docker: url: "https://download.docker.com/linux" apt_release_channel: "stable" directories: local: "/opt/local/" config: "/opt/docker/config/" compose: "/opt/docker/compose/" services: - name: syncthing vm: - docker-host00 container_name: syncthing image: syncthing/syncthing:1.29 restart: unless-stopped volumes: - name: "Data" internal: /var/syncthing/ external: /media/docker/data/syncthing/ ports: - name: "http" internal: 8384 external: "{{ services_external_http.syncthing }}" - name: "" internal: 22000 external: 22000 - name: "" internal: 22000 external: 22000 - name: "" internal: 21027 external: 21027 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: status vm: - docker-host00 container_name: kuma image: louislam/uptime-kuma:1.23.16 restart: unless-stopped volumes: - name: "Data" internal: /app/data external: "{{ docker.directories.local }}/kuma/" ports: - name: "http" internal: 3001 external: "{{ services_external_http.kuma }}" environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: plex vm: - docker-host00 container_name: plex image: lscr.io/linuxserver/plex:1.41.5 restart: unless-stopped volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/plex/config/" - name: "TV Series" internal: /tv:ro external: /media/series - name: "Movies" internal: /movies:ro external: /media/movies - name: "Music" internal: /music:ro external: /media/songs devices: - name: "Graphics Card" internal: /dev/dri external: /dev/dri ports: - name: "http" internal: 32400 external: "{{ services_external_http.plex }}" - name: "" internal: 1900 external: 1900 - name: "" internal: 3005 external: 3005 - name: "" internal: 5353 external: 5353 - name: "" internal: 32410 external: 32410 - name: "" internal: 8324 external: 8324 - name: "" internal: 32412 external: 32412 - name: "" internal: 32469 external: 32469 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - VERSION=docker - name: jellyfin vm: - docker-host01 container_name: jellyfin image: jellyfin/jellyfin:10.10 restart: "unless-stopped" volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/jellyfin/config" - name: "Cache" internal: /cache external: "{{ docker.directories.config }}/jellyfin/cache" - name: "Tv Series" internal: /tv:ro external: /media/series - name: "Music" internal: /movies:ro external: /media/movies - name: "Music" internal: /music:ro external: /media/songs devices: - name: "Graphics Card" internal: /dev/dri external: /dev/dri ports: - name: "http" internal: 8096 external: "{{ services_external_http.jellyfin }}" environment: - name: hass vm: - docker-host01 container_name: homeassistant image: "ghcr.io/home-assistant/home-assistant:stable" restart: unless-stopped privileged: true volumes: - name: "Configuration" internal: /config/ external: "{{ docker.directories.local }}/home-assistant/config/" - name: "Local Time" internal: /etc/localtime:ro external: /etc/localtime ports: - name: "http" internal: 8123 external: "{{ services_external_http.hass }}" - name: "" internal: 4357 external: 4357 - name: "" internal: 5683 external: 5683 - name: "" internal: 5683 external: 5683 - name: ddns vm: - docker-host00 container_name: ddns-updater image: qmcgaw/ddns-updater:2 restart: unless-stopped volumes: - name: "Configuration" internal: /updater/data/" external: "{{ docker.directories.config }}/ddns-updater/data/" ports: - name: "http" internal: 8000 external: "{{ services_external_http.ddns }}" - name: sonarr vm: - docker-host00 container_name: sonarr image: linuxserver/sonarr:4.0.14 restart: unless-stopped volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/sonarr/config" - name: "Tv Series" internal: /tv external: /media/series - name: "Torrent Downloads" internal: /downloads external: /media/docker/data/arr_downloads/sonarr ports: - name: "http" internal: 8989 external: "{{ services_external_http.sonarr }}" environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: radarr vm: - docker-host00 container_name: radarr image: linuxserver/radarr:5.21.1 restart: unless-stopped volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/radarr/config" - name: "Movies" internal: /movies external: /media/movies - name: "Torrent Downloads" internal: /downloads external: /media/docker/data/arr_downloads/radarr ports: - name: "http" internal: 7878 external: "{{ services_external_http.radarr }}" environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: lidarr vm: - docker-host00 container_name: lidarr image: linuxserver/lidarr:2.10.3 restart: unless-stopped volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/lidarr/config" - name: "Music" internal: /music external: /media/songs - name: "Torrent Downloads" internal: /downloads external: /media/docker/data/arr_downloads/lidarr ports: - name: "http" internal: 8686 external: "{{ services_external_http.lidarr }}" environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: prowlarr vm: - docker-host00 container_name: prowlarr image: linuxserver/prowlarr:1.32.2 restart: unless-stopped volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/prowlarr/config" ports: - name: "http" internal: 9696 external: "{{ services_external_http.prowlarr }}" environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: paperless vm: - docker-host00 container_name: paperless image: ghcr.io/paperless-ngx/paperless-ngx:2.14 restart: unless-stopped depends_on: - paperless-postgres - paperless-broker volumes: - name: "Configuration" internal: /usr/src/paperless/data external: "{{ docker.directories.local }}/paperless/data/data" - name: "Media" internal: /usr/src/paperless/media external: "{{ docker.directories.local }}/paperless/data/media" - name: "Document Export" internal: /usr/src/paperless/export external: "{{ docker.directories.local }}/paperless/data/export" - name: "Document Consume" internal: /usr/src/paperless/consume external: "{{ docker.directories.local }}/paperless/data/consume" environment: - "PAPERLESS_REDIS=redis://paperless-broker:6379" - "PAPERLESS_DBHOST=paperless-postgres" - "PAPERLESS_DBUSER=paperless" - "PAPERLESS_DBPASS={{ vault.docker.paperless.dbpass }}" - "USERMAP_UID=1000" - "USERMAP_GID=1000" - "PAPERLESS_URL=https://paperless.{{ domain }}" - "PAPERLESS_TIME_ZONE=Europe/Berlin" - "PAPERLESS_OCR_LANGUAGE=deu" ports: - name: "http" internal: 8000 external: "{{ services_external_http.paperless }}" - name: pdf vm: - docker-host00 container_name: stirling image: frooodle/s-pdf:0.45.0 restart: unless-stopped ports: - name: "http" internal: 8080 external: "{{ services_external_http.pdf }}" - name: git vm: - docker-host01 container_name: gitea image: gitea/gitea:1.23-rootless restart: unless-stopped volumes: - name: "Configuration" internal: /etc/gitea external: "{{ docker.directories.local }}/gitea/config" - name: "Data" internal: /var/lib/gitea external: "{{ docker.directories.local }}/gitea/data" - name: "Time Zone" internal: /etc/timezone:ro external: /etc/timezone - name: "Local Time" internal: /etc/localtime:ro external: /etc/localtime ports: - name: "http" internal: 3000 external: "{{ services_external_http.git }}" - name: "ssh" internal: 2222 external: 2222 environment: - USER_UID=1000 - USER_GID=1000 - name: changedetection vm: - docker-host00 container_name: changedetection image: dgtlmoon/changedetection.io:0.49 restart: unless-stopped volumes: - name: "Data" internal: /datastore external: "{{ docker.directories.config }}/changedetection/data/" ports: - name: "http" internal: 5000 external: "{{ services_external_http.changedetection }}" - name: gluetun vm: - docker-host00 container_name: gluetun image: qmcgaw/gluetun:v3.40 restart: unless-stopped cap_add: - NET_ADMIN devices: - name: "Tunnel" internal: /dev/net/tun external: /dev/net/tun volumes: - name: "Configuration" internal: /gluetun external: "{{ docker.directories.config }}/gluetun/config" ports: - name: "Qbit Client" internal: 8082 external: 8082 - name: "Torrentleech Client" internal: 8083 external: 8083 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - VPN_SERVICE_PROVIDER=protonvpn - UPDATER_VPN_SERVICE_PROVIDERS=protonvpn - UPDATER_PERIOD=24h - "SERVER_COUNTRIES={{ vault.docker.proton.country }}" - "OPENVPN_USER={{ vault.docker.proton.openvpn_user }}" - "OPENVPN_PASSWORD={{ vault.docker.proton.openvpn_password }}" - name: torrentleech vm: - docker-host00 container_name: torrentleech image: qbittorrentofficial/qbittorrent-nox restart: unless-stopped depends_on: - gluetun network_mode: "container:gluetun" volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.config }}/torrentleech/config" - name: "Downloads" internal: /downloads external: /media/docker/data/arr_downloads ports: - name: "http" internal: proxy_only external: 8083 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - QBT_EULA="accept" - QBT_WEBUI_PORT="8083" - name: qbit vm: - docker-host00 container_name: qbit image: qbittorrentofficial/qbittorrent-nox:5.0.4-1 restart: unless-stopped depends_on: - gluetun network_mode: "container:gluetun" volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.config }}/qbit/config" - name: "Downloads" internal: /downloads external: /media/docker/data/arr_downloads ports: - name: "http" internal: proxy_only external: 8082 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - QBT_EULA="accept" - QBT_WEBUI_PORT="8082" - name: cadvisor vm: - docker-host00 - docker-host01 container_name: cadvisor image: gcr.io/cadvisor/cadvisor:v0.52.1 restart: unless-stopped ports: - name: "" internal: 8080 external: 8081 volumes: - name: "Root" internal: /rootfs:ro external: / - name: "Run" internal: /var/run:rw external: /var/run - name: "System" internal: /sys:ro external: /sys - name: "Docker" internal: /var/lib/docker:ro external: /var/lib/docker - name: karakeep vm: - docker-host01 container_name: karakeep image: ghcr.io/karakeep-app/karakeep:0.23.2 restart: unless-stopped ports: - name: "http" internal: 3000 external: "{{ services_external_http.karakeep }}" volumes: - name: "Data" internal: /data external: "{{ docker.directories.local }}/karakeep/config" environment: - MEILI_ADDR=http://karakeep-meilisearch:7700 - BROWSER_WEB_URL=http://karakeep-chrome:9222 - NEXTAUTH_SECRET={{ vault.docker.karakeep.nextauth_secret }} - MEILI_MASTER_KEY={{ vault.docker.karakeep.meili_master_key }} - NEXTAUTH_URL=https://karakeep.tudattr.dev/ - OPENAI_API_KEY={{ vault.docker.karakeep.openai_key }} - DATA_DIR=/data - DISABLE_SIGNUPS=true - name: keycloak vm: - docker-host01 container_name: keycloak image: quay.io/keycloak/keycloak:26.2 restart: unless-stopped ports: - name: "http" internal: 8080 external: "{{ services_external_http.keycloak }}" volumes: - name: "config" internal: /opt/keycloak/data/import/homelab-realm.json external: "{{ docker.directories.local }}/keycloak/homelab-realm.json" command: - "start" - "--import-realm" environment: - KC_DB=postgres - KC_DB_URL=jdbc:postgresql://postgres:5432/keycloak - KC_DB_USERNAME=keycloak - KC_DB_PASSWORD=password - KC_HOSTNAME=keycloak.{{ internal_domain }} - KC_HTTP_ENABLED=true - KC_HTTP_RELATIVE_PATH=/ - KC_PROXY=edge - KC_PROXY_HEADERS=xforwarded - KC_HOSTNAME_URL=https://keycloak.{{ internal_domain }} - KC_HOSTNAME_ADMIN_URL=https://keycloak.{{ internal_domain }} - KC_BOOTSTRAP_ADMIN_USERNAME=serviceadmin-{{ keycloak_admin_hash }} - KC_BOOTSTRAP_ADMIN_PASSWORD={{ vault.docker.keycloak.admin.password }