Skip to content
Permalink
master
Switch branches/tags
Go to file
Latest commit cc5f16a Sep 21, 2019 History
0 contributors

Users who have contributed to this file

797 lines (767 sloc) 29.3 KB
#Reference: https://www.smarthomebeginner.com/traefik-reverse-proxy-tutorial-for-docker
#Requirement: Set environmental variables: ${$USERDIR}, ${PUID}, ${PGID}, ${TZ}, ${DOMAINNAME}, ${CLOUDFLARE_EMAIL}, ${CLOUDFLARE_API_KEY}, ${HTTP_USERNAME}, ${HTTP_PASSWORD}, etc. as explained in the reference.
version: "3.7"
services:
######### FRONTENDS ##########
# Traefik Reverse Proxy
traefik:
image: traefik:v1.7.16
container_name: traefik
hostname: traefik
restart: unless-stopped
networks:
- default
- traefik_proxy
ports:
- "80:80"
- "443:443"
# - "XXXX:8080"
domainname: ${DOMAINNAME}
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${USERDIR}/docker/traefik:/etc/traefik
- ${USERDIR}/docker/shared:/shared
environment:
CF_API_EMAIL: ${CLOUDFLARE_EMAIL}
CF_API_KEY: ${CLOUDFLARE_API_KEY}
# DUCKDNS_TOKEN: ${DUCKDNS_TOKEN}
labels:
traefik.enable: "true"
traefik.backend: traefik
traefik.protocol: http
traefik.port: 8080
traefik.frontend.rule: Host:traefik.${DOMAINNAME}
# traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefixStrip: /traefik
traefik.frontend.headers.SSLHost: traefik.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
traefik.frontend.auth.basic.users: '${HTTP_USERNAME}:${HTTP_PASSWORD}'
#Portainer - WebUI for Containers
portainer:
image: portainer/portainer
container_name: portainer
hostname: portainer
restart: unless-stopped
networks:
- traefik_proxy
# ports:
# - "XXXX:9000"
command: -H unix:///var/run/docker.sock
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ${USERDIR}/docker/portainer/data:/data
- ${USERDIR}/docker/shared:/shared
environment:
TZ: ${TZ}
labels:
traefik.enable: "true"
traefik.backend: portainer
traefik.protocol: http
traefik.port: 9000
traefik.frontend.rule: Host:portainer.${DOMAINNAME}
# traefik.frontend.rule: Host${DOMAINNAME}; PathPrefixStrip: /portainer
traefik.frontend.headers.SSLHost: portainer.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
# Organizer - Unified HTPC/Home Server Web Interface
organizr:
image: linuxserver/organizr
container_name: organizr
hostname: organizr
restart: unless-stopped
networks:
- traefik_proxy
# ports:
# - "XXXX:80"
volumes:
- ${USERDIR}/docker/organizr:/config
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
HOME: /config
labels:
traefik.enable: "true"
traefik.backend: organizr
traefik.protocol: http
traefik.port: 80
traefik.frontend.rule: Host:${DOMAINNAME},www.${DOMAINNAME}
traefik.frontend.headers.SSLHost: ${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
traefik.frontend.auth.basic.users: '${HTTP_USERNAME}:${HTTP_PASSWORD}'
# phpMyAdmin - WebUI for MariaDB
phpmyadmin:
image: phpmyadmin/phpmyadmin
container_name: phpmyadmin
hostname: phpmyadmin
restart: unless-stopped
networks:
- traefik_proxy
- default
# ports:
# - "XXXX:80"
environment:
PMA_HOST: ${DB_HOST}
PMA_PORT: ${DB_PORT}
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
labels:
traefik.enable: "true"
traefik.backend: phpmyadmin
traefik.protocol: http
traefik.port: 80
traefik.frontend.rule: Host:pma.${DOMAINNAME}
traefik.frontend.headers.SSLHost: pma.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
traefik.frontend.auth.basic.users: '${HTTP_USERNAME}:${HTTP_PASSWORD}'
######### DOCKER RELATED ##########
# Watchtower - Automatic Update of Containers/Apps
watchtower:
image: v2tec/watchtower
container_name: watchtower
hostname: watchtower
restart: unless-stopped
command: --schedule "0 0 23 * * SUN" --cleanup
volumes:
- /var/run/docker.sock:/var/run/docker.sock
######### SMART HOME APPS ##########
# Home Assistant - Smart Home Hub
homeassistant:
image: homeassistant/home-assistant
container_name: homeassistant
hostname: homeassistant
restart: always
devices:
- /dev/ttyUSB0:/dev/ttyUSB0
- /dev/ttyUSB1:/dev/ttyUSB1
- /dev/ttyACM0:/dev/ttyACM0
networks:
- traefik_proxy
- default
# ports:
# - "XXXX:8123"
privileged: true
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
volumes:
- ${USERDIR}/docker/homeassistant:/config
- /etc/localtime:/etc/localtime:ro
- ${USERDIR}/docker/shared:/shared
labels:
traefik.enable: "true"
traefik.backend: homeassistant
traefik.protocol: http
traefik.port: 8123
traefik.frontend.rule: Host:hass.${DOMAINNAME}
traefik.frontend.headers.SSLHost: hass.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
######### DOWNLOADERS ##########
# Transmission with VPN – Bittorrent Downloader
transmission-vpn:
image: haugene/transmission-openvpn
container_name: transmission-vpn
hostname: transmission
restart: unless-stopped
networks:
- traefik_proxy
# ports:
# - "XXXX:9091"
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
dns:
- 1.1.1.1
- 1.0.0.1
volumes:
- /etc/localtime:/etc/localtime:ro
- ${USERDIR}/docker/transmission-vpn/data:/data
- ${USERDIR}/docker/transmission-vpn/config:/config
- ${USERDIR}/docker/shared:/shared
- ${USERDIR}/Downloads:/downloads
environment:
OPENVPN_PROVIDER: IPVANISH
OPENVPN_USERNAME: ${OPENVPN_USERNAME}
OPENVPN_PASSWORD: ${OPENVPN_PASSWORD}
# OPENVPN_CONFIG: "ipvanish-CA-Montreal-yul-c04"
OPENVPN_OPTS: --inactive 3600 --ping 10 --ping-exit 60
LOCAL_NETWORK: "192.168.1.0/24"
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
TRANSMISSION_RPC_AUTHENTICATION_REQUIRED: "true"
TRANSMISSION_RPC_HOST_WHITELIST: "127.0.0.1,192.168.*.*"
TRANSMISSION_RPC_PASSWORD: ${TRANSMISSION_RPC_PASSWORD}
TRANSMISSION_RPC_USERNAME: ${TRANSMISSION_RPC_USERNAME}
TRANSMISSION_UMASK: 002
TRANSMISSION_RATIO_LIMIT: 0.01
TRANSMISSION_RATIO_LIMIT_ENABLED: "true"
TRANSMISSION_ALT_SPEED_DOWN: 2000
TRANSMISSION_ALT_SPEED_ENABLED: "true"
TRANSMISSION_ALT_SPEED_UP: 15
TRANSMISSION_SPEED_LIMIT_DOWN: 6000
TRANSMISSION_SPEED_LIMIT_DOWN_ENABLED: "true"
TRANSMISSION_SPEED_LIMIT_UP: 30
TRANSMISSION_SPEED_LIMIT_UP_ENABLED: "true"
TRANSMISSION_INCOMPLETE_DIR: /downloads/incomplete
TRANSMISSION_INCOMPLETE_DIR_ENABLED: "true"
TRANSMISSION_WATCH_DIR: /downloads
TRANSMISSION_WATCH_DIR_ENABLED: "true"
TRANSMISSION_DOWNLOAD_DIR: /downloads/completed
labels:
traefik.enable: "true"
traefik.backend: transmission-vpn
traefik.protocol: http
traefik.port: 9091
traefik.frontend.rule: Host:trans.${DOMAINNAME}
# traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /transmission
traefik.frontend.headers.SSLHost: trans.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
# qBittorrent without VPN – Bittorrent Downloader (Alternative)
qbittorrent:
image: linuxserver/qbittorrent
container_name: qbittorrent
hostname: qbittorrent
restart: unless-stopped
networks:
- traefik_proxy
ports:
- "XXXX:8080"
- "6881:6881"
- "6881:6881/udp"
volumes:
- ${USERDIR}/docker/qbittorrent:/config
- ${USERDIR}/Downloads:/downloads
- ${USERDIR}/docker/shared:/shared
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
UMASK_SET: 002
WEBUI_PORT: 8168
labels:
traefik.enable: "true"
traefik.backend: qbittorrent
traefik.protocol: http
traefik.port: 8168
traefik.frontend.rule: Host:qbit.${DOMAINNAME}
# traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /qbittorrent
traefik.frontend.headers.SSLHost: qbit.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
# SABnzbd – Usenet (NZB) Downloader
sabnzbd:
image: linuxserver/sabnzbd
container_name: sabnzbd
hostname: sabnzbd
restart: unless-stopped
networks:
- traefik_proxy
# ports:
# - "XXXX:8080"
volumes:
- ${USERDIR}/docker/sabnzbd:/config
- ${USERDIR}/Downloads:/downloads
- ${USERDIR}/Downloads/incomplete:/incomplete-downloads
- ${USERDIR}/docker/shared:/shared
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
labels:
traefik.enable: "true"
traefik.backend: sabnzbd
traefik.protocol: http
traefik.port: 8080
traefik.frontend.rule: Host:sabnzbd.${DOMAINNAME}
# traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /sabnzbd
traefik.frontend.headers.SSLHost: sabnzbd.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
######### PERSONAL VIDEO RECORDERS ##########
# Radarr – Movie Download and Management
radarr:
image: linuxserver/radarr
container_name: radarr
hostname: radarr
restart: unless-stopped
networks:
- traefik_proxy
# ports:
# - "XXXX:7878"
volumes:
- ${USERDIR}/docker/radarr:/config
- ${USERDIR}/Downloads:/downloads
- /media/media/movies:/movies
- "/etc/localtime:/etc/localtime:ro"
- ${USERDIR}/docker/shared:/shared
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
labels:
traefik.enable: "true"
traefik.backend: radarr
traefik.protocol: http
traefik.port: 7878
traefik.frontend.rule: Host:radarr.${DOMAINNAME}
# traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /radarr
traefik.frontend.headers.SSLHost: radarr.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
# Sonarr – TV Show Download and Management
sonarr:
image: linuxserver/sonarr
container_name: sonarr
hostname: sonarr
restart: unless-stopped
networks:
- traefik_proxy
# ports:
# - "XXXX:8989"
volumes:
- ${USERDIR}/docker/sonarr:/config
- ${USERDIR}/Downloads:/downloads
- /media/media/tvshows:/tv
- "/etc/localtime:/etc/localtime:ro"
- ${USERDIR}/docker/shared:/shared
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
labels:
traefik.enable: "true"
traefik.backend: sonarr
traefik.protocol: http
traefik.port: 8989
traefik.frontend.rule: Host:sonarr.${DOMAINNAME}
# traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /sonarr
traefik.frontend.headers.SSLHost: sonarr.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
#LIDARR - Music Download and Management
lidarr:
image: linuxserver/lidarr
container_name: lidarr
hostname: lidarr
restart: unless-stopped
networks:
- traefik_proxy
# ports:
# - "XXXX:8686"
volumes:
- ${USERDIR}/docker/lidarr:/config
- ${USERDIR}/Downloads:/downloads
- /media/ds918/media/music:/music
- "/etc/localtime:/etc/localtime:ro"
- ${USERDIR}/docker/shared:/shared
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
labels:
traefik.enable: "true"
traefik.backend: lidarr
traefik.protocol: http
traefik.port: 8686
traefik.frontend.rule: Host:lidarr.${DOMAINNAME}
# traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /lidarr
traefik.frontend.headers.SSLHost: lidarr.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
######### MEDIA SERVER APPS ##########
# Plex Media Server
plexms:
image: plexinc/pms-docker
container_name: plexms
hostname: plexms
restart: always
networks:
- traefik_proxy
ports:
- "32400:32400/tcp"
- "3005:3005/tcp"
- "8324:8324/tcp"
- "32469:32469/tcp"
- "1900:1900/udp"
- "32410:32410/udp"
- "32412:32412/udp"
- "32413:32413/udp"
- "32414:32414/udp"
environment:
TZ=${TZ}
HOSTNAME: "Docker Plex"
PLEX_CLAIM: "claim-YYYYYYYYY"
PLEX_UID: ${PUID}
PLEX_GID: ${PGID}
ADVERTISE_IP: "http://SERVER-IP:32400/"
volumes:
- ${USERDIR}/docker/plexms:/config
- ${USERDIR}/Downloads/plex_tmp:/transcode
- /media/media:/media
- ${USERDIR}/docker/shared:/shared
labels:
traefik.enable: "true"
traefik.backend: plexms
traefik.protocol: http
traefik.port: 32400
traefik.frontend.rule: Host:plex.${DOMAINNAME}
traefik.frontend.headers.SSLHost: plex.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
# Tautulli (aka PlexPy) – Monitoring Plex Usage
tautulli:
image: linuxserver/tautulli
container_name: tautulli
hostname: tautulli
restart: unless-stopped
networks:
- traefik_proxy
# ports:
# - "XXXX:8181"
volumes:
- ${USERDIR}/docker/tautulli/config:/config
- ${USERDIR}/docker/tautulli/logs:/logs:ro
- ${USERDIR}/docker/shared:/shared
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
labels:
traefik.enable: "true"
traefik.backend: tautulli
traefik.protocol: http
traefik.port: 8181
traefik.frontend.rule: Host:tautulli.${DOMAINNAME}
# traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /tautulli
traefik.frontend.headers.SSLHost: tautulli.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
# Ombi – Accept Requests for your Media Server
ombi:
image: linuxserver/ombi
container_name: ombi
hostname: ombi
restart: always
networks:
- traefik_proxy
# ports:
# - "XXXX:3579"
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
volumes:
- ${USERDIR}/docker/ombi:/config
- ${USERDIR}/docker/shared:/shared
labels:
traefik.enable: "true"
traefik.backend: ombi
traefik.protocol: http
traefik.port: 3579
traefik.frontend.rule: Host:ombi.${DOMAINNAME}
# traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /ombi
traefik.frontend.headers.SSLHost: ombi.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
######### SEARCHERS ##########
# NZBHydra – NZB Meta Search
hydra2:
image: linuxserver/hydra2
container_name: hydra2
hostname: hydra2
restart: unless-stopped
networks:
- traefik_proxy
# ports:
# - "XXXX:5076"
volumes:
- ${USERDIR}/docker/hydra2:/config
- ${USERDIR}/Downloads:/downloads
- ${USERDIR}/docker/shared:/shared
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
labels:
traefik.enable: "true"
traefik.backend: hydra2
traefik.protocol: http
traefik.port: 5076
traefik.frontend.rule: Host:hydra2.${DOMAINNAME}
# traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /hydra2
traefik.frontend.headers.SSLHost: hydra2.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
# Jackett – Torrent Proxy
jackett:
image: linuxserver/jackett
container_name: jackett
hostname: jackett
restart: unless-stopped
networks:
- traefik_proxy
# ports:
# - "XXXX:9117"
volumes:
- ${USERDIR}/docker/jackett:/config
- ${USERDIR}/Downloads:/downloads
- "/etc/localtime:/etc/localtime:ro"
- ${USERDIR}/docker/shared:/shared
environment:
PUID: ${PUID}
PGID: ${PGID}
TZ: ${TZ}
labels:
traefik.enable: "true"
traefik.backend: jackett
traefik.protocol: http
traefik.port: 9117
traefik.frontend.rule: Host:jackett.${DOMAINNAME}
# traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /jackett
traefik.frontend.headers.SSLHost: jackett.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
######### UTILITIES ##########
# MariaDB – Database Server for your Apps
mariadb:
image: "linuxserver/mariadb"
container_name: "mariadb"
hostname: mariadb
restart: always
ports:
- target: 3306
published: 3306
protocol: tcp
mode: host
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
volumes:
- ${USERDIR}/docker/mariadb:/config
# NextCloud – Your Own Cloud Storage
nextcloud:
image: linuxserver/nextcloud
container_name: nextcloud
hostname: nextcloud
restart: always
networks:
- traefik_proxy
# ports:
# - "XXXX:443"
environment:
PUID: ${PUID}
PGID: ${PGID}
volumes:
- ${USERDIR}/docker/nextcloud:/config
- ${USERDIR}/shared_data:/data
- ${USERDIR}/docker/shared:/shared
labels:
traefik.enable: "true"
traefik.backend: nextcloud
traefik.protocol: https
traefik.port: 443
traefik.frontend.rule: Host:nextcloud.${DOMAINNAME}
traefik.frontend.headers.SSLHost: nextcloud.${DOMAINNAME}
traefik.docker.network: traefik_proxy
traefik.frontend.passHostHeader: "true"
traefik.frontend.headers.SSLForceHost: "true"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSSeconds: 315360000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex
traefik.frontend.headers.frameDeny: "true"
traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}'
networks:
traefik_proxy:
external:
name: traefik_proxy
default:
driver: bridge