Permalink
Switch branches/tags
Nothing to show
Find file Copy path
1868fa8 Aug 31, 2018
1 contributor

Users who have contributed to this file

687 lines (656 sloc) 22.9 KB
#Reference: https://www.smarthomebeginner.com/traefik-reverse-proxy-tutorial-for-docker
#Requirement: Set environmental variables: ${$USERDIR}, ${PUID}, ${PGID}, ${TZ}, ${DOMAINNAME}, ${CLOUDFLARE_EMAIL}, ${CLOUDFLARE_API_KEY}, ${HTTP_USERNAME}, ${HTTP_PASSWORD}, etc. as explained in the reference.
version: "3.6"
services:
######### FRONTENDS ##########
# Traefik Reverse Proxy
traefik:
hostname: traefik
image: traefik:latest
container_name: traefik
restart: always
domainname: ${DOMAINNAME}
networks:
- default
- traefik_proxy
ports:
- "80:80"
- "443:443"
# - "XXXX:8080"
environment:
- CLOUDFLARE_EMAIL=${CLOUDFLARE_EMAIL}
- CLOUDFLARE_API_KEY=${CLOUDFLARE_API_KEY}
labels:
- "traefik.enable=true"
- "traefik.backend=traefik"
- "traefik.frontend.rule=Host:traefik.${DOMAINNAME}"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefixStrip: /traefik"
- "traefik.port=8080"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${USERDIR}/docker/traefik:/etc/traefik
- ${USERDIR}/docker/shared:/shared
#Portainer - WebUI for Containers
portainer:
image: portainer/portainer
container_name: portainer
restart: always
command: -H unix:///var/run/docker.sock
# ports:
# - "XXXX:9000"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ${USERDIR}/docker/portainer/data:/data
- ${USERDIR}/docker/shared:/shared
environment:
- TZ=${TZ}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=portainer"
- "traefik.frontend.rule=Host:portainer.${DOMAINNAME}"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefixStrip: /portainer"
- "traefik.port=9000"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
# Organizer - Unified HTPC/Home Server Web Interface
organizr:
container_name: organizr
restart: always
image: lsiocommunity/organizr
volumes:
- ${USERDIR}/docker/organizr:/config
- ${USERDIR}/docker/shared:/shared
# ports:
# - "XXXX:80"
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=organizr"
- "traefik.frontend.rule=Host:organizr.${DOMAINNAME}"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefixStrip: /organizr"
- "traefik.port=80"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
# phpMyAdmin - WebUI for MariaDB
phpmyadmin:
hostname: phpmyadmin
container_name: phpmyadmin
image: phpmyadmin/phpmyadmin
restart: always
links:
- mariadb:db
# ports:
# - XXXX:80
environment:
- PMA_HOST=mariadb
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
networks:
- traefik_proxy
- default
labels:
- "traefik.enable=true"
- "traefik.backend=pma"
- "traefik.frontend.rule=Host:pma.${DOMAINNAME}"
- "traefik.port=80"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
######### DOCKER RELATED ##########
# Watchtower - Automatic Update of Containers/Apps
watchtower:
container_name: watchtower
hostname: watchtower
restart: always
image: v2tec/watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock
command: --schedule "0 0 4 * * *" --cleanup
######### SMART HOME APPS ##########
# Home Assistant - Smart Home Hub
homeassistant:
container_name: homeassistant
restart: always
image: homeassistant/home-assistant
devices:
- /dev/ttyUSB0:/dev/ttyUSB0
- /dev/ttyUSB1:/dev/ttyUSB1
- /dev/ttyACM0:/dev/ttyACM0
volumes:
- ${USERDIR}/docker/homeassistant:/config
- /etc/localtime:/etc/localtime:ro
- ${USERDIR}/docker/shared:/shared
# ports:
# - "XXXX:8123"
privileged: true
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
networks:
- traefik_proxy
- default
labels:
- "traefik.enable=true"
- "traefik.backend=homeassistant"
- "traefik.frontend.rule=Host:hass.${DOMAINNAME}"
- "traefik.port=8123"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
######### DOWNLOADERS ##########
# Transmission with VPN – Bittorrent Downloader
transmission-vpn:
container_name: transmission-vpn
image: haugene/transmission-openvpn
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
restart: always
# ports:
# - "XXXX:9091"
dns:
- 1.1.1.1
- 1.0.0.1
volumes:
- /etc/localtime:/etc/localtime:ro
- ${USERDIR}/docker/transmission-vpn:/data
- ${USERDIR}/docker/shared:/shared
- ${USERDIR}/Downloads:/data/watch
- ${USERDIR}/Downloads/completed:/data/completed
- ${USERDIR}/Downloads/incomplete:/data/incomplete
environment:
- OPENVPN_PROVIDER=IPVANISH
- OPENVPN_USERNAME=ipvanish_username
- OPENVPN_PASSWORD=ipvanish_password
- OPENVPN_CONFIG="YYYYYYYYYYY"
- OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
- LOCAL_NETWORK=192.168.1.0/24
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
- TRANSMISSION_RPC_AUTHENTICATION_REQUIRED=true
- TRANSMISSION_RPC_HOST_WHITELIST="127.0.0.1,192.168.*.*"
- TRANSMISSION_RPC_PASSWORD=webui_password
- TRANSMISSION_RPC_USERNAME=webui_username
- TRANSMISSION_UMASK=002
- TRANSMISSION_RATIO_LIMIT=1.00
- TRANSMISSION_RATIO_LIMIT_ENABLED=true
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=transmission-vpn"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefix: /transmission"
- "traefik.frontend.rule=Host:transmission.${DOMAINNAME}"
- "traefik.port=9091"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
# qBittorrent without VPN – Bittorrent Downloader (Alternative)
qbittorrent:
image: "linuxserver/qbittorrent"
container_name: "qbittorrent"
volumes:
- ${USERDIR}/docker/qbittorrent:/config
- ${USERDIR}/Downloads/completed:/downloads
- ${USERDIR}/docker/shared:/shared
ports:
# - "XXXX:8080"
- "6881:6881"
- "6881:6881/udp"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
- UMASK_SET=002
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=qbittorrent"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefixStrip: /qbittorrent"
- "traefik.frontend.rule=Host:qbit.${DOMAINNAME}"
- "traefik.port=XXXX"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
# SABnzbd – Usenet (NZB) Downloader
sabnzbd:
image: "linuxserver/sabnzbd"
container_name: "sabnzbd"
volumes:
- ${USERDIR}/docker/sabnzbd:/config
- ${USERDIR}/Downloads/completed:/downloads
- ${USERDIR}/Downloads/incomplete:/incomplete-downloads
- ${USERDIR}/docker/shared:/shared
# ports:
# - "XXXX:8080"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=sabnzbd"
- "traefik.frontend.rule=Host:sabnzbd.${DOMAINNAME}"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefix: /sabnzbd"
- "traefik.port=8080"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
######### PERSONAL VIDEO RECORDERS ##########
# Radarr – Movie Download and Management
radarr:
image: "linuxserver/radarr"
container_name: "radarr"
volumes:
- ${USERDIR}/docker/radarr:/config
- ${USERDIR}/Downloads/completed:/downloads
- ${USERDIR}/media/movies:/movies
- "/etc/localtime:/etc/localtime:ro"
- ${USERDIR}/docker/shared:/shared
# ports:
# - "XXXX:7878"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=radarr"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefix: /radarr"
- "traefik.frontend.rule=Host:radarr.${DOMAINNAME}"
- "traefik.port=7878"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
# Sonarr – TV Show Download and Management
sonarr:
image: "linuxserver/sonarr"
container_name: "sonarr"
volumes:
- ${USERDIR}/docker/sonarr:/config
- ${USERDIR}/Downloads/completed:/downloads
- ${USERDIR}/media/tvshows:/tv
- "/etc/localtime:/etc/localtime:ro"
- ${USERDIR}/docker/shared:/shared
# ports:
# - "XXXX:8989"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=sonarr"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefix: /sonarr"
- "traefik.frontend.rule=Host:sonarr.${DOMAINNAME}"
- "traefik.port=8989"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
#LIDARR - Music Download and Management
lidarr:
image: "linuxserver/lidarr"
hostname: lidarr
container_name: "lidarr"
volumes:
- ${USERDIR}/docker/lidarr:/config
- ${USERDIR}/Downloads:/downloads
- ${USERDIR}/media/music:/music
- "/etc/localtime:/etc/localtime:ro"
- ${USERDIR}/docker/shared:/shared
# ports:
# - "XXXX:8686"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=lidarr"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefix: /lidarr"
- "traefik.frontend.rule=Host:lidarr.${DOMAINNAME}"
- "traefik.port=8686"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
######### MEDIA SERVER APPS ##########
# Plex Media Server
plexms:
container_name: plexms
restart: always
image: plexinc/pms-docker
volumes:
- ${USERDIR}/docker/plexms:/config
- ${USERDIR}/Downloads/plex_tmp:/transcode
- /media/media:/media
- ${USERDIR}/docker/shared:/shared
ports:
- "32400:32400/tcp"
- "3005:3005/tcp"
- "8324:8324/tcp"
- "32469:32469/tcp"
- "1900:1900/udp"
- "32410:32410/udp"
- "32412:32412/udp"
- "32413:32413/udp"
- "32414:32414/udp"
environment:
- TZ=${TZ}
- HOSTNAME="Docker Plex"
- PLEX_CLAIM="claim-YYYYYYYYY"
- PLEX_UID=${PUID}
- PLEX_GID=${PGID}
- ADVERTISE_IP="http://SERVER-IP:32400/"
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=plexms"
- "traefik.frontend.rule=Host:plex.${DOMAINNAME}"
- "traefik.port=32400"
- "traefik.protocol=http"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
# Tautulli (aka PlexPy) – Monitoring Plex Usage
tautulli:
container_name: tautulli
restart: always
image: linuxserver/tautulli
volumes:
- ${USERDIR}/docker/tautulli/config:/config
- ${USERDIR}/docker/tautulli/logs:/logs:ro
- ${USERDIR}/docker/shared:/shared
# ports:
# - "XXXX:8181"
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=tautulli"
- "traefik.frontend.rule=Host:tautulli.${DOMAINNAME}"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefix: /tautulli"
- "traefik.port=8181"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
# Ombi – Accept Requests for your Media Server
ombi:
container_name: ombi
restart: always
image: linuxserver/ombi
volumes:
- ${USERDIR}/docker/ombi:/config
- ${USERDIR}/docker/shared:/shared
# ports:
# - "XXXX:3579"
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=ombi"
- "traefik.frontend.rule=Host:ombi.${DOMAINNAME}"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefix: /ombi"
- "traefik.port=3579"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
######### SEARCHERS ##########
# NZBHydra – NZB Meta Search
hydra:
image: "linuxserver/hydra"
container_name: "hydra"
volumes:
- ${USERDIR}/docker/hydra:/config
- ${USERDIR}/Downloads:/downloads
- ${USERDIR}/docker/shared:/shared
# ports:
# - "XXXX:5075"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=hydra"
- "traefik.frontend.rule=Host:hydra.${DOMAINNAME}"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefix: /hydra"
- "traefik.port=5075"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
# Jackett – Torrent Proxy
jackett:
image: "linuxserver/jackett"
container_name: "jackett"
volumes:
- ${USERDIR}/docker/jackett:/config
- ${USERDIR}/Downloads/completed:/downloads
- "/etc/localtime:/etc/localtime:ro"
- ${USERDIR}/docker/shared:/shared
# ports:
# - "XXXX:9117"
restart: always
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=jackett"
- "traefik.frontend.rule=Host:jackett.${DOMAINNAME}"
# - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefix: /jackett"
- "traefik.port=9117"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
######### UTILITIES ##########
# MariaDB – Database Server for your Apps
mariadb:
image: "linuxserver/mariadb"
container_name: "mariadb"
hostname: mariadb
volumes:
- ${USERDIR}/docker/mariadb:/config
ports:
- target: 3306
published: 3306
protocol: tcp
mode: host
restart: always
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
# NextCloud – Your Own Cloud Storage
nextcloud:
container_name: nextcloud
restart: always
image: linuxserver/nextcloud
volumes:
- ${USERDIR}/docker/nextcloud:/config
- ${USERDIR}/shared_data:/data
- ${USERDIR}/docker/shared:/shared
# ports:
# - "XXXX:443"
environment:
- PUID=${PUID}
- PGID=${PGID}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=nextcloud"
- "traefik.frontend.rule=Host:nextcloud.${DOMAINNAME}"
- "traefik.port=443"
- "traefik.protocol=https"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=example.com"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
networks:
traefik_proxy:
external:
name: traefik_proxy
default:
driver: bridge