Permalink
| #Reference: https://www.smarthomebeginner.com/traefik-reverse-proxy-tutorial-for-docker | |
| #Requirement: Set environmental variables: ${$USERDIR}, ${PUID}, ${PGID}, ${TZ}, ${DOMAINNAME}, ${CLOUDFLARE_EMAIL}, ${CLOUDFLARE_API_KEY}, ${HTTP_USERNAME}, ${HTTP_PASSWORD}, etc. as explained in the reference. | |
| version: "3.7" | |
| services: | |
| ######### FRONTENDS ########## | |
| # Traefik Reverse Proxy | |
| traefik: | |
| image: traefik:v1.7.16 | |
| container_name: traefik | |
| hostname: traefik | |
| restart: unless-stopped | |
| networks: | |
| - default | |
| - traefik_proxy | |
| ports: | |
| - "80:80" | |
| - "443:443" | |
| # - "XXXX:8080" | |
| domainname: ${DOMAINNAME} | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock:ro | |
| - ${USERDIR}/docker/traefik:/etc/traefik | |
| - ${USERDIR}/docker/shared:/shared | |
| environment: | |
| CF_API_EMAIL: ${CLOUDFLARE_EMAIL} | |
| CF_API_KEY: ${CLOUDFLARE_API_KEY} | |
| # DUCKDNS_TOKEN: ${DUCKDNS_TOKEN} | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: traefik | |
| traefik.protocol: http | |
| traefik.port: 8080 | |
| traefik.frontend.rule: Host:traefik.${DOMAINNAME} | |
| # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefixStrip: /traefik | |
| traefik.frontend.headers.SSLHost: traefik.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| traefik.frontend.auth.basic.users: '${HTTP_USERNAME}:${HTTP_PASSWORD}' | |
| #Portainer - WebUI for Containers | |
| portainer: | |
| image: portainer/portainer | |
| container_name: portainer | |
| hostname: portainer | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:9000" | |
| command: -H unix:///var/run/docker.sock | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| - ${USERDIR}/docker/portainer/data:/data | |
| - ${USERDIR}/docker/shared:/shared | |
| environment: | |
| TZ: ${TZ} | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: portainer | |
| traefik.protocol: http | |
| traefik.port: 9000 | |
| traefik.frontend.rule: Host:portainer.${DOMAINNAME} | |
| # traefik.frontend.rule: Host${DOMAINNAME}; PathPrefixStrip: /portainer | |
| traefik.frontend.headers.SSLHost: portainer.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| # Organizer - Unified HTPC/Home Server Web Interface | |
| organizr: | |
| image: linuxserver/organizr | |
| container_name: organizr | |
| hostname: organizr | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:80" | |
| volumes: | |
| - ${USERDIR}/docker/organizr:/config | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| HOME: /config | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: organizr | |
| traefik.protocol: http | |
| traefik.port: 80 | |
| traefik.frontend.rule: Host:${DOMAINNAME},www.${DOMAINNAME} | |
| traefik.frontend.headers.SSLHost: ${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| traefik.frontend.auth.basic.users: '${HTTP_USERNAME}:${HTTP_PASSWORD}' | |
| # phpMyAdmin - WebUI for MariaDB | |
| phpmyadmin: | |
| image: phpmyadmin/phpmyadmin | |
| container_name: phpmyadmin | |
| hostname: phpmyadmin | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| - default | |
| # ports: | |
| # - "XXXX:80" | |
| environment: | |
| PMA_HOST: ${DB_HOST} | |
| PMA_PORT: ${DB_PORT} | |
| MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: phpmyadmin | |
| traefik.protocol: http | |
| traefik.port: 80 | |
| traefik.frontend.rule: Host:pma.${DOMAINNAME} | |
| traefik.frontend.headers.SSLHost: pma.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| traefik.frontend.auth.basic.users: '${HTTP_USERNAME}:${HTTP_PASSWORD}' | |
| ######### DOCKER RELATED ########## | |
| # Watchtower - Automatic Update of Containers/Apps | |
| watchtower: | |
| image: v2tec/watchtower | |
| container_name: watchtower | |
| hostname: watchtower | |
| restart: unless-stopped | |
| command: --schedule "0 0 23 * * SUN" --cleanup | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| ######### SMART HOME APPS ########## | |
| # Home Assistant - Smart Home Hub | |
| homeassistant: | |
| image: homeassistant/home-assistant | |
| container_name: homeassistant | |
| hostname: homeassistant | |
| restart: always | |
| devices: | |
| - /dev/ttyUSB0:/dev/ttyUSB0 | |
| - /dev/ttyUSB1:/dev/ttyUSB1 | |
| - /dev/ttyACM0:/dev/ttyACM0 | |
| networks: | |
| - traefik_proxy | |
| - default | |
| # ports: | |
| # - "XXXX:8123" | |
| privileged: true | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| volumes: | |
| - ${USERDIR}/docker/homeassistant:/config | |
| - /etc/localtime:/etc/localtime:ro | |
| - ${USERDIR}/docker/shared:/shared | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: homeassistant | |
| traefik.protocol: http | |
| traefik.port: 8123 | |
| traefik.frontend.rule: Host:hass.${DOMAINNAME} | |
| traefik.frontend.headers.SSLHost: hass.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| ######### DOWNLOADERS ########## | |
| # Transmission with VPN – Bittorrent Downloader | |
| transmission-vpn: | |
| image: haugene/transmission-openvpn | |
| container_name: transmission-vpn | |
| hostname: transmission | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:9091" | |
| cap_add: | |
| - NET_ADMIN | |
| devices: | |
| - /dev/net/tun | |
| dns: | |
| - 1.1.1.1 | |
| - 1.0.0.1 | |
| volumes: | |
| - /etc/localtime:/etc/localtime:ro | |
| - ${USERDIR}/docker/transmission-vpn/data:/data | |
| - ${USERDIR}/docker/transmission-vpn/config:/config | |
| - ${USERDIR}/docker/shared:/shared | |
| - ${USERDIR}/Downloads:/downloads | |
| environment: | |
| OPENVPN_PROVIDER: IPVANISH | |
| OPENVPN_USERNAME: ${OPENVPN_USERNAME} | |
| OPENVPN_PASSWORD: ${OPENVPN_PASSWORD} | |
| # OPENVPN_CONFIG: "ipvanish-CA-Montreal-yul-c04" | |
| OPENVPN_OPTS: --inactive 3600 --ping 10 --ping-exit 60 | |
| LOCAL_NETWORK: "192.168.1.0/24" | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| TRANSMISSION_RPC_AUTHENTICATION_REQUIRED: "true" | |
| TRANSMISSION_RPC_HOST_WHITELIST: "127.0.0.1,192.168.*.*" | |
| TRANSMISSION_RPC_PASSWORD: ${TRANSMISSION_RPC_PASSWORD} | |
| TRANSMISSION_RPC_USERNAME: ${TRANSMISSION_RPC_USERNAME} | |
| TRANSMISSION_UMASK: 002 | |
| TRANSMISSION_RATIO_LIMIT: 0.01 | |
| TRANSMISSION_RATIO_LIMIT_ENABLED: "true" | |
| TRANSMISSION_ALT_SPEED_DOWN: 2000 | |
| TRANSMISSION_ALT_SPEED_ENABLED: "true" | |
| TRANSMISSION_ALT_SPEED_UP: 15 | |
| TRANSMISSION_SPEED_LIMIT_DOWN: 6000 | |
| TRANSMISSION_SPEED_LIMIT_DOWN_ENABLED: "true" | |
| TRANSMISSION_SPEED_LIMIT_UP: 30 | |
| TRANSMISSION_SPEED_LIMIT_UP_ENABLED: "true" | |
| TRANSMISSION_INCOMPLETE_DIR: /downloads/incomplete | |
| TRANSMISSION_INCOMPLETE_DIR_ENABLED: "true" | |
| TRANSMISSION_WATCH_DIR: /downloads | |
| TRANSMISSION_WATCH_DIR_ENABLED: "true" | |
| TRANSMISSION_DOWNLOAD_DIR: /downloads/completed | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: transmission-vpn | |
| traefik.protocol: http | |
| traefik.port: 9091 | |
| traefik.frontend.rule: Host:trans.${DOMAINNAME} | |
| # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /transmission | |
| traefik.frontend.headers.SSLHost: trans.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| # qBittorrent without VPN – Bittorrent Downloader (Alternative) | |
| qbittorrent: | |
| image: linuxserver/qbittorrent | |
| container_name: qbittorrent | |
| hostname: qbittorrent | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| ports: | |
| - "XXXX:8080" | |
| - "6881:6881" | |
| - "6881:6881/udp" | |
| volumes: | |
| - ${USERDIR}/docker/qbittorrent:/config | |
| - ${USERDIR}/Downloads:/downloads | |
| - ${USERDIR}/docker/shared:/shared | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| UMASK_SET: 002 | |
| WEBUI_PORT: 8168 | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: qbittorrent | |
| traefik.protocol: http | |
| traefik.port: 8168 | |
| traefik.frontend.rule: Host:qbit.${DOMAINNAME} | |
| # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /qbittorrent | |
| traefik.frontend.headers.SSLHost: qbit.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| # SABnzbd – Usenet (NZB) Downloader | |
| sabnzbd: | |
| image: linuxserver/sabnzbd | |
| container_name: sabnzbd | |
| hostname: sabnzbd | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:8080" | |
| volumes: | |
| - ${USERDIR}/docker/sabnzbd:/config | |
| - ${USERDIR}/Downloads:/downloads | |
| - ${USERDIR}/Downloads/incomplete:/incomplete-downloads | |
| - ${USERDIR}/docker/shared:/shared | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: sabnzbd | |
| traefik.protocol: http | |
| traefik.port: 8080 | |
| traefik.frontend.rule: Host:sabnzbd.${DOMAINNAME} | |
| # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /sabnzbd | |
| traefik.frontend.headers.SSLHost: sabnzbd.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| ######### PERSONAL VIDEO RECORDERS ########## | |
| # Radarr – Movie Download and Management | |
| radarr: | |
| image: linuxserver/radarr | |
| container_name: radarr | |
| hostname: radarr | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:7878" | |
| volumes: | |
| - ${USERDIR}/docker/radarr:/config | |
| - ${USERDIR}/Downloads:/downloads | |
| - /media/media/movies:/movies | |
| - "/etc/localtime:/etc/localtime:ro" | |
| - ${USERDIR}/docker/shared:/shared | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: radarr | |
| traefik.protocol: http | |
| traefik.port: 7878 | |
| traefik.frontend.rule: Host:radarr.${DOMAINNAME} | |
| # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /radarr | |
| traefik.frontend.headers.SSLHost: radarr.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| # Sonarr – TV Show Download and Management | |
| sonarr: | |
| image: linuxserver/sonarr | |
| container_name: sonarr | |
| hostname: sonarr | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:8989" | |
| volumes: | |
| - ${USERDIR}/docker/sonarr:/config | |
| - ${USERDIR}/Downloads:/downloads | |
| - /media/media/tvshows:/tv | |
| - "/etc/localtime:/etc/localtime:ro" | |
| - ${USERDIR}/docker/shared:/shared | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: sonarr | |
| traefik.protocol: http | |
| traefik.port: 8989 | |
| traefik.frontend.rule: Host:sonarr.${DOMAINNAME} | |
| # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /sonarr | |
| traefik.frontend.headers.SSLHost: sonarr.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| #LIDARR - Music Download and Management | |
| lidarr: | |
| image: linuxserver/lidarr | |
| container_name: lidarr | |
| hostname: lidarr | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:8686" | |
| volumes: | |
| - ${USERDIR}/docker/lidarr:/config | |
| - ${USERDIR}/Downloads:/downloads | |
| - /media/ds918/media/music:/music | |
| - "/etc/localtime:/etc/localtime:ro" | |
| - ${USERDIR}/docker/shared:/shared | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: lidarr | |
| traefik.protocol: http | |
| traefik.port: 8686 | |
| traefik.frontend.rule: Host:lidarr.${DOMAINNAME} | |
| # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /lidarr | |
| traefik.frontend.headers.SSLHost: lidarr.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| ######### MEDIA SERVER APPS ########## | |
| # Plex Media Server | |
| plexms: | |
| image: plexinc/pms-docker | |
| container_name: plexms | |
| hostname: plexms | |
| restart: always | |
| networks: | |
| - traefik_proxy | |
| ports: | |
| - "32400:32400/tcp" | |
| - "3005:3005/tcp" | |
| - "8324:8324/tcp" | |
| - "32469:32469/tcp" | |
| - "1900:1900/udp" | |
| - "32410:32410/udp" | |
| - "32412:32412/udp" | |
| - "32413:32413/udp" | |
| - "32414:32414/udp" | |
| environment: | |
| TZ=${TZ} | |
| HOSTNAME: "Docker Plex" | |
| PLEX_CLAIM: "claim-YYYYYYYYY" | |
| PLEX_UID: ${PUID} | |
| PLEX_GID: ${PGID} | |
| ADVERTISE_IP: "http://SERVER-IP:32400/" | |
| volumes: | |
| - ${USERDIR}/docker/plexms:/config | |
| - ${USERDIR}/Downloads/plex_tmp:/transcode | |
| - /media/media:/media | |
| - ${USERDIR}/docker/shared:/shared | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: plexms | |
| traefik.protocol: http | |
| traefik.port: 32400 | |
| traefik.frontend.rule: Host:plex.${DOMAINNAME} | |
| traefik.frontend.headers.SSLHost: plex.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| # Tautulli (aka PlexPy) – Monitoring Plex Usage | |
| tautulli: | |
| image: linuxserver/tautulli | |
| container_name: tautulli | |
| hostname: tautulli | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:8181" | |
| volumes: | |
| - ${USERDIR}/docker/tautulli/config:/config | |
| - ${USERDIR}/docker/tautulli/logs:/logs:ro | |
| - ${USERDIR}/docker/shared:/shared | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: tautulli | |
| traefik.protocol: http | |
| traefik.port: 8181 | |
| traefik.frontend.rule: Host:tautulli.${DOMAINNAME} | |
| # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /tautulli | |
| traefik.frontend.headers.SSLHost: tautulli.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| # Ombi – Accept Requests for your Media Server | |
| ombi: | |
| image: linuxserver/ombi | |
| container_name: ombi | |
| hostname: ombi | |
| restart: always | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:3579" | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| volumes: | |
| - ${USERDIR}/docker/ombi:/config | |
| - ${USERDIR}/docker/shared:/shared | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: ombi | |
| traefik.protocol: http | |
| traefik.port: 3579 | |
| traefik.frontend.rule: Host:ombi.${DOMAINNAME} | |
| # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /ombi | |
| traefik.frontend.headers.SSLHost: ombi.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| ######### SEARCHERS ########## | |
| # NZBHydra – NZB Meta Search | |
| hydra2: | |
| image: linuxserver/hydra2 | |
| container_name: hydra2 | |
| hostname: hydra2 | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:5076" | |
| volumes: | |
| - ${USERDIR}/docker/hydra2:/config | |
| - ${USERDIR}/Downloads:/downloads | |
| - ${USERDIR}/docker/shared:/shared | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: hydra2 | |
| traefik.protocol: http | |
| traefik.port: 5076 | |
| traefik.frontend.rule: Host:hydra2.${DOMAINNAME} | |
| # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /hydra2 | |
| traefik.frontend.headers.SSLHost: hydra2.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| # Jackett – Torrent Proxy | |
| jackett: | |
| image: linuxserver/jackett | |
| container_name: jackett | |
| hostname: jackett | |
| restart: unless-stopped | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:9117" | |
| volumes: | |
| - ${USERDIR}/docker/jackett:/config | |
| - ${USERDIR}/Downloads:/downloads | |
| - "/etc/localtime:/etc/localtime:ro" | |
| - ${USERDIR}/docker/shared:/shared | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| TZ: ${TZ} | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: jackett | |
| traefik.protocol: http | |
| traefik.port: 9117 | |
| traefik.frontend.rule: Host:jackett.${DOMAINNAME} | |
| # traefik.frontend.rule: Host:${DOMAINNAME}; PathPrefix: /jackett | |
| traefik.frontend.headers.SSLHost: jackett.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| ######### UTILITIES ########## | |
| # MariaDB – Database Server for your Apps | |
| mariadb: | |
| image: "linuxserver/mariadb" | |
| container_name: "mariadb" | |
| hostname: mariadb | |
| restart: always | |
| ports: | |
| - target: 3306 | |
| published: 3306 | |
| protocol: tcp | |
| mode: host | |
| environment: | |
| - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} | |
| - PUID=${PUID} | |
| - PGID=${PGID} | |
| - TZ=${TZ} | |
| volumes: | |
| - ${USERDIR}/docker/mariadb:/config | |
| # NextCloud – Your Own Cloud Storage | |
| nextcloud: | |
| image: linuxserver/nextcloud | |
| container_name: nextcloud | |
| hostname: nextcloud | |
| restart: always | |
| networks: | |
| - traefik_proxy | |
| # ports: | |
| # - "XXXX:443" | |
| environment: | |
| PUID: ${PUID} | |
| PGID: ${PGID} | |
| volumes: | |
| - ${USERDIR}/docker/nextcloud:/config | |
| - ${USERDIR}/shared_data:/data | |
| - ${USERDIR}/docker/shared:/shared | |
| labels: | |
| traefik.enable: "true" | |
| traefik.backend: nextcloud | |
| traefik.protocol: https | |
| traefik.port: 443 | |
| traefik.frontend.rule: Host:nextcloud.${DOMAINNAME} | |
| traefik.frontend.headers.SSLHost: nextcloud.${DOMAINNAME} | |
| traefik.docker.network: traefik_proxy | |
| traefik.frontend.passHostHeader: "true" | |
| traefik.frontend.headers.SSLForceHost: "true" | |
| traefik.frontend.headers.SSLRedirect: "true" | |
| traefik.frontend.headers.browserXSSFilter: "true" | |
| traefik.frontend.headers.contentTypeNosniff: "true" | |
| traefik.frontend.headers.forceSTSHeader: "true" | |
| traefik.frontend.headers.STSSeconds: 315360000 | |
| traefik.frontend.headers.STSIncludeSubdomains: "true" | |
| traefik.frontend.headers.STSPreload: "true" | |
| traefik.frontend.headers.customResponseHeaders: X-Robots-Tag:noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex | |
| traefik.frontend.headers.frameDeny: "true" | |
| traefik.frontend.headers.customFrameOptionsValue: 'allow-from https:${DOMAINNAME}' | |
| networks: | |
| traefik_proxy: | |
| external: | |
| name: traefik_proxy | |
| default: | |
| driver: bridge |