985 - volumes: - - /docker/tvheadend:/config - - /mnt/Storage/Media/PVR:/recordings - - /mnt/Storage/picons:/picons - - /etc/localtime:/etc/localtime:ro - ports: - - 9981:9981 - - 9982:9982 - devices: - - /dev/dvb:/dev/dvb #tuner card - restart: unless-stopped - networks: - - proxy - labels: - - "traefik.enable=true" - - - "traefik.http.routers.tvheadend-redirect.entrypoints=http" - - "traefik.http.routers.tvheadend-redirect.rule=Host(`tvheadend.korhonen.cc`)" - - "traefik.http.routers.tvheadend-redirect.middlewares=http2https@file" - - - "traefik.http.routers.tvheadend.entrypoints=https" - - "traefik.http.routers.tvheadend.rule=Host(`tvheadend.korhonen.cc`)" - - "traefik.http.routers.tvheadend.service=tvheadend" - - "traefik.docker.network=proxy" - - "traefik.http.services.tvheadend.loadbalancer.server.port=9981" - -networks: - proxy: - external: true