docker: url: "https://download.docker.com/linux" apt_release_channel: "stable" directories: config: "/opt/docker/config/" compose: "/opt/docker/compose/" media: "/media/docker/data/" caddy: admin_email: me+acme@tudattr.dev domain: "seyshiro.de" elk_version: 8.17.0 services: - name: syncthing vm: - docker-host00 container_name: syncthing image: syncthing/syncthing restart: unless-stopped volumes: - name: "Data" internal: /var/syncthing/ external: /media/docker/data/syncthing/ ports: - name: "http" internal: 8384 external: 8384 - name: "" internal: 22000 external: 22000 - name: "" internal: 22000 external: 22000 - name: "" internal: 21027 external: 21027 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: status vm: - docker-host00 container_name: kuma image: louislam/uptime-kuma:1 restart: unless-stopped volumes: - name: "Data" internal: /app/data external: /opt/local/kuma/ ports: - name: "http" internal: 3001 external: 3001 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: plex vm: - docker-host00 container_name: plex image: lscr.io/linuxserver/plex:latest restart: unless-stopped volumes: - name: "Configuration" internal: /config external: /opt/local/plex/config/ - name: "TV Series" internal: /tv:ro external: /media/series - name: "Movies" internal: /movies:ro external: /media/movies - name: "Music" internal: /music:ro external: /media/songs devices: - name: "Graphics Card" internal: /dev/dri external: /dev/dri ports: - name: "http" internal: 32400 external: 32400 - name: "" internal: 1900 external: 1900 - name: "" internal: 3005 external: 3005 - name: "" internal: 5353 external: 5353 - name: "" internal: 32410 external: 32410 - name: "" internal: 8324 external: 8324 - name: "" internal: 32412 external: 32412 - name: "" internal: 32469 external: 32469 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - VERSION=docker - name: jellyfin vm: - docker-host02 container_name: jellyfin image: jellyfin/jellyfin restart: "unless-stopped" volumes: - name: "Configuration" internal: /config external: /opt/local/jellyfin/config - name: "Cache" internal: /cache external: "{{ docker.directories.config }}/jellyfin/cache" - name: "Tv Series" internal: /tv:ro external: /media/series - name: "Music" internal: /movies:ro external: /media/movies - name: "Music" internal: /music:ro external: /media/songs devices: - name: "Graphics Card" internal: /dev/dri external: /dev/dri ports: - name: "http" internal: 8096 external: 8096 environment: - name: hass vm: - docker-host02 container_name: homeassistant image: "ghcr.io/home-assistant/home-assistant:stable" restart: unless-stopped privileged: true volumes: - name: "Configuration" internal: /config/ external: /opt/local/home-assistant/config/ - name: "Local Time" internal: /etc/localtime:ro external: /etc/localtime ports: - name: "http" internal: 8123 external: 8123 - name: "" internal: 4357 external: 4357 - name: "" internal: 5683 external: 5683 - name: "" internal: 5683 external: 5683 - name: ddns vm: - docker-host00 container_name: ddns-updater image: ghcr.io/qdm12/ddns-updater restart: unless-stopped volumes: - name: "Configuration" internal: /updater/data/" external: "{{ docker.directories.config }}/ddns-updater/data/" ports: - name: "http" internal: 8000 external: 8001 - name: sonarr vm: - docker-host00 container_name: sonarr image: lscr.io/linuxserver/sonarr:latest restart: unless-stopped volumes: - name: "Configuration" internal: /config external: /opt/local/sonarr/config - name: "Tv Series" internal: /tv external: /media/series - name: "Torrent Downloads" internal: /downloads external: /media/docker/data/arr_downloads/sonarr ports: - name: "http" internal: 8989 external: 8989 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: radarr vm: - docker-host00 container_name: radarr image: lscr.io/linuxserver/radarr:latest restart: unless-stopped volumes: - name: "Configuration" internal: /config external: /opt/local/radarr/config - name: "Movies" internal: /movies external: /media/movies - name: "Torrent Downloads" internal: /downloads external: /media/docker/data/arr_downloads/radarr ports: - name: "http" internal: 7878 external: 7878 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: lidarr vm: - docker-host00 container_name: lidarr image: lscr.io/linuxserver/lidarr:latest restart: unless-stopped volumes: - name: "Configuration" internal: /config external: /opt/local/lidarr/config - name: "Music" internal: /music external: /media/songs - name: "Torrent Downloads" internal: /downloads external: /media/docker/data/arr_downloads/lidarr ports: - name: "http" internal: 8686 external: 8686 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: prowlarr vm: - docker-host00 container_name: prowlarr image: lscr.io/linuxserver/prowlarr:latest restart: unless-stopped volumes: - name: "Configuration" internal: /config external: /opt/local/prowlarr/config ports: - name: "http" internal: 9696 external: 9696 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: paperless vm: - docker-host00 container_name: paperless image: ghcr.io/paperless-ngx/paperless-ngx:latest restart: unless-stopped depends_on: - paperless-postgres - paperless-broker volumes: - name: "Configuration" internal: /usr/src/paperless/data external: /opt/local/paperless/data/data - name: "Media" internal: /usr/src/paperless/media external: /opt/local/paperless/data/media - name: "Document Export" internal: /usr/src/paperless/export external: /opt/local/paperless/data/export - name: "Document Consume" internal: /usr/src/paperless/consume external: /opt/local/paperless/data/consume environment: - "PAPERLESS_REDIS=redis://paperless-broker:6379" - "PAPERLESS_DBHOST=paperless-postgres" - "PAPERLESS_DBUSER=paperless" - "PAPERLESS_DBPASS={{ vault.docker.paperless.dbpass }}" - "USERMAP_UID=1000" - "USERMAP_GID=1000" - "PAPERLESS_URL=https://paperless.{{ domain }}" - "PAPERLESS_TIME_ZONE=Europe/Berlin" - "PAPERLESS_OCR_LANGUAGE=deu" ports: - name: "http" internal: 8000 external: 8000 - name: pdf vm: - docker-host00 container_name: stirling image: frooodle/s-pdf:latest restart: unless-stopped ports: - name: "http" internal: 8080 external: 8080 - name: git vm: - docker-host02 container_name: gitea image: gitea/gitea:1.23.1-rootless restart: unless-stopped volumes: - name: "Configuration" internal: /etc/gitea external: /opt/local/gitea/config - name: "Data" internal: /var/lib/gitea external: /opt/local/gitea/data - name: "Time Zone" internal: /etc/timezone:ro external: /etc/timezone - name: "Local Time" internal: /etc/localtime:ro external: /etc/localtime ports: - name: "http" internal: 3000 external: 3000 - name: "ssh" internal: 2222 external: 2222 environment: - USER_UID=1000 - USER_GID=1000 - name: changedetection vm: - docker-host00 container_name: changedetection image: dgtlmoon/changedetection.io restart: unless-stopped volumes: - name: "Data" internal: /datastore external: "{{ docker.directories.config }}/changedetection/data/" ports: - name: "http" internal: 5000 external: 5000 - name: gluetun vm: - docker-host00 container_name: gluetun image: qmcgaw/gluetun restart: unless-stopped cap_add: - NET_ADMIN devices: - name: "Tunnel" internal: /dev/net/tun external: /dev/net/tun volumes: - name: "Configuration" internal: /gluetun external: "{{ docker.directories.config }}/gluetun/config" ports: - name: "Qbit Client" internal: 8082 external: 8082 - name: "Torrentleech Client" internal: 8083 external: 8083 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - VPN_SERVICE_PROVIDER=protonvpn - UPDATER_VPN_SERVICE_PROVIDERS=protonvpn - UPDATER_PERIOD=24h - "SERVER_COUNTRIES={{ vault.docker.proton.country }}" - "OPENVPN_USER={{ vault.docker.proton.openvpn_user }}" - "OPENVPN_PASSWORD={{ vault.docker.proton.openvpn_password }}" - name: torrentleech vm: - docker-host00 container_name: torrentleech image: qbittorrentofficial/qbittorrent-nox restart: unless-stopped depends_on: - gluetun network_mode: "container:gluetun" volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.config }}/torrentleech/config" - name: "Downloads" internal: /downloads external: /media/docker/data/arr_downloads ports: - name: "http" internal: proxy_only external: 8083 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - QBT_EULA="accept" - QBT_WEBUI_PORT="8083" - name: qbit vm: - docker-host00 container_name: qbit image: qbittorrentofficial/qbittorrent-nox restart: unless-stopped depends_on: - gluetun network_mode: "container:gluetun" volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.config }}/qbit/config" - name: "Downloads" internal: /downloads external: /media/docker/data/arr_downloads ports: - name: "http" internal: proxy_only external: 8082 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - QBT_EULA="accept" - QBT_WEBUI_PORT="8082" - name: cadvisor vm: - docker-host00 - docker-host01 - docker-host02 container_name: cadvisor image: gcr.io/cadvisor/cadvisor:latest restart: unless-stopped ports: - name: "" internal: 8080 external: 8081 volumes: - name: "Root" internal: /rootfs:ro external: / - name: "Run" internal: /var/run:rw external: /var/run - name: "System" internal: /sys:ro external: /sys - name: "Docker" internal: /var/lib/docker:ro external: /var/lib/docker - name: elasticsearch vm: - docker-host01 container_name: elasticsearch image: "docker.elastic.co/elasticsearch/elasticsearch:{{ elk_version }}" restart: unless-stopped ports: - name: "" internal: 9200 external: 9200 - name: "" internal: 9300 external: 9300 volumes: - name: "data" internal: /usr/share/elasticsearch/data external: "{{ docker.directories.config }}/elk/elasticsearch/data" - name: "certs" internal: /usr/share/elasticsearch/config/certs external: "{{ docker.directories.config }}/elk/certs" environment: - node.name=elasticsearch - cluster.name=docker-cluster - discovery.type=single-node - "ELASTIC_PASSWORD={{ vault.docker.elk.elastic.password }}" - xpack.security.enabled=true - xpack.security.authc.api_key.enabled=true - xpack.security.http.ssl.enabled=true - xpack.security.http.ssl.key=certs/elasticsearch.key - xpack.security.http.ssl.certificate=certs/elasticsearch.crt - xpack.security.http.ssl.certificate_authorities=certs/ca.crt - xpack.security.transport.ssl.enabled=true - xpack.security.transport.ssl.verification_mode=certificate - xpack.security.transport.ssl.key=certs/elasticsearch.key - xpack.security.transport.ssl.certificate=certs/elasticsearch.crt - xpack.security.transport.ssl.certificate_authorities=certs/ca.crt - name: kibana vm: - docker-host01 container_name: kibana image: "docker.elastic.co/kibana/kibana:{{ elk_version }}" restart: unless-stopped ports: - name: "http" internal: 5601 external: 5601 volumes: - name: "certs" internal: /usr/share/kibana/config/certs external: "{{ docker.directories.config }}/elk/certs/" environment: - ELASTICSEARCH_HOSTS=["https://elasticsearch:9200"] - ELASTICSEARCH_USERNAME=kibana_system - ELASTICSEARCH_PASSWORD={{ vault.docker.elk.elastic.password }} - SERVER_SSL_ENABLED=true - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/certs/kibana.crt - SERVER_SSL_KEY=/usr/share/kibana/config/certs/kibana.key