version: '3' services: db: container_name: zoneminder_db image: mariadb restart: always networks: - zoneminder volumes: - "/etc/localtime:/etc/localtime:ro" - "{{ zoneminder_config}}/db:/var/lib/mysql" environment: - "MYSQL_DATABASE=zm" - "MYSQL_ROOT_PASSWORD={{ vault_mysql_root_password }}" - "MYSQL_USER={{ mysql_user }}" - "MYSQL_PASSWORD={{ vault_mysql_user_password }}" - "MAX_LOG_SIZE_BYTES=1000000" - "MAX_LOG_NUMBER=20" - "TZ=Europe/Berlin" zoneminder: container_name: zoneminder image: ghcr.io/zoneminder-containers/zoneminder-base:latest restart: always stop_grace_period: 45s depends_on: - db ports: - 80:80 networks: - zoneminder - net volumes: - "/etc/localtime:/etc/localtime:ro" - "{{ zoneminder_data }}:/data" - "{{ zoneminder_config }}/config:/config" - "{{ zoneminder_config }}/log:/log" - type: tmpfs target: /dev/shm tmpfs: size: 1000000000 environment: - "MYSQL_DATABASE=zm" - "MYSQL_ROOT_PASSWORD={{ vault_mysql_root_password }}" - "MYSQL_USER={{ mysql_user }}" - "MYSQL_PASSWORD={{ vault_mysql_user_password }}" - "MAX_LOG_SIZE_BYTES=1000000" - "MAX_LOG_NUMBER=20" - "TZ=Europe/Berlin" pihole: container_name: pihole image: pihole/pihole:latest restart: unless-stopped networks: - net ports: - "53:53/tcp" - "53:53/udp" - "67:67/udp" - "8089:80/tcp" environment: - "WEBPASSWORD={{ vault_aya01_pihole_password }}" - "ServerIP={{aya01_ip}}" - "INTERFACE=eth0" - "DNS1=1.1.1.1" - "DNS1=1.0.0.1" volumes: - "/etc/localtime:/etc/localtime:ro" - "{{ pihole_pihole }}:/etc/pihole/" - "{{ pihole_dnsmasq }}:/etc/dnsmasq.d/" dns: - 127.0.0.1 - 1.1.1.1 cap_add: - NET_ADMIN labels: - "traefik.enable=true" - "traefik.http.routers.pihole.rule=Host(`pihole.{{local_domain}}`)" - "traefik.http.routers.pihole.entrypoints=web" - "traefik.http.services.pihole.loadbalancer.server.port=8089" syncthing: image: syncthing/syncthing container_name: syncthing hostname: syncthing networks: - net environment: - "PUID={{ puid }}" - "PGID={{ pgid }}" volumes: - "{{syncthing_data}}:/var/syncthing" ports: - 8384:8384 # Web UI - 22000:22000/tcp # TCP file transfers - 22000:22000/udp # QUIC file transfers - 21027:21027/udp # Receive local discovery broadcasts restart: unless-stopped grafana: image: grafana/grafana-oss container_name: grafana hostname: grafana user: "{{ puid }}:{{ pgid }}" networks: - net environment: - "GF_LOG_MODE=console file" volumes: - "{{ grafana_data }}:/var/lib/grafana/" - "{{ grafana_log }}:/var/log/grafana/" ports: - 3000:3000 soft-serve: image: charmcli/soft-serve:latest container_name: soft-serve networks: - net volumes: - "{{ softserve_data }}:/soft-serve" ports: - 23231:23231 restart: unless-stopped prometheus: image: prom/prometheus container_name: prometheus networks: - net volumes: - "{{ prm_config }}:/etc/prometheus" ports: - "{{ prm_port }}:9090" exporter_mikrotik: container_name: exporter_mikrotik user: "{{ puid }}:{{ pgid }}" image: "nshttpd/mikrotik-exporter:{{ e_mikrotik_version }}" networks: - net volumes: - "{{ e_mikrotik_config }}:/config" environment: - "CONFIG_FILE=/config/config.yml" ports: - "{{ e_mikrotik_port }}:9436" restart: unless-stopped netdata: image: netdata/netdata container_name: netdata hostname: "{{ aya01_host }}" networks: - net ports: - "{{netdata_port}}:19999" restart: unless-stopped cap_add: - SYS_PTRACE security_opt: - apparmor:unconfined volumes: - "{{netdata_config}}:/etc/netdata" - "{{netdata_lib}}:/var/lib/netdata" - "{{netdata_cache}}:/var/cache/netdata" - /etc/passwd:/host/etc/passwd:ro - /etc/group:/host/etc/group:ro - /proc:/host/proc:ro - /sys:/host/sys:ro - /etc/os-release:/host/etc/os-release:ro networks: zoneminder: net: driver: bridge ipam: driver: default config: - subnet: 172.16.69.0/24 ip_range: 172.28.69.0/24 gateway: 172.16.69.1