zware/DockerSetup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
eb8ddd488f3da6ed698e48a336829f85427c91f8
DockerSetup/docker-compose.yml
ZwareBear eb8ddd488f Update docker-compose.yml 
Pull repo up to match whats running.
2025-06-20 15:51:53 -05:00

471 lines
16 KiB
YAML
Raw Blame History

# /opt/docker-compose.yml
# edited via neovim
---
services:
#Plex server stats page
tautulli:
image: linuxserver/tautulli:latest
container_name: tautulli
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
volumes:
- /opt/appdata/tautulli:/config
- /opt/appdata/tautulli/Library/Application\ Support/Plex\ Media\ Server/Logs:/logs
ports:
- 8181:8181
networks:
- traefik_proxy1
labels:
- "traefik.enable=true"
- "traefik.backend=tautulli"
- "traefik.frontend.rule=Host:plexstats.${DOMAINNAME}"
- "traefik.port=8181"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "docker.group=external"
restart: unless-stopped
#Grabber, manage TV shows
sonarr:
image: linuxserver/sonarr:latest
container_name: sonarr
volumes:
- /opt/appdata/sonarr:/config
- /mnt/storage/tv:/tv
- /downloads/:/downloads
- /download_portable/:/download_portable
#- /downloads/complete/tv_import:/tv_import
ports:
- 27021:8989
networks:
- traefik_proxy1
labels:
- "traefik.enable=true"
- "traefik.backend=sonarr"
- "traefik.frontend.rule=Host:sonarr.${DOMAINNAME}" #
- "traefik.port=8989"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "docker.group=external"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
#Grabber, manage movies
radarr:
image: linuxserver/radarr:latest
container_name: radarr
volumes:
- /opt/appdata/radarr:/config
- /downloads:/downloads
- /mnt/storage/movies:/movies
- /downloads/watch:/watch
- /download_portable/:/download_portable
ports:
- 7878:7878
networks:
- traefik_proxy1
labels:
- "traefik.enable=true"
- "traefik.backend=radarr"
- "traefik.frontend.rule=Host:radarr.${DOMAINNAME}" #
- "traefik.port=7878"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "docker.group=external"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
#Manager, Used to maintain docker containers
portainer:
image: portainer/portainer:latest
container_name: portainer
ports:
- 9000:9000
volumes:
- /opt/appdata/portainer:/data
- /var/run/docker.sock:/var/run/docker.sock
- /opt/appdata/shared:/shared
environment:
- TZ=${TZ}
networks:
- traefik_proxy1
labels:
- "traefik.enable=false"
- "traefik.backend=portainer"
- "traefik.frontend.rule=Host:portainer.${DOMAINNAME}"
- "traefik.port=9000"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "docker.group=internal"
restart:
always
#Indexer, Used by managers to query sites for content
jackett:
image: linuxserver/jackett:latest
container_name: jackett
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
volumes:
- /opt/appdata/jackett:/config
- /downloads:/downloads
ports:
- 9117:9117
networks:
- traefik_proxy1
labels:
- "traefik.enable=true"
- "traefik.backend=jackett"
- "traefik.frontend.rule=Host:jackett.${DOMAINNAME}" #
- "traefik.port=9117"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "docker.group=internal"
restart: always
#Reverse Proxy, Used to route applications to domain
traefik:
hostname: traefik
image: traefik:v1.7
container_name: traefik
restart: always
domainname: ${DOMAINNAME}
networks:
- default
- traefik_proxy1
ports:
- "80:80"
- "443:443"
- "8080:8080"
labels:
- "traefik.enable=true"
- "traefik.backend=traefik"
- "traefik.frontend.rule=Host:traefik.${DOMAINNAME}"
- "traefik.port=80"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "traefik.frontend.auth.basic.users=${HTTP_USERNAME}:${HTTP_PASSWORD}"
- "docker.group=internal"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /home/dockeruser/traefik:/etc/traefik
- /opt/appdata/shared:/shared
- /opt/appdata/traefik:/var/log
- /opt/appdata/traefik/tmp:/tmp
#fail2ban - ban IPs after so many failed attempts
fail2ban:
hostname: fail2ban
image: crazymax/fail2ban:latest
container_name: fail2ban
network_mode: "host"
cap_add:
- NET_ADMIN
- NET_RAW
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
volumes:
- /var/log:/var/log:ro
- /opt/appdata/fail2ban/data:/data
- /opt/appdata/shared:/shared
- /opt/appdata/traefik:/var/log/traefik
restart: always
#Downloader, pull in content from torrents & hide traffic behind VPN
arch-deluge:
image: binhex/arch-delugevpn:latest
container_name: arch-deluge
ports:
- 8112:8112
- 8118:8118
- 58846:58846
- 58946:58946
cap_add:
- NET_ADMIN
networks:
- traefik_proxy1
volumes:
- /opt/appdata/arch-deluge:/config
- /downloads:/downloads
- /download_portable/complete:/downloads/complete
- /mnt/storage:/mnt/storage
- /opt/appdata/shared:/shared
- /opt/appdata/arch-deluge/data:/data
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
- VPN_ENABLED=yes
- VPN_USER=${VPN_USER}
- VPN_PASS=${VPN_PASS}
- VPN_PROV=custom
#- VPN_OPTIONS=<additional openvpn cli options>
- STRICT_PORT_FORWARD=yes
- ENABLE_PRIVOXY=yes
- LAN_NETWORK=192.168.0.100/24
- NAME_SERVERS=103.86.96.100, 103.86.99.100
- DELUGE_DAEMON_LOG_LEVEL=error
- DELUGE_WEB_LOG_LEVEL=error
- DEBUG=true
- UMASK=000
labels:
- "traefik.enable=true"
- "traefik.backend=arch-deluge"
- "traefik.frontend.rule=Host:deluge.${DOMAINNAME}"
- "traefik.port=8112"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "docker.group=external"
privileged: true
restart: unless-stopped
#updated version of plex requests
ombi:
image: linuxserver/ombi
container_name: ombi
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
- BASE_URL=/ombi #optional
volumes:
- /opt/appdata/ombi:/config
- /opt/appdata/shared:/shared
networks:
- traefik_proxy1
labels:
- "traefik.enable=true"
- "traefik.backend=ombi"
- "traefik.frontend.rule=Host:requests.${DOMAINNAME}" #
- "traefik.port=3579"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "docker.group=external"
ports:
- 3579:3579
restart: unless-stopped
#NZBGet - usenet downloader
nzbget:
image: linuxserver/nzbget:latest
container_name: nzbget
volumes:
- /opt/appdata/nzbget/config:/config
- /opt/appdata/nzbget/data:/data
- /downloads:/downloads
- /opt/appdata/shared:/shared
ports:
- 27020:6789
networks:
- traefik_proxy1
labels:
- "traefik.enable=true"
- "traefik.backend=nzbget"
- "traefik.frontend.rule=Host:nzbget.${DOMAINNAME}" #
- "traefik.port=6789"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "docker.group=external"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
gitea:
image: gitea/gitea:latest
container_name: gitea
environment:
- USER_UID=${PUID}
- USER_GID=${PGID}
restart: always
networks:
- traefik_proxy1
labels:
- "traefik.enable=true"
- "traefik.backend=gitea"
- "traefik.frontend.rule=Host:gitea.${DOMAINNAME}" #
- "traefik.port=3000"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "docker.group=external"
volumes:
- /opt/appdata/gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "222:22"
book-readarr:
image: lscr.io/linuxserver/readarr:develop
container_name: book-readarr
volumes:
- /opt/appdata/book-readarr:/config
- /downloads:/downloads
- /mnt/storage/books:/books
- /downloads/watch:/watch
- /download_portable/:/download_portable
ports:
- 8787:8787
networks:
- traefik_proxy1
labels:
- "traefik.enable=true"
- "traefik.backend=book-readarr"
- "traefik.frontend.rule=Host:book-readarr.${DOMAINNAME}" #
- "traefik.port=8787"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "docker.group=external"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
audio-readarr:
image: lscr.io/linuxserver/readarr:develop
container_name: audio-readarr
volumes:
- /opt/appdata/audio-readarr:/config
- /downloads:/downloads
- /mnt/storage/books:/books
- /downloads/watch:/watch
- /download_portable/:/download_portable
ports:
- 8888:8787
networks:
- traefik_proxy1
labels:
- "traefik.enable=true"
- "traefik.backend=audio-readarr"
- "traefik.frontend.rule=Host:audio-readarr.${DOMAINNAME}" #
- "traefik.port=8787"
- "traefik.docker.network=traefik_proxy1"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "docker.group=external"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
calibre:
image: lscr.io/linuxserver/calibre:latest
container_name: calibre
volumes:
- /opt/appdata/calibre:/config
- /mnt/storage/books:/books
ports:
- 8090:8080
- 8191:8181
- 8091:8081
networks:
- traefik_proxy1
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
#Networks, Needed for Traefik
networks:
traefik_proxy1:
#external: true
default:
driver: bridge
Reference in New Issue View Git Blame Copy Permalink