version: '3' services: traefik: image: traefik:latest container_name: traefik restart: unless-stopped networks: net: {} volumes: - "/etc/localtime:/etc/localtime:ro" - "/var/run/docker.sock:/var/run/docker.sock:ro" - "{{ traefik_config }}:/etc/traefik/" - "{{ traefik_data }}:/var/log/" ports: - "{{ traefik_user_port}}:80" - "{{ traefik_admin_port}}:8080" pihole: image: pihole/pihole:latest container_name: pihole restart: unless-stopped depends_on: - traefik networks: - net ports: - "53:53/tcp" - "53:53/udp" - "67:67/udp" - "{{ pihole_port }}:80/tcp" volumes: - "/etc/localtime:/etc/localtime:ro" - "{{ pihole_config }}:/etc/pihole/" - "{{ pihole_dnsmasq }}:/etc/dnsmasq.d/" environment: - PUID={{puid}} - PGID={{pgid}} - TZ={{timezone}} - "WEBPASSWORD={{ vault_aya01_pihole_password }}" - "ServerIP={{aya01_ip}}" - "INTERFACE=eth0" - "DNS1=1.1.1.1" - "DNS1=1.0.0.1" dns: - 127.0.0.1 - 1.1.1.1 cap_add: - NET_ADMIN labels: - "traefik.enable=true" - "traefik.http.routers.{{ pihole_host }}.rule=Host(`{{ pihole_host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ pihole_host }}.loadbalancer.server.port=80" db: image: mariadb container_name: zoneminder_db restart: unless-stopped networks: - zoneminder volumes: - "/etc/localtime:/etc/localtime:ro" - "{{ zoneminder_db }}:/var/lib/mysql" environment: - "MYSQL_DATABASE={{ zoneminder_host }}" - "MYSQL_ROOT_PASSWORD={{ vault_mysql_root_password }}" - "MYSQL_USER={{ mysql_user }}" - "MYSQL_PASSWORD={{ vault_mysql_user_password }}" - "MAX_LOG_SIZE_BYTES=1000000" - "MAX_LOG_NUMBER=20" - "TZ=Europe/Berlin" zoneminder: image: ghcr.io/zoneminder-containers/zoneminder-base:latest container_name: zoneminder restart: unless-stopped stop_grace_period: 45s depends_on: - db - traefik networks: - zoneminder - net ports: - "{{ zoneminder_port }}:80" volumes: - "/etc/localtime:/etc/localtime:ro" - "{{ zoneminder_data }}:/data" - "{{ zoneminder_config }}:/config" - "{{ zoneminder_log}}:/log" - type: tmpfs target: /dev/shm tmpfs: size: 1000000000 environment: - "MYSQL_DATABASE={{ zoneminder_host }}" - "MYSQL_ROOT_PASSWORD={{ vault_mysql_root_password }}" - "MYSQL_USER={{ mysql_user }}" - "MYSQL_PASSWORD={{ vault_mysql_user_password }}" - "MAX_LOG_SIZE_BYTES=1000000" - "MAX_LOG_NUMBER=20" - "TZ=Europe/Berlin" labels: - "traefik.enable=true" - "traefik.http.routers.{{ zoneminder_host }}.rule=Host(`{{ zoneminder_host}}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ zoneminder_host }}.loadbalancer.server.port=80" syncthing: image: syncthing/syncthing container_name: syncthing restart: unless-stopped depends_on: - pihole networks: - net ports: - "{{ syncthing_port }}:8384" # Web UI - 22000:22000/tcp # TCP file transfers - 22000:22000/udp # QUIC file transfers - 21027:21027/udp # Receive local discovery broadcasts volumes: - "{{syncthing_data}}:/var/syncthing" environment: - PUID={{puid}} - PGID={{pgid}} - TZ={{timezone}} hostname: syncthing labels: - "traefik.enable=true" - "traefik.http.routers.{{ syncthing_host }}.rule=Host(`{{ syncthing_host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ syncthing_host }}.loadbalancer.server.port={{ syncthing_port }}" soft-serve: container_name: soft-serve image: charmcli/soft-serve:latest restart: unless-stopped depends_on: - pihole networks: - net environment: - PUID={{puid}} - PGID={{pgid}} - TZ={{timezone}} ports: - 23231:23231 # ssh volumes: - "{{ softserve_data }}:/soft-serve" cupsd: container_name: cupsd image: olbat/cupsd restart: unless-stopped depends_on: - pihole networks: - net environment: - PUID={{puid}} - PGID={{pgid}} - TZ={{timezone}} ports: - "{{cupsd_port}}:631" volumes: - /var/run/dbus:/var/run/dbus - "{{cupsd_config}}:/etc/cups" labels: - "traefik.enable=true" - "traefik.http.routers.{{ cupsd_host }}.rule=Host(`{{ cupsd_host }}.{{ aya01_host }}.{{local_domain}}`)" - "traefik.http.services.{{ cupsd_host }}.loadbalancer.server.port={{ cupsd_port }}" kuma: container_name: kuma image: louislam/uptime-kuma:1 restart: unless-stopped depends_on: - pihole networks: - net environment: - PUID={{puid}} - PGID={{pgid}} - TZ={{timezone}} ports: - "{{ kuma_port }}:3001" volumes: - "{{ kuma_config }}:/app/data" labels: - "traefik.enable=true" - "traefik.http.routers.{{kuma_host}}.rule=Host(`{{ kuma_host }}.{{ aya01_host }}.{{local_domain}}`)" - "traefik.http.services.{{kuma_host}}.loadbalancer.server.port={{ kuma_port }}" plex: image: lscr.io/linuxserver/plex:latest container_name: plex restart: unless-stopped depends_on: - pihole networks: - net ports: - "{{ plex_port }}:32400" - "1900:1900" - "3005:3005" - "5353:5353" - "32410:32410" - "8324:8324" - "32412:32412" - "32469:32469" environment: - PUID={{puid}} - PGID={{pgid}} - TZ={{timezone}} - VERSION=docker volumes: - "{{ plex_config }}:/config" - "{{ plex_tv }}:/tv" - "{{ plex_movies }}:/movies" - "{{ plex_music }}:/music" labels: - "traefik.enable=true" - "traefik.http.routers.{{plex_host}}.rule=Host(`{{ plex_host }}.{{ aya01_host }}.{{local_domain}}`)" - "traefik.http.services.{{plex_host}}.loadbalancer.server.port={{ plex_port }}" sonarr: image: lscr.io/linuxserver/sonarr:latest container_name: sonarr restart: unless-stopped depends_on: - prowlarr networks: - net environment: - PUID={{ puid }} - PGID={{ pgid }} - TZ={{ timezone }} volumes: - {{ sonarr_config }}:/config - {{ sonarr_media }}:/tv #optional - {{ sonarr_downloads }}:/downloads #optional ports: - {{ sonarr_port }}:8989 labels: - "traefik.enable=true" - "traefik.http.routers.{{sonarr_host}}.rule=Host(`{{ sonarr_host }}.{{ aya01_host }}.{{local_domain}}`)" - "traefik.http.services.{{sonarr_host}}.loadbalancer.server.port={{ sonarr_port }}" radarr: image: lscr.io/linuxserver/radarr:latest container_name: radarr restart: unless-stopped depends_on: - prowlarr networks: - net environment: - PUID={{ puid }} - PGID={{ pgid }} - TZ={{ timezone }} volumes: - {{ radarr_config }}:/config - {{ radarr_media }}:/movies #optional - {{ radarr_downloads }}:/downloads #optional ports: - {{ radarr_port }}:7878 labels: - "traefik.enable=true" - "traefik.http.routers.{{radarr_host}}.rule=Host(`{{ radarr_host }}.{{ aya01_host }}.{{local_domain}}`)" - "traefik.http.services.{{radarr_host}}.loadbalancer.server.port={{ radarr_port }}" lidarr: image: lscr.io/linuxserver/lidarr:latest container_name: lidarr restart: unless-stopped depends_on: - prowlarr networks: - net environment: - PUID={{ puid }} - PGID={{ pgid }} - TZ={{ timezone }} volumes: - {{ lidarr_config }}:/config - {{ lidarr_media }}:/music #optional - {{ lidarr_downloads }}:/downloads #optional ports: - {{ lidarr_port }}:8686 labels: - "traefik.enable=true" - "traefik.http.routers.{{lidarr_host}}.rule=Host(`{{ lidarr_host }}.{{ aya01_host }}.{{local_domain}}`)" - "traefik.http.services.{{lidarr_host}}.loadbalancer.server.port={{ lidarr_port }}" prowlarr: image: lscr.io/linuxserver/prowlarr:latest container_name: prowlarr restart: unless-stopped depends_on: - pihole networks: - net environment: - PUID={{ puid }} - PGID={{ pgid }} - TZ={{ timezone }} volumes: - {{ prowlarr_config }}:/config ports: - {{ prowlarr_port }}:9696 labels: - "traefik.enable=true" - "traefik.http.routers.{{prowlarr_host}}.rule=Host(`{{ prowlarr_host }}.{{ aya01_host }}.{{local_domain}}`)" - "traefik.http.services.{{prowlarr_host}}.loadbalancer.server.port={{ prowlarr_port }}" pastebin: image: wantguns/bin container_name: pastebin restart: unless-stopped depends_on: - pihole networks: - net ports: - "{{ bin_port }}:{{ bin_port }}" environment: - PUID={{ puid }} - PGID={{ pgid }} - TZ={{ timezone }} - ROCKET_PORT={{ bin_port }} - HOST_URL={{ bin_host }}.{{ aya01_host }}.{{ local_domain }} volumes: - {{ bin_upload }}:/app/upload labels: - "traefik.enable=true" - "traefik.http.routers.{{ bin_host }}.rule=Host(`{{ bin_host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ bin_host }}.loadbalancer.server.port={{ bin_port }}" tautulli: image: lscr.io/linuxserver/tautulli:latest container_name: tautulli restart: unless-stopped depends_on: - plex networks: - net environment: - PUID={{ puid }} - PGID={{ pgid}} - TZ={{ timezone }} volumes: - {{ tautulli_config}}:/config ports: - {{ tautulli_port }}:8181 labels: - "traefik.enable=true" - "traefik.http.routers.{{ tautulli_host }}.rule=Host(`{{ tautulli_host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ tautulli_host }}.loadbalancer.server.port={{ tautulli_port }}" {{ gluetun_host }}: image: qmcgaw/gluetun container_name: {{ gluetun_host }} restart: unless-stopped networks: - net cap_add: - NET_ADMIN devices: - /dev/net/tun:/dev/net/tun ports: - {{ torrentleech_port }}:{{ torrentleech_port }} - {{ qbit_port }}:{{ qbit_port }} volumes: - {{ gluetun_config }}:/gluetun environment: - PUID={{puid}} - PGID={{pgid}} - TZ={{ timezone }} - VPN_SERVICE_PROVIDER=protonvpn - UPDATER_VPN_SERVICE_PROVIDERS=protonvpn - UPDATER_PERIOD=24h - SERVER_COUNTRIES={{ gluetun_country }} - OPENVPN_USER={{ vault_qbit_vpn_user }}+pmp - OPENVPN_PASSWORD={{ vault_qbit_vpn_password }} labels: - "traefik.enable=true" - "traefik.http.routers.{{ gluetun_host }}.rule=Host(`{{ gluetun_host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ gluetun_host }}.loadbalancer.server.port={{ gluetun_port }}" - "traefik.http.routers.{{ torrentleech_host }}.service={{ torrentleech_host }}" - "traefik.http.routers.{{ torrentleech_host }}.rule=Host(`{{ torrentleech_host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ torrentleech_host }}.loadbalancer.server.port={{ torrentleech_port }}" - "traefik.http.routers.{{ qbit_host }}.service={{ qbit_host }}" - "traefik.http.routers.{{ qbit_host }}.rule=Host(`{{ qbit_host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ qbit_host }}.loadbalancer.server.port={{ qbit_port }}" {{ torrentleech_host }}: image: qbittorrentofficial/qbittorrent-nox container_name: {{ torrentleech_host }} restart: unless-stopped depends_on: - gluetun - sonarr - radarr - lidarr network_mode: "container:{{ gluetun_host }}" environment: - PUID={{ puid }} - PGID={{ pgid }} - TZ={{ timezone }} - QBT_EULA="accept" - QBT_WEBUI_PORT="{{ torrentleech_port }}" volumes: - {{ torrentleech_remote_config }}:/config - {{ qbit_downloads }}:/downloads {{qbit_host}}: image: qbittorrentofficial/qbittorrent-nox container_name: {{ qbit_host }} restart: unless-stopped depends_on: - gluetun - sonarr - radarr - lidarr network_mode: "container:{{ gluetun_host }}" environment: - PUID={{ puid }} - PGID={{ pgid }} - TZ={{ timezone }} - QBT_EULA="accept" - QBT_WEBUI_PORT="{{ qbit_port }}" volumes: - {{ qbit_remote_config }}:/config - {{ qbit_downloads }}:/downloads {{ prometheus_host }}: image: prom/prometheus container_name: {{ prometheus_host }} restart: unless-stopped depends_on: - pihole networks: - net environment: - PUID={{ prometheus_puid }} - PGID={{ prometheus_pgid}} - TZ={{ timezone }} volumes: - {{ prometheus_config }}:/etc/prometheus/ - prometheus_data:/prometheus/ ports: - {{ prometheus_port }}:9090 labels: - "traefik.enable=true" - "traefik.http.routers.{{ prometheus_host }}.rule=Host(`{{ prometheus_host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ prometheus_host }}.loadbalancer.server.port={{ prometheus_port }}" {{ grafana_host }}: image: grafana/grafana-oss container_name: {{ grafana_host }} restart: unless-stopped depends_on: - {{ prometheus_host }} networks: - net environment: - PUID={{ grafana_puid }} - PGID={{ grafana_pgid }} - TZ={{ timezone }} volumes: - {{ grafana_data }}:/var/lib/grafana/ - {{ grafana_config }}:/etc/grafana/ ports: - {{ grafana_port }}:3000 labels: - "traefik.enable=true" - "traefik.http.routers.{{ grafana_host }}.rule=Host(`{{ grafana_host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ grafana_host }}.loadbalancer.server.port={{ grafana_port }}" {{ gitlab.host }}: image: gitlab/gitlab-ce:latest container_name: {{ gitlab.host }} restart: {{ gitlab.restart }} depends_on: - {{ pihole_host }} networks: - net environment: - TZ={{ timezone }} volumes: - {{ gitlab.paths.config }}:/etc/gitlab/ - {{ gitlab.paths.logs}}:/var/log/gitlab/ - {{ gitlab.paths.data}}:/var/opt/gitlab/ ports: - {{ gitlab.ports.ssh.remote }}:{{ gitlab.ports.ssh.local }} - {{ gitlab.ports.http.remote }}:{{ gitlab.ports.http.local }} - {{ gitlab.ports.https.remote }}:{{ gitlab.ports.https.local }} labels: - "traefik.enable=true" - "traefik.http.routers.{{ gitlab.host }}.rule=Host(`{{ gitlab.host }}.{{ aya01_host }}.{{ local_domain }}`)" - "traefik.http.services.{{ gitlab.host }}.loadbalancer.server.port={{ gitlab.ports.http.local }}" networks: zoneminder: driver: bridge ipam: driver: default config: - subnet: {{ zoneminder_network }} net: driver: bridge ipam: driver: default config: - subnet: {{ docker_network }} volumes: prometheus_data: {}