372 lines
8.2 KiB
YAML
372 lines
8.2 KiB
YAML
version: "3.8"
|
|
services:
|
|
coredns:
|
|
image: coredns/coredns
|
|
networks:
|
|
- hostnet
|
|
configs:
|
|
- source: Corefile
|
|
target: /Corefile
|
|
|
|
caddy:
|
|
image: caddy:2-alpine
|
|
ports:
|
|
- target: 443
|
|
published: 443
|
|
mode: host
|
|
- target: 80
|
|
published: 80
|
|
mode: host
|
|
volumes:
|
|
- type: bind
|
|
source: /srv
|
|
target: /srv
|
|
read_only: true
|
|
- type: bind
|
|
source: /srv/sys/caddy
|
|
target: /data/caddy
|
|
configs:
|
|
- source: Caddyfile
|
|
target: /etc/caddy/Caddyfile
|
|
- source: index.html
|
|
target: /www/index.html
|
|
- source: index.mjs
|
|
target: /www/index.mjs
|
|
- source: deergrove.png
|
|
target: /www/deergrove.png
|
|
- source: index.css
|
|
target: /www/index.css
|
|
- source: browser.html
|
|
target: /browser.html
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
- host.lan:192.168.86.2
|
|
|
|
authelia:
|
|
image: authelia/authelia
|
|
environment:
|
|
AUTHELIA_JWT_SECRET_FILE: /run/secrets/jwt.secret
|
|
AUTHELIA_SESSION_SECRET_FILE: /run/secrets/session.secret
|
|
AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: /run/secrets/storage.secret
|
|
secrets:
|
|
- jwt.secret
|
|
- session.secret
|
|
- storage.secret
|
|
- users.yaml
|
|
- authelia.oidc.yaml
|
|
configs:
|
|
- source: authelia.yaml
|
|
target: /authelia.yaml
|
|
command:
|
|
- authelia
|
|
- --config=/authelia.yaml
|
|
- --config=/run/secrets/authelia.oidc.yaml
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/authelia
|
|
target: /srv/sys/authelia
|
|
|
|
redis:
|
|
image: redis:alpine
|
|
command:
|
|
- redis-server
|
|
- --save
|
|
- "60"
|
|
- "1"
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/redis
|
|
target: /data
|
|
|
|
plex:
|
|
image: ghcr.io/linuxserver/plex:1.29.2
|
|
networks:
|
|
- hostnet
|
|
environment:
|
|
TZ: US/Mountain
|
|
VERSION: public
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/plex
|
|
target: /config
|
|
- type: bind
|
|
source: /srv
|
|
target: /srv
|
|
read_only: true
|
|
|
|
transmission:
|
|
image: lscr.io/linuxserver/transmission
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/transmission
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
environment:
|
|
PEERPORT: "51413"
|
|
ports:
|
|
- 51413:51413
|
|
- 51413:51413/udp
|
|
|
|
sonarr:
|
|
image: lscr.io/linuxserver/sonarr
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/sonarr
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/media/tv
|
|
target: /srv/media/tv
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
radarr:
|
|
image: lscr.io/linuxserver/radarr
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/radarr
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/media/movies
|
|
target: /srv/media/movies
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
lidarr:
|
|
image: lscr.io/linuxserver/lidarr
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/lidarr
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/media/music
|
|
target: /srv/media/music
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
readarr:
|
|
image: lscr.io/linuxserver/readarr:develop
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/readarr
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/media/books
|
|
target: /srv/media/books
|
|
- type: bind
|
|
source: /srv/media/audiobooks
|
|
target: /srv/media/audiobooks
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
prowlarr:
|
|
image: lscr.io/linuxserver/prowlarr:latest
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/prowlarr
|
|
target: /config
|
|
|
|
nzbget:
|
|
image: lscr.io/linuxserver/nzbget
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/nzbget
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
|
|
forgejo:
|
|
image: codeberg.org/forgejo/forgejo:1.18-rootless
|
|
secrets:
|
|
- source: forgejo.ini
|
|
target: /etc/gitea/app.ini
|
|
uid: "1000"
|
|
gid: "1000"
|
|
mode: 0400
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/forgejo
|
|
target: /data
|
|
- type: bind
|
|
source: /etc/timezone
|
|
target: /etc/timezone
|
|
read_only: true
|
|
- type: bind
|
|
source: /etc/localtime
|
|
target: /etc/localtime
|
|
read_only: true
|
|
|
|
atlas:
|
|
image: ctassisf/ripe-atlas-alpine:arm64v8
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/atlas/etc
|
|
target: /var/atlas-probe/etc
|
|
- type: bind
|
|
source: /srv/sys/atlas/status
|
|
target: /var/atlas-probe/status
|
|
|
|
geneweb:
|
|
image: ravermeister/geneweb
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/geneweb/etc
|
|
target: /usr/local/share/geneweb/etc
|
|
- type: bind
|
|
source: /srv/sys/geneweb/share/data
|
|
target: /usr/local/share/geneweb/share/data
|
|
- type: bind
|
|
source: /srv/sys/geneweb/log
|
|
target: /usr/local/share/geneweb/log
|
|
|
|
samba:
|
|
image: dperson/samba
|
|
volumes:
|
|
- type: bind
|
|
source: /srv
|
|
target: /srv
|
|
bind:
|
|
propagation: rslave
|
|
environment:
|
|
NMBD: enable
|
|
RECYCLE: disable
|
|
USERID: 911
|
|
GROUPID: 911
|
|
# name;path;browse;readonly;guest
|
|
SHARE1: drive;/srv;yes;no;no
|
|
SHARE2: retropie;/srv/media/games/retropie;yes;yes;yes
|
|
env_file:
|
|
- secrets/samba-users.env
|
|
ports:
|
|
- published: 139
|
|
target: 139
|
|
- published: 445
|
|
target: 445
|
|
|
|
webdav:
|
|
image: micromata/dave
|
|
volumes:
|
|
- type: bind
|
|
source: /srv
|
|
target: /data
|
|
configs:
|
|
- source: dave.yaml
|
|
target: /config/config.yaml
|
|
user: "911:911"
|
|
|
|
ddns:
|
|
image: qmcgaw/ddns-updater
|
|
dns:
|
|
- 1.1.1.1
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/ddns-updater
|
|
target: /updater/data
|
|
|
|
tunnel:
|
|
deploy:
|
|
replicas: 0
|
|
image: lscr.io/linuxserver/openssh-server
|
|
user: abc
|
|
entrypoint:
|
|
- /usr/bin/ssh
|
|
- -N
|
|
- -R 172.17.0.1:5880:caddy:80 # 172.17.0.1 = docker host IP
|
|
- -R :5822:host.docker.internal:22
|
|
- -o ServerAliveInterval=30
|
|
- core@melville.woozle.org
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
secrets:
|
|
- source: tunnel
|
|
target: /config/.ssh/id_rsa
|
|
uid: "911"
|
|
gid: "911"
|
|
mode: 0600
|
|
- source: known_hosts
|
|
target: /config/.ssh/known_hosts
|
|
uid: "911"
|
|
gid: "911"
|
|
mode: 0600
|
|
|
|
|
|
configs:
|
|
dave.yaml:
|
|
file: dave.yaml
|
|
name: dave.yaml-v3
|
|
Corefile:
|
|
file: Corefile
|
|
name: Corefile-v4
|
|
Caddyfile:
|
|
file: Caddyfile
|
|
name: Caddyfile-v111
|
|
index.html:
|
|
file: www/index.html
|
|
name: index.html-v42
|
|
index.mjs:
|
|
file: www/index.mjs
|
|
name: index.mjs-v8
|
|
index.css:
|
|
file: www/index.css
|
|
name: index.css-v2
|
|
browser.html:
|
|
file: www/browser.html
|
|
name: browser.html-v3
|
|
deergrove.png:
|
|
file: www/deergrove.png
|
|
name: deergrove.png-v1
|
|
authelia.yaml:
|
|
file: authelia.yaml
|
|
name: authelia.yaml-v24
|
|
|
|
secrets:
|
|
passwd:
|
|
file: secrets/passwd
|
|
name: passwd-v2
|
|
simpleauth.key:
|
|
file: secrets/simpleauth.key
|
|
name: simpleauth.key-v1
|
|
tunnel:
|
|
file: secrets/tunnel
|
|
name: tunnel-v1
|
|
known_hosts:
|
|
file: secrets/known_hosts
|
|
name: known_hosts-v1
|
|
forgejo.ini:
|
|
file: secrets/forgejo.ini
|
|
name: forgejo.ini-v4
|
|
jwt.secret:
|
|
file: secrets/jwt.secret
|
|
name: jwt.secret-v1
|
|
storage.secret:
|
|
file: secrets/storage.secret
|
|
name: storage.secret-v1
|
|
session.secret:
|
|
file: secrets/session.secret
|
|
name: session.secret-v1
|
|
users.yaml:
|
|
file: secrets/users.yaml
|
|
name: users.yaml-v9
|
|
authelia.oidc.yaml:
|
|
file: secrets/authelia.oidc.yaml
|
|
name: authelia.oidc.yaml-v2
|
|
|
|
networks:
|
|
hostnet:
|
|
external: true
|
|
name: host
|
|
|
|
|