docker: url: "https://download.docker.com/linux" apt_release_channel: "stable" directories: local: "/opt/local/" config: "/opt/docker/config/" compose: "/opt/docker/compose/" services: - name: status vm: - docker-host12 container_name: kuma image: louislam/uptime-kuma:1.23.16 volumes: - name: "Data" internal: /app/data external: "{{ docker.directories.local }}/kuma/" ports: - name: "http" internal: 3001 external: "{{ services_external_http.kuma }}" environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: plex vm: - docker-host10 container_name: plex image: lscr.io/linuxserver/plex:1.41.5 volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/plex/config/" - name: "TV Series" internal: /tv:ro external: /media/series - name: "Movies" internal: /movies:ro external: /media/movies - name: "Music" internal: /music:ro external: /media/songs devices: - name: "Graphics Card" internal: /dev/dri external: /dev/dri ports: - name: "http" internal: 32400 external: "{{ services_external_http.plex }}" - name: "" internal: 1900 external: 1900 - name: "" internal: 3005 external: 3005 - name: "" internal: 5353 external: 5353 - name: "" internal: 32410 external: 32410 - name: "" internal: 8324 external: 8324 - name: "" internal: 32412 external: 32412 - name: "" internal: 32469 external: 32469 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - VERSION=docker - name: jellyfin vm: - docker-host11 container_name: jellyfin image: jellyfin/jellyfin:10.10 volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/jellyfin/config" - name: "Cache" internal: /cache external: "{{ docker.directories.config }}/jellyfin/cache" - name: "Tv Series" internal: /tv:ro external: /media/series - name: "Music" internal: /movies:ro external: /media/movies - name: "Music" internal: /music:ro external: /media/songs devices: - name: "Graphics Card" internal: /dev/dri external: /dev/dri ports: - name: "http" internal: 8096 external: "{{ services_external_http.jellyfin }}" environment: - name: hass vm: - docker-host11 container_name: homeassistant image: "ghcr.io/home-assistant/home-assistant:stable" privileged: true volumes: - name: "Configuration" internal: /config/ external: "{{ docker.directories.local }}/home-assistant/config/" - name: "Local Time" internal: /etc/localtime:ro external: /etc/localtime ports: - name: "http" internal: 8123 external: "{{ services_external_http.hass }}" - name: "" internal: 4357 external: 4357 - name: "" internal: 5683 external: 5683 - name: "" internal: 5683 external: 5683 - name: ddns vm: - docker-host12 container_name: ddns-updater image: qmcgaw/ddns-updater:2 volumes: - name: "Configuration" internal: /updater/data/ external: "{{ docker.directories.local }}/ddns-updater/data/" ports: - name: "http" internal: 8000 external: "{{ services_external_http.ddns }}" - name: sonarr vm: - docker-host12 container_name: sonarr image: linuxserver/sonarr:4.0.14 volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/sonarr/config" - name: "Tv Series" internal: /tv external: /media/series - name: "Torrent Downloads" internal: /downloads external: /media/docker/data/arr_downloads/sonarr ports: - name: "http" internal: 8989 external: "{{ services_external_http.sonarr }}" environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: radarr vm: - docker-host12 container_name: radarr image: linuxserver/radarr:5.21.1 volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/radarr/config" - name: "Movies" internal: /movies external: /media/movies - name: "Torrent Downloads" internal: /downloads external: /media/docker/data/arr_downloads/radarr ports: - name: "http" internal: 7878 external: "{{ services_external_http.radarr }}" environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: lidarr vm: - docker-host12 container_name: lidarr image: linuxserver/lidarr:2.10.3 volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/lidarr/config" - name: "Music" internal: /music external: /media/songs - name: "Torrent Downloads" internal: /downloads external: /media/docker/data/arr_downloads/lidarr ports: - name: "http" internal: 8686 external: "{{ services_external_http.lidarr }}" environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: prowlarr vm: - docker-host12 container_name: prowlarr image: linuxserver/prowlarr:1.32.2 volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/prowlarr/config" ports: - name: "http" internal: 9696 external: "{{ services_external_http.prowlarr }}" environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - name: paperless vm: - docker-host12 container_name: paperless image: ghcr.io/paperless-ngx/paperless-ngx:2.14 depends_on: - paperless-postgres - paperless-redis volumes: - name: "Configuration" internal: /usr/src/paperless/data external: "{{ docker.directories.local }}/paperless/data/data" - name: "Media" internal: /usr/src/paperless/media external: "{{ docker.directories.local }}/paperless/data/media" - name: "Document Export" internal: /usr/src/paperless/export external: "{{ docker.directories.local }}/paperless/data/export" - name: "Document Consume" internal: /usr/src/paperless/consume external: "{{ docker.directories.local }}/paperless/data/consume" environment: - "PAPERLESS_REDIS=redis://paperless-redis:6379" - "PAPERLESS_DBHOST=paperless-postgres" - "PAPERLESS_DBUSER=paperless" - "PAPERLESS_DBPASS={{ vault_docker.paperless.dbpass }}" - "USERMAP_UID=1000" - "USERMAP_GID=1000" - "PAPERLESS_URL=https://paperless.{{ domain }}" - "PAPERLESS_TIME_ZONE=Europe/Berlin" - "PAPERLESS_OCR_LANGUAGE=deu" ports: - name: "http" internal: 8000 external: "{{ services_external_http.paperless }}" sub_service: - name: postgres version: 15 username: paperless password: "{{ vault_docker.paperless.dbpass }}" - name: redis version: 7 - name: pdf vm: - docker-host12 container_name: stirling image: frooodle/s-pdf:0.45.0 ports: - name: "http" internal: 8080 external: "{{ services_external_http.pdf }}" - name: git vm: - docker-host11 container_name: gitea image: gitea/gitea:1.23-rootless volumes: - name: "Configuration" internal: /etc/gitea external: "{{ docker.directories.local }}/gitea/config" - name: "Data" internal: /var/lib/gitea external: "{{ docker.directories.local }}/gitea/data" - name: "Time Zone" internal: /etc/timezone:ro external: /etc/timezone - name: "Local Time" internal: /etc/localtime:ro external: /etc/localtime ports: - name: "http" internal: 3000 external: "{{ services_external_http.git }}" - name: "ssh" internal: 2222 external: 2222 environment: - USER_UID=1000 - USER_GID=1000 - name: changedetection vm: - docker-host12 container_name: changedetection image: dgtlmoon/changedetection.io:0.49 healthcheck: curl volumes: - name: "Data" internal: /datastore external: "{{ docker.directories.local }}/changedetection/data/" ports: - name: "http" internal: 5000 external: "{{ services_external_http.changedetection }}" - name: gluetun vm: - docker-host12 container_name: gluetun image: qmcgaw/gluetun:v3.40 cap_add: - NET_ADMIN devices: - name: "Tunnel" internal: /dev/net/tun external: /dev/net/tun volumes: - name: "Configuration" internal: /gluetun external: "{{ docker.directories.local }}/gluetun/config" ports: - name: "Qbit Client" internal: 8082 external: 8082 - name: "Torrentleech Client" internal: 8083 external: 8083 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - VPN_SERVICE_PROVIDER=protonvpn - UPDATER_VPN_SERVICE_PROVIDERS=protonvpn - UPDATER_PERIOD=24h - "SERVER_COUNTRIES={{ vault_docker.proton.country }}" - "OPENVPN_USER={{ vault_docker.proton.openvpn_user }}" - "OPENVPN_PASSWORD={{ vault_docker.proton.openvpn_password }}" - name: torrentleech vm: - docker-host12 container_name: torrentleech image: qbittorrentofficial/qbittorrent-nox depends_on: - gluetun network_mode: "container:gluetun" volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/torrentleech/config" - name: "Downloads" internal: /downloads external: /media/docker/data/arr_downloads ports: - name: "http" internal: proxy_only external: 8083 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - QBT_EULA="accept" - QBT_WEBUI_PORT="8083" - name: qbit vm: - docker-host12 container_name: qbit image: qbittorrentofficial/qbittorrent-nox:5.0.4-1 depends_on: - gluetun network_mode: "container:gluetun" volumes: - name: "Configuration" internal: /config external: "{{ docker.directories.local }}/qbit/config" - name: "Downloads" internal: /downloads external: /media/docker/data/arr_downloads ports: - name: "http" internal: proxy_only external: 8082 environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - QBT_EULA="accept" - QBT_WEBUI_PORT="8082" - name: cadvisor vm: - docker-host10 - docker-host11 - docker-host12 container_name: cadvisor image: gcr.io/cadvisor/cadvisor:v0.52.1 ports: - name: "" internal: 8080 external: 8081 volumes: - name: "Root" internal: /rootfs:ro external: / - name: "Run" internal: /var/run:rw external: /var/run - name: "System" internal: /sys:ro external: /sys - name: "Docker" internal: /var/lib/docker:ro external: /var/lib/docker - name: karakeep vm: - docker-host11 container_name: karakeep image: ghcr.io/karakeep-app/karakeep:0.23.2 ports: - name: "http" internal: 3000 external: "{{ services_external_http.karakeep }}" volumes: - name: "Data" internal: /data external: "{{ docker.directories.local }}/karakeep/config" environment: - MEILI_ADDR=http://karakeep-meilisearch:7700 - BROWSER_WEB_URL=http://karakeep-chrome:9222 - NEXTAUTH_SECRET={{ vault_docker.karakeep.nextauth_secret }} - MEILI_MASTER_KEY={{ vault_docker.karakeep.meili_master_key }} - NEXTAUTH_URL=https://karakeep.tudattr.dev/ - OPENAI_API_KEY={{ vault_docker.karakeep.openai_key }} - DATA_DIR=/data - DISABLE_SIGNUPS=true sub_service: - name: meilisearch version: v1.11.1 nextauth_secret: "{{ vault_docker.karakeep.nextauth_secret }}" meili_master_key: "{{ vault_docker.karakeep.meili_master_key }}" openai_key: "{{ vault_docker.karakeep.openai_key }}" - name: chrome version: 123 # - name: keycloak # vm: # - docker-host11 # container_name: keycloak # image: quay.io/keycloak/keycloak:26.2 # depends_on: # - keycloak-postgres # ports: # - name: "http" # internal: 8080 # external: "{{ services_external_http.keycloak }}" # volumes: # - name: "config" # internal: /opt/keycloak/data/import/homelab-realm.json # external: "{{ docker.directories.local }}/keycloak/homelab-realm.json" # - name: "config" # internal: /opt/keycloak/data/import/master-realm.json # external: "{{ docker.directories.local }}/keycloak/master-realm.json" # command: # - "start" # - "--import-realm" # environment: # - KC_DB=postgres # - KC_DB_URL=jdbc:postgresql://keycloak-postgres:5432/keycloak # - KC_DB_USERNAME={{ keycloak_config.database.username }} # - KC_DB_PASSWORD={{ keycloak_config.database.password }} # - KC_HOSTNAME=keycloak.{{ internal_domain }} # - KC_HTTP_ENABLED=true # - KC_HTTP_RELATIVE_PATH=/ # - KC_PROXY=edge # - KC_PROXY_HEADERS=xforwarded # - KC_HOSTNAME_URL=https://keycloak.{{ internal_domain }} # - KC_HOSTNAME_ADMIN_URL=https://keycloak.{{ internal_domain }} # - KC_BOOTSTRAP_ADMIN_USERNAME=serviceadmin-{{ keycloak_admin_hash }} # - KC_BOOTSTRAP_ADMIN_PASSWORD={{ vault_docker.keycloak.admin.password }} # sub_service: # - name: postgres # version: 17 # username: "{{ keycloak_config.database.username }}" # password: "{{ keycloak_config.database.password }}"