395 lines
8.7 KiB
YAML
395 lines
8.7 KiB
YAML
version: "3.8"
|
|
services:
|
|
coredns:
|
|
image: coredns/coredns
|
|
networks:
|
|
- hostnet
|
|
configs:
|
|
- source: Corefile
|
|
target: /Corefile
|
|
|
|
caddy:
|
|
image: caddy:2-alpine
|
|
ports:
|
|
- target: 443
|
|
published: 443
|
|
mode: host
|
|
- target: 80
|
|
published: 80
|
|
mode: host
|
|
volumes:
|
|
- type: bind
|
|
source: /srv
|
|
target: /srv
|
|
read_only: true
|
|
- type: bind
|
|
source: /srv/sys/caddy
|
|
target: /data/caddy
|
|
configs:
|
|
- source: Caddyfile
|
|
target: /etc/caddy/Caddyfile
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
- host.lan:192.168.86.2
|
|
|
|
simpleauth:
|
|
image: git.woozle.org/neale/simpleauth
|
|
secrets:
|
|
- passwd
|
|
- simpleauth.key
|
|
|
|
portal:
|
|
image: git.woozle.org/neale/portal
|
|
configs:
|
|
- source: portal.json
|
|
target: /web/portal.json
|
|
- source: deergrove.png
|
|
target: /web/portal.png
|
|
|
|
jellyfin:
|
|
image: jellyfin/jellyfin
|
|
deploy:
|
|
replicas: 0
|
|
environment:
|
|
TZ: US/Mountain
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/jellyfin/config
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/sys/jellyfin/cache
|
|
target: /cache
|
|
- type: bind
|
|
source: /srv/media/
|
|
target: /srv/media/
|
|
read_only: true
|
|
|
|
plex:
|
|
image: lscr.io/linuxserver/plex:latest
|
|
networks:
|
|
- hostnet
|
|
environment:
|
|
TZ: US/Mountain
|
|
VERSION: public
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/plex
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/media/
|
|
target: /srv/media/
|
|
read_only: true
|
|
|
|
pigallery2:
|
|
image: bpatrik/pigallery2:latest
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/pigallery2/config
|
|
target: /app/data/config
|
|
- type: bind
|
|
source: /srv/sys/pigallery2/db
|
|
target: /app/data/db
|
|
- type: bind
|
|
source: /srv/sys/pigallery2/cache
|
|
target: /app/data/cache
|
|
- type: bind
|
|
source: /srv/media/photos
|
|
target: /srv/media/photos
|
|
read_only: true
|
|
|
|
transmission:
|
|
image: lscr.io/linuxserver/transmission:latest
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/transmission
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
environment:
|
|
PEERPORT: "51413"
|
|
ports:
|
|
- 51413:51413
|
|
- 51413:51413/udp
|
|
|
|
sonarr:
|
|
image: lscr.io/linuxserver/sonarr
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/sonarr
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/media/tv
|
|
target: /srv/media/tv
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
radarr:
|
|
image: lscr.io/linuxserver/radarr
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/radarr
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/media/movies
|
|
target: /srv/media/movies
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
lidarr:
|
|
image: lscr.io/linuxserver/lidarr
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/lidarr
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/media/music
|
|
target: /srv/media/music
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
readarr:
|
|
image: lscr.io/linuxserver/readarr:develop
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/readarr
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/media/books
|
|
target: /srv/media/books
|
|
- type: bind
|
|
source: /srv/media/audiobooks
|
|
target: /srv/media/audiobooks
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
prowlarr:
|
|
image: lscr.io/linuxserver/prowlarr:latest
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/prowlarr
|
|
target: /config
|
|
|
|
nzbget:
|
|
image: lscr.io/linuxserver/nzbget
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/nzbget
|
|
target: /config
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
|
|
gitea:
|
|
image: codeberg.org/forgejo/forgejo:1.18-rootless
|
|
secrets:
|
|
- source: gitea.ini
|
|
target: /etc/gitea/app.ini
|
|
uid: "1000"
|
|
gid: "1000"
|
|
mode: 0400
|
|
configs:
|
|
- source: gitea-robots.txt
|
|
target: /var/lib/gitea/custom/robots.txt
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/gitea
|
|
target: /data
|
|
- type: bind
|
|
source: /etc/timezone
|
|
target: /etc/timezone
|
|
read_only: true
|
|
- type: bind
|
|
source: /etc/localtime
|
|
target: /etc/localtime
|
|
read_only: true
|
|
|
|
atlas:
|
|
image: ctassisf/ripe-atlas-alpine:arm64v8
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/atlas/etc
|
|
target: /var/atlas-probe/etc
|
|
- type: bind
|
|
source: /srv/sys/atlas/status
|
|
target: /var/atlas-probe/status
|
|
|
|
netdata:
|
|
image: netdata/netdata
|
|
hostname: "{{.Node.Hostname}}"
|
|
deploy:
|
|
replicas: 0
|
|
environment:
|
|
NETDATA_DISABLE_CLOUD: "1"
|
|
cap_add:
|
|
- SYS_PTRACE
|
|
volumes:
|
|
- type: bind
|
|
source: /
|
|
target: /host
|
|
read_only: true
|
|
- type: bind
|
|
source: /srv/sys/netdata/lib
|
|
target: /var/lib/netdata
|
|
- type: bind
|
|
source: /srv/sys/netdata/cache
|
|
target: /var/cache/netdata
|
|
configs:
|
|
- source: netdata.conf
|
|
target: /etc/netdata/netdata.conf
|
|
|
|
|
|
geneweb:
|
|
image: ravermeister/geneweb
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/geneweb/
|
|
target: /usr/local/share/geneweb/share/data
|
|
|
|
samba:
|
|
image: dperson/samba
|
|
volumes:
|
|
- type: bind
|
|
source: /srv
|
|
target: /srv
|
|
bind:
|
|
propagation: rslave
|
|
environment:
|
|
NMBD: enable
|
|
RECYCLE: disable
|
|
USERID: 911
|
|
GROUPID: 911
|
|
# name;path;browse;readonly;guest
|
|
SHARE1: drive;/srv;yes;no;no
|
|
SHARE2: retropie;/srv/media/games/retropie;yes;yes;yes
|
|
env_file:
|
|
- secrets/samba-users.env
|
|
ports:
|
|
- published: 139
|
|
target: 139
|
|
- published: 445
|
|
target: 445
|
|
|
|
webfs:
|
|
image: sigoden/dufs
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/storage
|
|
target: /srv/storage
|
|
- type: bind
|
|
source: /srv/incoming
|
|
target: /srv/incoming
|
|
- type: bind
|
|
source: /srv/media
|
|
target: /srv/media
|
|
command:
|
|
- -A
|
|
- /srv
|
|
user: "911:911"
|
|
|
|
ddns:
|
|
image: qmcgaw/ddns-updater
|
|
dns:
|
|
- 1.1.1.1
|
|
volumes:
|
|
- type: bind
|
|
source: /srv/sys/ddns-updater
|
|
target: /updater/data
|
|
|
|
tunnel:
|
|
deploy:
|
|
replicas: 0
|
|
image: lscr.io/linuxserver/openssh-server
|
|
user: abc
|
|
entrypoint:
|
|
- /usr/bin/ssh
|
|
- -N
|
|
- -R 172.17.0.1:5880:caddy:80 # 172.17.0.1 = docker host IP
|
|
- -R :5822:host.docker.internal:22
|
|
- -o ServerAliveInterval=30
|
|
- core@melville.woozle.org
|
|
extra_hosts:
|
|
- host.docker.internal:host-gateway
|
|
secrets:
|
|
- source: tunnel
|
|
target: /config/.ssh/id_rsa
|
|
uid: "911"
|
|
gid: "911"
|
|
mode: 0600
|
|
- source: known_hosts
|
|
target: /config/.ssh/known_hosts
|
|
uid: "911"
|
|
gid: "911"
|
|
mode: 0600
|
|
|
|
|
|
configs:
|
|
dave.yaml:
|
|
file: dave.yaml
|
|
name: dave.yaml-v3
|
|
Corefile:
|
|
file: Corefile
|
|
name: Corefile-v7
|
|
Caddyfile:
|
|
file: Caddyfile
|
|
name: Caddyfile-v145
|
|
portal.json:
|
|
file: portal.json
|
|
name: portal.json-v6
|
|
deergrove.png:
|
|
file: www/deergrove.png
|
|
name: deergrove.png-v1
|
|
netdata.conf:
|
|
file: netdata.conf
|
|
name: netdata.conf-v1
|
|
gitea-robots.txt:
|
|
file: gitea-robots.txt
|
|
name: gitea-robots.txt-v1
|
|
|
|
secrets:
|
|
passwd:
|
|
file: secrets/passwd
|
|
name: passwd-v2
|
|
simpleauth.key:
|
|
file: secrets/simpleauth.key
|
|
name: simpleauth.key-v1
|
|
tunnel:
|
|
file: secrets/tunnel
|
|
name: tunnel-v1
|
|
known_hosts:
|
|
file: secrets/known_hosts
|
|
name: known_hosts-v1
|
|
gitea.ini:
|
|
file: secrets/gitea.ini
|
|
name: gitea.ini-v4
|
|
jwt.secret:
|
|
file: secrets/jwt.secret
|
|
name: jwt.secret-v1
|
|
storage.secret:
|
|
file: secrets/storage.secret
|
|
name: storage.secret-v1
|
|
session.secret:
|
|
file: secrets/session.secret
|
|
name: session.secret-v1
|
|
users.yaml:
|
|
file: secrets/users.yaml
|
|
name: users.yaml-v9
|
|
authelia.oidc.yaml:
|
|
file: secrets/authelia.oidc.yaml
|
|
name: authelia.oidc.yaml-v2
|
|
|
|
networks:
|
|
hostnet:
|
|
external: true
|
|
name: host
|