├── .env.example ├── BASH-ALIASES.md ├── CHANGELOG.md ├── README.md ├── assets ├── adguard-home.png ├── adguardhomesync.png ├── airsonic.png ├── authelia.png ├── bazarr-light.png ├── bazarr.png ├── cloudfare-bouncer.png ├── crowdsec.png ├── ddns-updater.png ├── docker-gc.png ├── docker-moby.png ├── docker.png ├── dockge-light.png ├── dockge.png ├── dozzle.png ├── firefly.png ├── firefox.png ├── gitea.png ├── glances.png ├── gluetun.png ├── grafana.png ├── guacamole-light.png ├── guacamole.png ├── homepage.png ├── influxdb.png ├── it-tools-light.png ├── it-tools.png ├── jackett-light.png ├── jackett.png ├── jdownloader.png ├── jdownloader2.png ├── jellyfin.png ├── kaizoku.png ├── kapowarr.png ├── kasm-workspaces.png ├── kasm.png ├── kavita.png ├── komga.png ├── lazylibrarian.png ├── lidarr.png ├── loki.png ├── makemkv.png ├── mango.png ├── mariadb.png ├── medusa.png ├── minio-light.png ├── minio.png ├── mkvtoolnix.png ├── mylar.png ├── netdata.png ├── nextcloud-blue.png ├── nextcloud.png ├── nginx.png ├── notifiarr.png ├── nzbget.png ├── ombi.png ├── organizr.png ├── overseerr.png ├── phpmyadmin.png ├── pi-hole.png ├── picard.svg ├── plex-alt-light.png ├── plex-alt.png ├── plex.png ├── portainer-alt.png ├── portainer.png ├── prometheus.png ├── prowlarr.png ├── proxmox-light.png ├── proxmox.png ├── qbittorrent.png ├── qdirstat.png ├── radarr-light.png ├── radarr.png ├── rclone.png ├── readarr.png ├── redis.png ├── requestrr.png ├── sabnzbd-alt.png ├── sabnzbd.png ├── scrutiny-light.png ├── scrutiny.png ├── selfhosted-light.png ├── selfhosted.png ├── sonarr.png ├── statping-ng.png ├── statping.png ├── syncthing.png ├── tachidesk.png ├── tautulli.png ├── tdarr.png ├── telegraf.png ├── thelounge.png ├── traefik.png ├── transmission.png ├── trash-guides.png ├── tube-archivist-light.png ├── tube-archivist.png ├── ubooquity.png ├── unbound.png ├── uptime-kuma.png ├── vaultwarden-light.png ├── vaultwarden.png ├── vscode.png ├── watchtower.png ├── webtop.png ├── wireguard.png ├── xteve.png ├── yacht-light.png ├── yacht.png ├── zabbix.png ├── zerotier.png └── zigbee2mqtt.png ├── compose ├── README.md ├── adguardhome-sync.yml ├── adguardhome.yml ├── airsonic-advanced.yml ├── authelia.yml ├── autoindex.yml ├── bazarr.yml ├── certdumper.yml ├── cloudflare-bouncer.yml ├── crowdsec.yml ├── ddns-updater.yml ├── deunhealth.yml ├── docker-gc.yml ├── dockge.yml ├── dozzle.yml ├── firefly.yml ├── firefox.yml ├── glances.yml ├── gluetun.yml ├── grafana.yml ├── guacamole.yml ├── homepage.yml ├── influxdb.yml ├── it-tools.yml ├── jdownloader.yml ├── jellyfin.yml ├── kaizoku.yml ├── kasm.yml ├── kavita.yml ├── komga.yml ├── lidarr-exporter.yml ├── lidarr.yml ├── makemkv.yml ├── mango.yml ├── mariadb.yml ├── mergerfs.yml ├── mkvtoolnix.yml ├── nginx.yml ├── node-exporter.yml ├── notifiarr.yml ├── oauth.yml ├── php7.yml ├── phpmyadmin.yml ├── picard.yml ├── plex-image-cleanup.yml ├── plex-meta-manager.yml ├── plex-sync.yml ├── plex.yml ├── portainer.yml ├── prometheus.yml ├── prowlarr-exporter.yml ├── prowlarr.yml ├── qbittorrent.yml ├── qdirstat.yml ├── radarr-exporter.yml ├── radarr.yml ├── rclone-gcrypt.yml ├── rclone-gdrive.yml ├── redis.yml ├── sabnzbd-exporter.yml ├── sabnzbd.yml ├── scrutiny.yml ├── sitespeed.yml ├── socket-proxy.yml ├── sonarr-exporter.yml ├── sonarr.yml ├── syncthing.yml ├── tachidesk.yml ├── tautulli.yml ├── tdarr.yml ├── traefik-bouncer.yml ├── traefik.yml ├── unbound.yml ├── uptime-kuma.yml ├── vscode.yml ├── wg-easy.yml ├── whoami.yml └── zerotier.yml ├── configs ├── docker-gc │ └── docker-gc-exclude ├── homepage │ ├── docker-configs │ │ ├── bookmarks.yaml │ │ ├── services.yaml │ │ ├── settings.yaml │ │ └── widgets.yaml │ └── kubernetes-configs │ │ ├── config.yaml │ │ ├── deployment.yaml │ │ └── secret.yaml └── qbittorrent │ └── qbittorrent.conf ├── master-compose.yml └── scripts ├── bash_aliases ├── bash_aliases.env.example ├── config.env ├── functions.sh ├── os-prep.sh └── udms.sh /.env.example: -------------------------------------------------------------------------------- 1 | #### Comment out or delete any unused entries 2 | 3 | #### EXAMPLE 4 | # DO NOT USE QUOTES TO ENCLOSE THE VALUES 5 | # EXAMPLE_VARIABLE=true 6 | # EXAMPLE_PORT=1234 7 | # EXAMPLE_PASSWORD=kdos9lsk@1l1! 8 | # EXAMPLE_EMAIL=myemail@domain.com 9 | # EXAMPLE_IP=123.123.123.123 10 | 11 | #### BELOW ARE SOME OF THE VARIABLES USED IN docker-compose.yml 12 | 13 | ##### SYSTEM 14 | 15 | # PUID= 16 | # PGID= 17 | # TZ= 18 | # USERDIR=/home/username 19 | # DOCKERDIR=/home/username/docker 20 | # SECRETSDIR=/home/username/docker/secrets 21 | # SERVER_IP= 22 | # PIHOLE_IP= 23 | # LOCAL_NETWORK= 24 | LOCAL_IPS=127.0.0.1/32,10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 25 | 26 | ##### PLEX 27 | 28 | # PLEX_CLAIM= 29 | # SYN_PLEX=ACCESS-TOKEN@PLEX_SERVER_IP 30 | # NUC_PLEX=ACCESS-TOKEN@PLEX_SERVER_IP 31 | # Plex libraries section id. Remember to change the numbers below to reflect your library. Add more as needed. 32 | # ALWAYS DO A DRY RUN TO VERIFY BEFORE SYNCING 33 | # SYN_PLEX_HOLLYWOOD=1 34 | # NUC_PLEX_HOLLYWOOD=2 35 | # SYN_PLEX_TVSHOWS=2 36 | # NUC_PLEX_TVSHOWS=16 37 | 38 | ##### PORTS 39 | 40 | # APCUPSD_PORT= 41 | # BAZARR_PORT= 42 | # EMBY_PORT= 43 | # GUACAMOLE_PORT= 44 | # HA_DOCKERMON_PORT= 45 | # HEIMDALL_PORT= 46 | # INFLUXDB_PORT= 47 | # IPVANISH_PROXY_PORT= 48 | # IPVANISH_REMOTE_SERVER= 49 | # JACKETT_PORT= 50 | # JDOWNLOADER_PORT= 51 | # LIDARR_PORT= 52 | # MOSQUITTO_HTTP_PORT= 53 | # MOSQUITTO_HTTPS_PORT= 54 | # NZBHYDRA_PORT= 55 | # ORGANIZER_PORT= 56 | # PHPMYADMIN_PORT= 57 | # PLEX_PORT= 58 | # PLEX_WEB_TOOLS_PORT= 59 | # QBITTORRENT_PORT= 60 | # RADARR_PORT= #If you change radarr port then update plex meta agent 61 | # SABNZBD_PORT= 62 | # SONARR_PORT= #If you change sonarr port then update plex meta agent 63 | # TAUTULLI_PORT= 64 | # TRANSMISSION_PORT= 65 | # ZONEMINDER_HTTP_PORT= 66 | # ZONEMINDER_HTTPS_PORT= 67 | 68 | 69 | 70 | ##### DOMAIN 71 | 72 | # DOMAINNAME= 73 | # CLOUDFLARE_EMAIL= 74 | # CLOUDFLARE_API_KEY= 75 | # CLOUDFLARE_API_TOKEN= 76 | # CLOUDFLARE_ZONEID= 77 | # DUCKDNS_TOKEN= 78 | # CLOUDFLARE_IPS=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/13,104.24.0.0/14,172.64.0.0/13,131.0.72.0/22 79 | 80 | ##### DATABASE 81 | 82 | # DB_HOST= 83 | # DB_PORT= 84 | # MYSQL_ROOT_PASSWORD= 85 | 86 | ##### SECURITY AND PRIVACY 87 | 88 | # IPVANISH_USERNAME= 89 | # IPVANISH_PASSWORD= 90 | # HTTP_USERNAME= 91 | # HTTP_PASSWORD= 92 | # GOOGLE_CLIENT_ID= 93 | # GOOGLE_CLIENT_SECRET= 94 | # OAUTH_SECRET= 95 | # LIDARR_API_KEY= 96 | # RADARR_API_KEY= 97 | # SONARR_API_KEY= 98 | # SABNZBD_API_KEY= 99 | 100 | ##### NOTIFICATIONS 101 | 102 | # TGRAM_BOT_TOKEN= 103 | # TGRAM_CHAT_ID= 104 | # MY_EMAIL= 105 | 106 | ##### APPS 107 | 108 | # JDOWN_VNC_PASSWD= 109 | # HANDBRAKE_VNC_PASSWD= 110 | # FIREFOX_VNC_PASSWD= 111 | # FILEBOT_VNC_PASSWD= 112 | # QDIRSTAT_VNC_PASSWD= 113 | # MKVTOOLNIX_VNC_PASSWD= 114 | # MAKEMKV_VNC_PASSWD= 115 | # GUAC_MYSQL_USER= 116 | # GUAC_MYSQL_PASSWORD= 117 | # TRANSMISSION_RPC_PASSWORD= 118 | # TRANSMISSION_RPC_USERNAME= 119 | # PIHOLE_WEBPASSWORD= 120 | 121 | # HOME PAGE 122 | # HOMEPAGE_VAR_PIHOLE_API_KEY_1= 123 | # HOMEPAGE_VAR_PIHOLE_API_KEY_2= 124 | # HOMEPAGE_VAR_PIHOLE_API_KEY_3= 125 | 126 | # HOMEPAGE_VAR_PIHOLE_URL_1= 127 | # HOMEPAGE_VAR_PIHOLE_URL_2= 128 | # HOMEPAGE_VAR_PIHOLE_URL_3= 129 | 130 | # HOMEPAGE_VAR_PLEX_URL= 131 | # HOMEPAGE_VAR_PLEX_API_TOKEN= 132 | 133 | # HOMEPAGE_VAR_TAUTULLI_URL= 134 | # HOMEPAGE_VAR_TAUTULLI_API_KEY= 135 | 136 | # HOMEPAGE_VAR_HDHOMERUN_URL= 137 | 138 | # HOMEPAGE_VAR_HOME_ASSISTANT_URL= 139 | # HOMEPAGE_VAR_HOME_ASSISTANT_API_KEY= 140 | 141 | # HOMEPAGE_VAR_TRUENAS_URL= 142 | # HOMEPAGE_VAR_TRUENAS_API_KEY= 143 | 144 | # HOMEPAGE_VAR_UNIFI_NETWORK_URL= 145 | # HOMEPAGE_VAR_UNIFI_NETWORK_USERNAME= 146 | # HOMEPAGE_VAR_UNIFI_NETWORK_PASSWORD= 147 | 148 | # HOMEPAGE_VAR_UNIFI_PROTECT_URL= 149 | 150 | # HOMEPAGE_VAR_UPTIME_KUMA_URL= 151 | 152 | # HOMEPAGE_VAR_MINIO_URL= 153 | 154 | # HOMEPAGE_VAR_RACNHER_URL= 155 | 156 | # HOMEPAGE_VAR_LONGHORN_URL= 157 | 158 | # HOMEPAGE_VAR_PORTAINER_URL= 159 | # HOMEPAGE_VAR_PORTAINER_API_KEY= 160 | 161 | # HOMEPAGE_VAR_PROXMOX_URL= 162 | # HOMEPAGE_VAR_PROXMOX_USER= 163 | # HOMEPAGE_VAR_PROXMOX_API_KEY= 164 | 165 | # HOMEPAGE_VAR_UPTIME_ROBOT_API_KEY= 166 | 167 | # HOMEPAGE_VAR_SCRYPTED_URL= 168 | 169 | # HOMEPAGE_VAR_PIKVM_URL= 170 | 171 | # HOMEPAGE_VAR_NETBOOT_URL= 172 | 173 | # HOMEPAGE_VAR_BROADLINK_CONTROL_URL= 174 | 175 | # HOMEPAGE_VAR_IPMI_1_URL= 176 | # HOMEPAGE_VAR_IPMI_2_URL= 177 | 178 | # HOMEPAGE_VAR_UPS_1_URL= 179 | # HOMEPAGE_VAR_UPS_2_URL= 180 | 181 | # HOMEPAGE_VAR_SHLINK_URL= 182 | -------------------------------------------------------------------------------- /BASH-ALIASES.md: -------------------------------------------------------------------------------- 1 | # Bash Aliases & Shortcuts 2 | 3 | ## **Table of Contents** 4 | 5 | 1. [Docker Aliases](#docker-aliases) 6 | 2. [Docker Compose Aliases](#docker-compose-aliases) 7 | 3. [Docker Compose Profile Aliases](#docker-compose-profile-aliases) 8 | 4. [CrowdSec Aliases](#crowdsec-aliases) 9 | 5. [Web Stack Aliases](#web-stack-aliases) 10 | 6. [Docker Traefik 1 Swarm Aliases](#docker-traefik-1-swarm-aliases) 11 | 7. [File Compression Aliases](#file-compression-aliases) 12 | 8. [File Navigation Aliases](#file-navigation-aliases) 13 | 9. [Sync and Copy Aliases](#sync-and-copy-aliases) 14 | 10. [Search and Find Aliases](#search-and-find-aliases) 15 | 11. [Trash Aliases](#trash-aliases) 16 | 12. [File Size and Storage Aliases](#file-size-and-storage-aliases) 17 | 13. [Bash Aliases](#bash-aliases) 18 | 14. [Git and Site Management Aliases](#git-and-site-management-aliases) 19 | 15. [Mail Server Testing Aliases](#mail-server-testing-aliases) 20 | 16. [UFW Firewall Aliases](#ufw-firewall-aliases) 21 | 17. [Systemd Start, Stop, and Restart Aliases](#systemd-start-stop-and-restart-aliases) 22 | 18. [Installation and Upgrade Aliases](#installation-and-upgrade-aliases) 23 | 19. [Cleaning Aliases](#cleaning-aliases) 24 | 20. [Shutdown and Restart Aliases](#shutdown-and-restart-aliases) 25 | 21. [Networking Aliases](#networking-aliases) 26 | 22. [Synology DSM Commands](#synology-dsm-commands) 27 | 23. [Miscellaneous Aliases](#miscellaneous-aliases) 28 | 24. [System Monitoring Aliases](#system-monitoring-aliases) 29 | 25. [Rclone Aliases](#rclone-aliases) 30 | 26. [YouTube-DLP Aliases](#youtube-dlp-aliases) 31 | 27. [Auto-Traefik Aliases](#auto-traefik-aliases) 32 | 28. [Pi-Hole Aliases](#pi-hole-aliases) 33 | 29. [VNC Aliases](#vnc-aliases) 34 | 35 | --- 36 | 37 | ## Setup 38 | 39 | **Fill in the environment variables in the bash aliases file**: 40 | 41 | The script already copies the `bash_aliases.env.example` file to `$SHARED/config/bash_aliases.env`. You just need to fill in the environment variables in `$SHARED/config/bash_aliases.env`. 42 | 43 | ```bash 44 | nano $SHARED/config/bash_aliases.env 45 | ``` 46 | 47 | --- 48 | 49 | ## Docker Aliases 50 | 51 | - `dstop`: Stops a running Docker container. 52 | 53 | - **Usage**: 54 | 55 | ```bash 56 | dstop my_container 57 | ``` 58 | 59 | - `dstopall`: Stops all running Docker containers. 60 | 61 | - `drm`: Removes a stopped Docker container. 62 | 63 | - **Usage**: 64 | 65 | ```bash 66 | drm container_name 67 | ``` 68 | 69 | - `dprunevol`: Removes unused Docker volumes. 70 | 71 | - `dprunesys`: Removes all unused Docker data (volumes, networks, images). 72 | 73 | - `ddelimages`: Deletes all unused Docker images. 74 | 75 | - `derase`: Stops, removes containers, and prunes the system (Deletes everything!). 76 | 77 | - `dprune`: Safely cleans up Docker (unused images, volumes, and system). 78 | 79 | - `dexec`: Executes a command inside a running container (interactive mode). 80 | 81 | - **Example**: 82 | 83 | ```bash 84 | dexec my_container /bin/bash 85 | ``` 86 | 87 | - `dps`: Shows all Docker processes. 88 | 89 | - `dpss`: Shows Docker processes in a formatted table. 90 | 91 | - `ddf`: Shows Docker data usage. 92 | 93 | - `dlogs`: Shows the latest 50 logs of a container. 94 | 95 | - **Usage**: 96 | 97 | ```bash 98 | dlogs container_name 99 | ``` 100 | 101 | - `dlogsize`: Displays the size of Docker container logs. 102 | 103 | - `dips`: Shows IP addresses of Docker containers. 104 | 105 | - `dp600`: Locks down the permissions for `$SECRETS` and `$ENV_FILE`. 106 | 107 | - `dp777`: Opens permissions for `$SECRETS` and `$ENV_FILE` for editing. 108 | 109 | --- 110 | 111 | ### **Docker Compose Aliases** 112 | 113 | - `dcrun`: Runs Docker Compose with the appropriate file. 114 | 115 | - `dclogs`: Displays the logs for Docker Compose containers. 116 | 117 | - `dcup`: Starts Docker Compose services and builds missing images. 118 | 119 | - `dcdown`: Stops and removes Docker Compose services. 120 | 121 | - `dcrec`: Recreates Docker Compose containers. 122 | 123 | - **Usage**: 124 | 125 | ```bash 126 | dcrec container_name 127 | ``` 128 | 129 | - `dcstop`: Stops Docker Compose services. 130 | 131 | - `dcrestart`: Restarts Docker Compose services. 132 | 133 | - `dcstart`: Starts stopped Docker Compose services. 134 | 135 | - `dcpull`: Pulls the latest images for services defined in Docker Compose. 136 | 137 | --- 138 | 139 | ### **Docker Compose Profile Aliases** 140 | 141 | #### **Manage "core" services** as defined by profiles in Docker Compose: 142 | 143 | - `startcore`: Starts the "core" services. 144 | 145 | - `createcore`: Builds and starts "core" services (removing orphaned containers). 146 | 147 | - `stopcore`: Stops the "core" services. 148 | 149 | #### **Manage "media" services** as defined by profiles in Docker Compose: 150 | 151 | - `stopmedia`: Stops the "media" services. 152 | 153 | - `createmedia`: Builds and starts "media" services (removing orphaned containers). 154 | 155 | - `startmedia`: Starts the "media" services. 156 | 157 | #### **Manage "downloads" services** as defined by profiles in Docker Compose: 158 | 159 | - `stopdownloads`: Stops the "downloads" services. 160 | 161 | - `createdownloads`: Builds and starts "downloads" services (removing orphaned containers). 162 | 163 | - `startdownloads`: Starts the "downloads" services. 164 | 165 | #### **Manage Starr apps** as defined by profiles in Docker Compose: 166 | 167 | - `stoparrs`: Stops the Starr apps services. 168 | 169 | - `createarrs`: Builds and starts the Starr apps services (removing orphaned containers). 170 | 171 | - `startarrs`: Starts the Starr apps services. 172 | 173 | #### **Manage "dbs" (database) services** as defined by profiles in Docker Compose: 174 | 175 | - `stopdbs`: Stops the database services. 176 | 177 | - `createdbs`: Builds and starts the database services (removing orphaned containers). 178 | 179 | - `startdbs`: Starts the database services. 180 | 181 | --- 182 | 183 | ### **CrowdSec Aliases** 184 | 185 | - `cscli`: Executes CrowdSec CLI commands. 186 | 187 | - `csdecisions`: Lists current CrowdSec decisions. 188 | 189 | - `csalerts`: Displays CrowdSec alerts. 190 | 191 | - `csinspect`: Inspect CrowdSec alerts in detail. 192 | 193 | - `cshubs`: Lists available CrowdSec hub resources. 194 | 195 | - `csparsers`: Lists available CrowdSec parsers. 196 | 197 | - `cscollections`: Lists CrowdSec collections. 198 | 199 | - `cshubupdate`: Updates CrowdSec hub resources. 200 | 201 | - `cshubupgrade`: Upgrades CrowdSec hub resources. 202 | 203 | - `csmetrics`: Displays CrowdSec metrics. 204 | 205 | - `csmachines`: Lists CrowdSec registered machines. 206 | 207 | - `csbouncers`: Lists CrowdSec registered bouncers. 208 | 209 | - `csfbstatus`: Shows the status of the CrowdSec firewall bouncer service. 210 | 211 | - `csfbstart`: Starts the CrowdSec firewall bouncer service. 212 | 213 | - `csfbstop`: Stops the CrowdSec firewall bouncer service. 214 | 215 | - `csfbrestart`: Restarts the CrowdSec firewall bouncer service. 216 | 217 | - `tailkern`: Tails the kernel log file. 218 | 219 | - `tailauth`: Tails the authentication log file. 220 | 221 | - `tailcsfb`: Tails the CrowdSec firewall bouncer log file. 222 | 223 | - `csbrestart`: Restarts both Traefik bouncer and CrowdSec firewall bouncer. 224 | 225 | --- 226 | 227 | ### **Web Stack Aliases** 228 | 229 | - `webrs`: Recreates the web stack services (PHP 7, Redis, Nginx). 230 | 231 | --- 232 | 233 | ### **Docker Traefik 1 Swarm Aliases** 234 | 235 | - `dslogs`: Shows the logs of the Docker service in real-time, tailing the last 50 entries. 236 | 237 | - `dsps`: Displays the processes running in the `zstack` Docker Swarm stack. 238 | 239 | - `dsse`: Lists the services in the `zstack` Docker Swarm stack. 240 | 241 | - `dsls`: Lists all Docker Swarm stacks. 242 | 243 | - `dsrm`: Removes a Docker Swarm stack. 244 | 245 | - **Usage**: 246 | 247 | ```bash 248 | dsrm stack_name 249 | ``` 250 | 251 | - `dsup`: Deploys the `zstack` Docker Swarm stack using the specified Compose file. 252 | 253 | - `dshelp`: Displays a quick list of all Docker Swarm-related commands. 254 | 255 | --- 256 | 257 | ### **File Compression Aliases** 258 | 259 | - `untargz`: Extracts a `.tar.gz` file. 260 | 261 | - **Usage**: 262 | 263 | ```bash 264 | untargz archive.tar.gz 265 | ``` 266 | 267 | - `untarbz`: Extracts a `.tar.bz` file. 268 | 269 | - **Usage**: 270 | 271 | ```bash 272 | untarbz archive.tar.bz 273 | ``` 274 | 275 | - `lstargz`: Lists contents of a `.tar.gz` archive. 276 | 277 | - **Usage**: 278 | 279 | ```bash 280 | lstargz archive.tar.gz 281 | ``` 282 | 283 | - `lstarbz`: Lists contents of a `.tar.bz` archive. 284 | 285 | - **Usage**: 286 | 287 | ```bash 288 | lstarbz archive.tar.bz 289 | ``` 290 | 291 | - `targz`: Compresses files into a `.tar.gz` archive. 292 | 293 | - **Usage**: 294 | 295 | ```bash 296 | targz archive_name.tar.gz directory_or_file 297 | ``` 298 | 299 | - `tarbz`: Compresses files into a `.tar.bz` archive. 300 | 301 | - **Usage**: 302 | 303 | ```bash 304 | tarbz archive_name.tar.bz directory_or_file 305 | ``` 306 | 307 | --- 308 | 309 | ### **File Navigation Aliases** 310 | 311 | - `cd..`: Moves up one directory. 312 | 313 | - `..`: Moves up one directory (alternative shortcut). 314 | 315 | - `...`: Moves up two directories. 316 | 317 | - `.3`: Moves up three directories. 318 | 319 | - `.4`: Moves up four directories. 320 | 321 | - `.5`: Moves up five directories. 322 | 323 | --- 324 | 325 | ### **Sync and Copy Aliases** 326 | 327 | - `scp`: Copies files and directories recursively using `scp`. 328 | 329 | - **Usage**: 330 | 331 | ```bash 332 | scp source destination 333 | ``` 334 | 335 | - `rsynce`: Executes `rsync` with progress, force, delete, and an exclude list. 336 | 337 | - **Usage**: 338 | 339 | ```bash 340 | rsynce source destination 341 | ``` 342 | 343 | - `rsyncne`: Executes `rsync` with progress, force, and delete. 344 | 345 | - **Usage**: 346 | 347 | ```bash 348 | rsyncne source destination 349 | ``` 350 | 351 | - `cpn`: Native copy with verbose output. 352 | 353 | - **Usage**: 354 | 355 | ```bash 356 | cpn source destination 357 | ``` 358 | 359 | - `cp`: Copies files using `rsync` with progress. 360 | 361 | - **Usage**: 362 | 363 | ```bash 364 | cp source destination 365 | ``` 366 | 367 | - `mv`: Moves files using `rsync` and removes the source files. 368 | 369 | - **Usage**: 370 | 371 | ```bash 372 | mv source destination 373 | ``` 374 | 375 | - `mvn`: Native move with verbose output. 376 | 377 | - **Usage**: 378 | 379 | ```bash 380 | mvn source destination 381 | ``` 382 | 383 | --- 384 | 385 | ### **Search and Find Aliases** 386 | 387 | - `gh`: Searches your Bash history using `grep`. 388 | 389 | - **Usage**: 390 | 391 | ```bash 392 | gh keyword 393 | ``` 394 | 395 | - `findr`: Finds files or directories by name. 396 | 397 | - **Usage**: 398 | 399 | ```bash 400 | findr filename 401 | ``` 402 | 403 | - `grep`, `egrep`, `fgrep`: Grep commands with color-enabled output. 404 | 405 | - **Usage**: 406 | 407 | ```bash 408 | grep pattern file 409 | egrep pattern file 410 | fgrep pattern file 411 | ``` 412 | 413 | --- 414 | 415 | ### **Trash Aliases (Using trash-cli)** 416 | 417 | - `rm`: Moves files to trash instead of permanently deleting. 418 | 419 | - **Usage**: 420 | 421 | ```bash 422 | rm file 423 | ``` 424 | 425 | - `rmv`: Deletes files with verbose output. 426 | 427 | - **Usage**: 428 | 429 | ```bash 430 | rmv file 431 | ``` 432 | 433 | - `tempty`: Empties the trash. 434 | 435 | - `tlist`: Lists items in the trash. 436 | 437 | - `srmt`: Deletes files with sudo privileges using trash. 438 | 439 | - **Usage**: 440 | 441 | ```bash 442 | srmt file 443 | ``` 444 | 445 | --- 446 | 447 | ### **File Size and Storage Aliases** 448 | 449 | - `fdisk`: Lists disk partitions and sizes. 450 | 451 | - `uuid`: Retrieves the UUID of a volume. 452 | 453 | - **Usage**: 454 | 455 | ```bash 456 | uuid /dev/sda1 457 | ``` 458 | 459 | - `ls`: Lists directory contents with color and sorting directories first. 460 | 461 | - `ll`: Lists all files in a detailed format with human-readable file sizes. 462 | 463 | - `lt`: Lists files sorted by size. 464 | 465 | - `lsr`: Lists files sorted by recently modified. 466 | 467 | - `mnt`: Lists mounted drives. 468 | 469 | - `dirsize`: Shows the size of directories. 470 | 471 | - `dirusage`: Shows the disk usage of the current directory. 472 | 473 | - `diskusage`: Shows total disk usage. 474 | 475 | - `partusage`: Shows partition usages excluding temporary memory. 476 | 477 | - `usage10`: Shows the top 10 items using the most space in the current directory. 478 | 479 | --- 480 | 481 | ### **Bash Aliases** 482 | 483 | - `baupdate`: Reloads your Bash configuration. 484 | 485 | - `baedit`: Opens your Bash aliases file for editing. 486 | 487 | - `bacopy`: Copies your Bash aliases to the root directory. 488 | 489 | - `baget`: Downloads the latest Bash aliases from the internet. 490 | 491 | --- 492 | 493 | ### **Git and Site Management Aliases** 494 | 495 | - `gcpush`: Pushes changes to the Docker-Traefik repository. 496 | 497 | - **Usage**: 498 | 499 | ```bash 500 | gcpush ../commits/date.txt 501 | ``` 502 | 503 | - `gpush`: Pushes changes to your Git repository. 504 | 505 | - `ggraph`: Displays a visual Git log graph. 506 | 507 | --- 508 | 509 | ### **Mail Server Testing Aliases** 510 | 511 | - `nullsend`: Sends a null mail to trigger the mail server. 512 | 513 | - `tmail1`: Sends a test email from `tmail1`. 514 | 515 | - `tmail2`: Sends a test email from `tmail2` with a provided email address. 516 | 517 | - **Usage**: 518 | 519 | ```bash 520 | tmail2 email@example.com 521 | ``` 522 | 523 | --- 524 | 525 | ### **UFW Firewall Aliases** 526 | 527 | - `ufwenable`: Enables the UFW firewall. 528 | 529 | - `ufwdisable`: Disables the UFW firewall. 530 | 531 | - `ufwallow`: Allows a service or port through the firewall. 532 | 533 | - **Usage**: 534 | 535 | ```bash 536 | ufwallow service_name_or_port 537 | ``` 538 | 539 | - `ufwlimit`: Limits access to a service or port. 540 | 541 | - **Usage**: 542 | 543 | ```bash 544 | ufwlimit service_name_or_port 545 | ``` 546 | 547 | - `ufwlist`: Lists firewall rules with numbered entries. 548 | 549 | - `ufwdelete`: Deletes a firewall rule. 550 | 551 | - **Usage**: 552 | 553 | ```bash 554 | ufwdelete rule_number 555 | ``` 556 | 557 | - `ufwreload`: Reloads the firewall settings. 558 | 559 | --- 560 | 561 | ### **Systemd Start, Stop, and Restart Aliases** 562 | 563 | 1. **Systemctl Aliases**: 564 | 565 | - `ctlreload`: Reloads systemd daemon. 566 | - `ctlstart`: Starts a systemd service. 567 | - `ctlstop`: Stops a systemd service. 568 | - `ctlrestart`: Restarts a systemd service. 569 | - `ctlstatus`: Shows the status of a systemd service. 570 | - `ctlenable`: Enables a systemd service at boot. 571 | - `ctldisable`: Disables a systemd service at boot. 572 | - `ctlactive`: Checks if a systemd service is active. 573 | 574 | - **Usage**: 575 | 576 | ```bash 577 | ctlstart service_name 578 | ctlstop service_name 579 | ``` 580 | 581 | 2. **Service-specific Aliases**: 582 | 583 | - ShellInABox service management: 584 | 585 | - `shellstart`, `shellstop`, `shellrestart`, `shellstatus` 586 | 587 | - SSH service management: 588 | 589 | - `sshstart`, `sshstop`, `sshrestart`, `sshstatus` 590 | 591 | - UFW firewall management: 592 | 593 | - `ufwstart`, `ufwstop`, `ufwrestart`, `ufwstatus` 594 | 595 | - Webmin management: 596 | 597 | - `webminstart`, `webminstop`, `webminrestart`, `webminstatus` 598 | 599 | - Samba service management: 600 | 601 | - `sambastart`, `sambastop`, `sambarestart`, `sambastatus` 602 | 603 | - NFS service management: 604 | - `nfsstart`, `nfsstop`, `nfsrestart`, `nfsstatus` 605 | - `nfsreload`: Reloads NFS exports. 606 | 607 | --- 608 | 609 | ### **Installation and Upgrade Aliases** 610 | 611 | - `update`: Runs `apt-get update`. 612 | - `upgrade`: Updates and upgrades packages. 613 | - `install`: Installs packages. 614 | - `finstall`: Fixes broken package installations. 615 | - `rinstall`: Reinstalls packages. 616 | - `uninstall`: Removes packages. 617 | - `search`: Searches for packages. 618 | - `addkey`: Adds a GPG key to the system. 619 | 620 | - **Usage**: 621 | 622 | ```bash 623 | update 624 | install package_name 625 | ``` 626 | 627 | --- 628 | 629 | ### **Cleaning Aliases** 630 | 631 | - `clean`: Cleans the package cache. 632 | - `remove`: Removes unused packages. 633 | - `purge`: Purges packages. 634 | - `deborphan`: Removes orphaned packages. 635 | - `cleanall`: Runs all cleaning commands. 636 | 637 | - **Usage**: 638 | 639 | ```bash 640 | cleanall 641 | ``` 642 | 643 | --- 644 | 645 | ### **Shutdown and Restart Aliases** 646 | 647 | - `shutdown`: Shuts down the system immediately. 648 | - `reboot`: Reboots the system. 649 | 650 | - **Usage**: 651 | 652 | ```bash 653 | shutdown 654 | reboot 655 | ``` 656 | 657 | --- 658 | 659 | ### **Networking Aliases** 660 | 661 | - `portsused`: Displays used ports. 662 | - `showports`: Shows listening ports using `netstat`. 663 | - `showlistening`: Displays active listening services using `lsof`. 664 | - `ping`: Pings a host 5 times. 665 | - `ipe`: Displays the external IP. 666 | - `ipi`: Displays the internal IP. 667 | - `header`: Fetches web server headers. 668 | 669 | - **Usage**: 670 | 671 | ```bash 672 | portsused 673 | ping example.com 674 | ``` 675 | 676 | --- 677 | 678 | ### **Synology DSM Commands** 679 | 680 | - `servicelist`: Lists services (DSM 6 only). 681 | - `servicestatus`, `servicestop`, `servicestart`, `servicerestart`: Manage Synology system services. 682 | - `servicehstop`, `servicehstart`: Hard stop/start services (DSM 6 only). 683 | - `restartdocker`: Restarts Docker on Synology. 684 | 685 | - **Usage**: 686 | 687 | ```bash 688 | servicelist 689 | restartdocker 690 | ``` 691 | 692 | --- 693 | 694 | ### **Miscellaneous Aliases** 695 | 696 | - `wget`: Resumes downloads with `wget`. 697 | - `nano`: Edits files using `nano` with syntax highlighting. 698 | - `scxterm`: Starts an Xterm session. 699 | 700 | - **Usage**: 701 | 702 | ```bash 703 | wget url 704 | nano file 705 | ``` 706 | 707 | --- 708 | 709 | ### **System Monitoring Aliases** 710 | 711 | - `meminfo`: Displays memory usage. 712 | - `psmem`, `psmem10`: Shows processes consuming the most memory. 713 | - `pscpu`, `pscpu10`: Shows processes consuming the most CPU. 714 | - `cpuinfo`: Displays CPU info. 715 | - `gpumeminfo`: Displays GPU memory usage. 716 | - `free`: Displays memory in human-readable format. 717 | 718 | - **Usage**: 719 | 720 | ```bash 721 | meminfo 722 | psmem10 723 | ``` 724 | 725 | --- 726 | 727 | ### **Rclone Aliases** 728 | 729 | - `rcdlogs`, `rcclogs`: Tail Rclone logs. 730 | - `rcupmedia`, `rcupmedialogs`: Upload media to cloud. 731 | - `rcupdump`, `rcupdumplogs`: Upload database dump. 732 | - `rcrestart`, `rcstop`, `rcstart`: Manage Rclone service. 733 | - `rcstatus`: Check Rclone status. 734 | - `rcps`: List running Rclone processes. 735 | - `rcupdate`: Update Rclone. 736 | - `rcpurge`: Purge Rclone cache. 737 | - `rcforget`: Forget Rclone VFS cache. 738 | 739 | - **Usage**: 740 | 741 | ```bash 742 | rcstart 743 | rcupdate 744 | ``` 745 | 746 | --- 747 | 748 | ### **YouTube-DLP Aliases** 749 | 750 | - `ytupdate`: Update `yt-dlp`. 751 | - `ytlist`: List formats available for download. 752 | - `ytdump`: Dump video information as JSON. 753 | - `ytdv`, `ytdvc`: Download videos using config. 754 | - `ytda`, `ytdac`: Download audio using config. 755 | 756 | - **Usage**: 757 | 758 | ```bash 759 | ytlist video_url 760 | ytda video_url 761 | ``` 762 | 763 | --- 764 | 765 | ### **Auto-Traefik Aliases** 766 | 767 | - `sshagent`: Starts the SSH agent and adds the GitHub key. 768 | - `atpush`: Pushes changes to the Auto-Traefik Git repository. 769 | 770 | - **Usage**: 771 | 772 | ```bash 773 | atpush 774 | ``` 775 | 776 | --- 777 | 778 | ### **Pi-Hole Aliases** 779 | 780 | - `pidis`: Disables Pi-Hole. 781 | - `pien`: Enables Pi-Hole. 782 | - `pi10`: Temporarily disables Pi-Hole for 10 minutes. 783 | - `piup`: Updates Pi-Hole. 784 | - `rpi3up`, `rpi0up`: Updates Raspberry Pi systems. 785 | 786 | - **Usage**: 787 | 788 | ```bash 789 | pidis 790 | piup 791 | ``` 792 | 793 | --- 794 | 795 | ### **VNC Aliases** 796 | 797 | - `vnc1`: Starts a VNC server session with specific resolution. 798 | - `vnckill1`: Kills the VNC session on display `:1`. 799 | 800 | - **Usage**: 801 | 802 | ```bash 803 | vnc1 804 | vnckill1 805 | ``` 806 | 807 | --- 808 | 809 | These aliases are designed to optimize workflow and system management, making it easier to perform complex tasks with simple commands. 810 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | ### **v1.3.0** 2 | 3 | - **Added**: `print_intro`and `print_setup_complete` functions to improve clarity and UX. 4 | - **Rename**: `docker-udms.sh` to `udms.sh` and `docker-compose-udms.yml` to `master-compose.yml`. 5 | - **Refactor**: `USERDIR` variable handling in `create_env_file` function. Compose file paths and config variables. 6 | 7 | ### **v1.2.0** 8 | 9 | - **Added**: Support for Bash aliases in the setup, along with the `BASH-ALIASES.md` file to document the new aliases. 10 | - **Refactor**: Updated `docker-compose` file to include the Jellyfin service and updated `set_permissions` to set Jellyfin directory permissions. 11 | - **Fix**: Resolved directory issues in `download_docker_gc_exclude` and `edit_homepage_config` functions. 12 | - **Update**: Enhanced `README.md` with new installation steps and additional documentation improvements. 13 | 14 | ### **v1.1.0** 15 | 16 | - **Modularize**: Separated helper functions and configuration scripts. 17 | - **Refactor**: Improved handling of environment variables (`create_env_file`, `edit_homepage_config`). 18 | 19 | ### **v1.0.0** 20 | 21 | **(Initial Release)** 22 | 23 | - **Initial Commit**: Basic setup of Docker Compose files for services like Plex, Jellyfin, and more. 24 | - **Added**: Master Docker Compose file and `.env.example` for environment variable management. 25 | - **Implemented**: Basic setup script for Docker, using `sudo docker compose`. 26 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Home Server Automation 2 | 3 | This repository automates the setup and management of my home server using Docker and Docker Compose. 4 | 5 |

6 | Docker 7 | Portainer 8 | Homepage 9 | Plex 10 | Jellyfin 11 | qBittorrent 12 | Sonarr 13 | Radarr 14 | Prowlarr 15 | Bazarr 16 | Komga 17 | Kavita 18 | Gitea 19 | MariaDB 20 | TachiDesk 21 | Trash-Guides 22 |

23 | 24 | ## Prerequisites 25 | 26 | - **Operating System**: Ubuntu/Debian Linux 27 | - **Git**: Required to clone the repository. Install Git with: 28 | 29 | ```bash 30 | sudo apt install git 31 | ``` 32 | 33 | ## Quick Setup 34 | 35 | To quickly set up the script, use the following commands: 36 | 37 | 1. **Clone the repository**: 38 | 39 | ```bash 40 | git clone https://github.com/HASANALI117/home-server.git 41 | ``` 42 | 43 | 2. **Navigate to the `scripts` directory**: 44 | 45 | ```bash 46 | cd home-server/scripts 47 | ``` 48 | 49 | 3. **Make the script executable and run it**: 50 | 51 | ```bash 52 | chmod +x udms.sh 53 | ./udms.sh 54 | ``` 55 | 56 | Follow the prompts to provide configuration details. Examples of the prompts are: 57 | 58 | 1. **Enter Time Zone (TZ):** 59 | 60 | ```plaintext 61 | Enter TZ: Europe/London 62 | ``` 63 | 64 | This prompt asks for your server's time zone. You should enter the appropriate time zone for your location. For a list of time zones, refer to the [Wikipedia Time Zone List](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). 65 | 66 | 2. **Enter Server IP (SERVER_IP):** 67 | 68 | ```plaintext 69 | Enter SERVER_IP: 192.168.1.100 70 | ``` 71 | 72 | This prompt asks for the IP address of your server. Enter the local IP address where you want to access your services. 73 | 74 | 3. **Enter Plex Claim (PLEX_CLAIM):** 75 | 76 | ```plaintext 77 | Enter PLEX_CLAIM: YOUR_PLEX_CLAIM_TOKEN 78 | ``` 79 | 80 | This prompt asks for a Plex claim token. If you’re using Plex, you’ll need to enter your Plex claim token to connect your server to your Plex account. You can keep it empty initially, and add the Plex claim token to the `plex_claim` file in the `SECRETS` directory when you have it. If you don't know what your Plex claim is, you can find it at [Plex Claim](https://plex.tv/claim). 81 | 82 | These prompts will help configure essential aspects of your home server setup. Make sure to provide accurate details to ensure that the script configures your environment correctly. 83 | 84 | ## What the Script Does 85 | 86 | The `udms.sh` script performs the following tasks: 87 | 88 | 1. **Installs Docker and Docker Compose**: Ensures Docker and Docker Compose are installed on your system. 89 | 90 | 2. **Verifies Installation**: Checks that Docker and Docker Compose are installed correctly. 91 | 92 | 3. **Sets Up Directories**: Creates the following directories: 93 | 94 | - **`APPDATA`**: Stores application-specific data for Docker services. 95 | - **`COMPOSE`**: Contains Docker Compose files for different services. 96 | - **`LOGS`**: Holds log files for Docker services. 97 | - **`SCRIPTS`**: Stores additional scripts related to Docker and server management. 98 | - **`SECRETS`**: Keeps sensitive data like Plex claim tokens and other secrets. 99 | - **`SHARED`**: Directory for shared resources between containers. 100 | 101 | 4. **Configures Permissions**: Sets appropriate permissions for directories and files to ensure secure access. 102 | 103 | 5. **Downloads Docker Compose Files**: Retrieves Docker Compose files for various services from remote sources. 104 | 105 | 6. **Starts Docker Containers**: Launches Docker containers based on the provided configuration. 106 | 107 | 7. **Service Configuration**: Applies specific configurations to services like qbittorrent and homepage. 108 | 109 | 8. **Adds Docker Aliases**: Adds useful Docker and bash aliases to your bash configuration for easier management of Docker services and other tasks. For a full list of aliases and usage examples, refer to the [Bash Aliases & Shortcuts](./BASH-ALIASES.md) section. 110 | 111 | ## Services Managed by the Script 112 | 113 | The script sets up Docker Compose files for the following services: 114 | 115 | - **`socket-proxy`**: A reverse proxy for managing access to multiple services running on the server. [Documentation](https://github.com/Tecnativa/docker-socket-proxy?tab=readme-ov-file#supported-api-versions) 116 | 117 | - **`portainer`**: A lightweight management UI that allows you to easily manage Docker environments. [Documentation](https://docs.portainer.io/) 118 | 119 | - **`dozzle`**: A real-time log viewer for Docker containers, providing a web interface to view logs. [Documentation](https://dozzle.dev/guide/getting-started) 120 | 121 | - **`homepage`**: A customizable homepage service that provides quick access to various other services. [Documentation](https://gethomepage.dev/latest/installation/docker/) 122 | 123 | - **`plex`**: A media server that organizes and streams your personal media collection. [Documentation](https://docs.linuxserver.io/images/docker-plex/) 124 | 125 | - **`jellyfin`**: An open-source media server software for managing and streaming your media library. [Documentation](https://docs.linuxserver.io/images/docker-jellyfin/) 126 | 127 | - **`qbittorrent`**: A popular torrent client with a built-in web interface for managing torrents. [Documentation](https://docs.linuxserver.io/images/docker-qbittorrent/) 128 | 129 | - **`sonarr`**: A TV series manager that automatically downloads and organizes TV shows. [Documentation](https://docs.linuxserver.io/images/docker-sonarr/) 130 | 131 | - **`radarr`**: A movie collection manager that automates the process of downloading and organizing movies. [Documentation](https://docs.linuxserver.io/images/docker-radarr/) 132 | 133 | - **`prowlarr`**: A Usenet and torrent indexer that integrates with various other services for managing downloads. [Documentation](https://docs.linuxserver.io/images/docker-prowlarr/) 134 | 135 | - **`bazarr`**: A companion application to Sonarr and Radarr, providing subtitle management for your media library. [Documentation](https://docs.linuxserver.io/images/docker-bazarr/) 136 | 137 | - **`docker-gc`**: A garbage collection tool that automatically cleans up unused Docker containers and images to free up disk space. [Documentation](https://github.com/clockworksoul/docker-gc-cron) 138 | 139 | ## Adding More Services 140 | 141 | There are 75+ apps in the `compose/` directory. For more information on these apps, refer to the [README in the compose directory](./compose/README.md). The script is a work in progress for adding all of them, for now to add more services, follow these steps: 142 | 143 | 1. **Add Service Configuration**: Copy the desired service's Docker Compose YAML file from the [`compose/`](./compose/) directory. 144 | 2. **Update [`master-compose.yml`](./master-compose.yml)**: Add the path to the copied service YAML file in the [`master-compose.yml`](./master-compose.yml) file under the appropriate section. 145 | 146 | Example of adding a new service in [`master-compose.yml`](./master-compose.yml): 147 | 148 | ```yml 149 | include: 150 | ########################### SERVICES 151 | # PREFIX udms = Ultimate Docker Media Server 152 | # HOSTNAME=udms - defined in .env 153 | # CORE 154 | - compose/socket-proxy.yml 155 | - compose/portainer.yml 156 | - compose/dozzle.yml 157 | - compose/homepage.yml 158 | # MEDIA 159 | - compose/plex.yml 160 | - compose/jellyfin.yml 161 | # DOWNLOADERS 162 | - compose/qbittorrent.yml 163 | # PVRS 164 | - compose/radarr.yml 165 | - compose/sonarr.yml 166 | - compose/prowlarr.yml 167 | # COMPLEMENTARY AP 168 | 169 | PS 170 | - compose/bazarr.yml 171 | # MAINTENANCE 172 | - compose/docker-gc.yml 173 | # Add your new service here 174 | - compose/new-service.yml 175 | ``` 176 | 177 | ## Credits 178 | 179 | Special thanks to [@anandslab](https://github.com/anandslab) for his amazing guides and resources. The Docker Compose files were taken from his repository [docker-traefik](https://github.com/anandslab/docker-traefik). For more information, check out his guide on setting up a Docker media server [here](https://www.smarthomebeginner.com/docker-media-server-2024/). 180 | -------------------------------------------------------------------------------- /assets/adguard-home.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/adguard-home.png -------------------------------------------------------------------------------- /assets/adguardhomesync.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/adguardhomesync.png -------------------------------------------------------------------------------- /assets/airsonic.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/airsonic.png -------------------------------------------------------------------------------- /assets/authelia.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/authelia.png -------------------------------------------------------------------------------- /assets/bazarr-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/bazarr-light.png -------------------------------------------------------------------------------- /assets/bazarr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/bazarr.png -------------------------------------------------------------------------------- /assets/cloudfare-bouncer.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/cloudfare-bouncer.png -------------------------------------------------------------------------------- /assets/crowdsec.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/crowdsec.png -------------------------------------------------------------------------------- /assets/ddns-updater.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/ddns-updater.png -------------------------------------------------------------------------------- /assets/docker-gc.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/docker-gc.png -------------------------------------------------------------------------------- /assets/docker-moby.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/docker-moby.png -------------------------------------------------------------------------------- /assets/docker.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/docker.png -------------------------------------------------------------------------------- /assets/dockge-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/dockge-light.png -------------------------------------------------------------------------------- /assets/dockge.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/dockge.png -------------------------------------------------------------------------------- /assets/dozzle.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/dozzle.png -------------------------------------------------------------------------------- /assets/firefly.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/firefly.png -------------------------------------------------------------------------------- /assets/firefox.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/firefox.png -------------------------------------------------------------------------------- /assets/gitea.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/gitea.png -------------------------------------------------------------------------------- /assets/glances.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/glances.png -------------------------------------------------------------------------------- /assets/gluetun.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/gluetun.png -------------------------------------------------------------------------------- /assets/grafana.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/grafana.png -------------------------------------------------------------------------------- /assets/guacamole-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/guacamole-light.png -------------------------------------------------------------------------------- /assets/guacamole.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/guacamole.png -------------------------------------------------------------------------------- /assets/homepage.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/homepage.png -------------------------------------------------------------------------------- /assets/influxdb.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/influxdb.png -------------------------------------------------------------------------------- /assets/it-tools-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/it-tools-light.png -------------------------------------------------------------------------------- /assets/it-tools.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/it-tools.png -------------------------------------------------------------------------------- /assets/jackett-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/jackett-light.png -------------------------------------------------------------------------------- /assets/jackett.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/jackett.png -------------------------------------------------------------------------------- /assets/jdownloader.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/jdownloader.png -------------------------------------------------------------------------------- /assets/jdownloader2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/jdownloader2.png -------------------------------------------------------------------------------- /assets/jellyfin.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/jellyfin.png -------------------------------------------------------------------------------- /assets/kaizoku.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/kaizoku.png -------------------------------------------------------------------------------- /assets/kapowarr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/kapowarr.png -------------------------------------------------------------------------------- /assets/kasm-workspaces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/kasm-workspaces.png -------------------------------------------------------------------------------- /assets/kasm.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/kasm.png -------------------------------------------------------------------------------- /assets/kavita.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/kavita.png -------------------------------------------------------------------------------- /assets/komga.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/komga.png -------------------------------------------------------------------------------- /assets/lazylibrarian.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/lazylibrarian.png -------------------------------------------------------------------------------- /assets/lidarr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/lidarr.png -------------------------------------------------------------------------------- /assets/loki.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/loki.png -------------------------------------------------------------------------------- /assets/makemkv.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/makemkv.png -------------------------------------------------------------------------------- /assets/mango.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/mango.png -------------------------------------------------------------------------------- /assets/mariadb.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/mariadb.png -------------------------------------------------------------------------------- /assets/medusa.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/medusa.png -------------------------------------------------------------------------------- /assets/minio-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/minio-light.png -------------------------------------------------------------------------------- /assets/minio.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/minio.png -------------------------------------------------------------------------------- /assets/mkvtoolnix.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/mkvtoolnix.png -------------------------------------------------------------------------------- /assets/mylar.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/mylar.png -------------------------------------------------------------------------------- /assets/netdata.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/netdata.png -------------------------------------------------------------------------------- /assets/nextcloud-blue.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/nextcloud-blue.png -------------------------------------------------------------------------------- /assets/nextcloud.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/nextcloud.png -------------------------------------------------------------------------------- /assets/nginx.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/nginx.png -------------------------------------------------------------------------------- /assets/notifiarr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/notifiarr.png -------------------------------------------------------------------------------- /assets/nzbget.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/nzbget.png -------------------------------------------------------------------------------- /assets/ombi.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/ombi.png -------------------------------------------------------------------------------- /assets/organizr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/organizr.png -------------------------------------------------------------------------------- /assets/overseerr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/overseerr.png -------------------------------------------------------------------------------- /assets/phpmyadmin.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/phpmyadmin.png -------------------------------------------------------------------------------- /assets/pi-hole.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/pi-hole.png -------------------------------------------------------------------------------- /assets/plex-alt-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/plex-alt-light.png -------------------------------------------------------------------------------- /assets/plex-alt.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/plex-alt.png -------------------------------------------------------------------------------- /assets/plex.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/plex.png -------------------------------------------------------------------------------- /assets/portainer-alt.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/portainer-alt.png -------------------------------------------------------------------------------- /assets/portainer.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/portainer.png -------------------------------------------------------------------------------- /assets/prometheus.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/prometheus.png -------------------------------------------------------------------------------- /assets/prowlarr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/prowlarr.png -------------------------------------------------------------------------------- /assets/proxmox-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/proxmox-light.png -------------------------------------------------------------------------------- /assets/proxmox.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/proxmox.png -------------------------------------------------------------------------------- /assets/qbittorrent.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/qbittorrent.png -------------------------------------------------------------------------------- /assets/qdirstat.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/qdirstat.png -------------------------------------------------------------------------------- /assets/radarr-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/radarr-light.png -------------------------------------------------------------------------------- /assets/radarr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/radarr.png -------------------------------------------------------------------------------- /assets/rclone.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/rclone.png -------------------------------------------------------------------------------- /assets/readarr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/readarr.png -------------------------------------------------------------------------------- /assets/redis.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/redis.png -------------------------------------------------------------------------------- /assets/requestrr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/requestrr.png -------------------------------------------------------------------------------- /assets/sabnzbd-alt.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/sabnzbd-alt.png -------------------------------------------------------------------------------- /assets/sabnzbd.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/sabnzbd.png -------------------------------------------------------------------------------- /assets/scrutiny-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/scrutiny-light.png -------------------------------------------------------------------------------- /assets/scrutiny.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/scrutiny.png -------------------------------------------------------------------------------- /assets/selfhosted-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/selfhosted-light.png -------------------------------------------------------------------------------- /assets/selfhosted.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/selfhosted.png -------------------------------------------------------------------------------- /assets/sonarr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/sonarr.png -------------------------------------------------------------------------------- /assets/statping-ng.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/statping-ng.png -------------------------------------------------------------------------------- /assets/statping.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/statping.png -------------------------------------------------------------------------------- /assets/syncthing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/syncthing.png -------------------------------------------------------------------------------- /assets/tachidesk.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/tachidesk.png -------------------------------------------------------------------------------- /assets/tautulli.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/tautulli.png -------------------------------------------------------------------------------- /assets/tdarr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/tdarr.png -------------------------------------------------------------------------------- /assets/telegraf.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/telegraf.png -------------------------------------------------------------------------------- /assets/thelounge.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/thelounge.png -------------------------------------------------------------------------------- /assets/traefik.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/traefik.png -------------------------------------------------------------------------------- /assets/transmission.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/transmission.png -------------------------------------------------------------------------------- /assets/trash-guides.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/trash-guides.png -------------------------------------------------------------------------------- /assets/tube-archivist-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/tube-archivist-light.png -------------------------------------------------------------------------------- /assets/tube-archivist.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/tube-archivist.png -------------------------------------------------------------------------------- /assets/ubooquity.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/ubooquity.png -------------------------------------------------------------------------------- /assets/unbound.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/unbound.png -------------------------------------------------------------------------------- /assets/uptime-kuma.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/uptime-kuma.png -------------------------------------------------------------------------------- /assets/vaultwarden-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/vaultwarden-light.png -------------------------------------------------------------------------------- /assets/vaultwarden.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/vaultwarden.png -------------------------------------------------------------------------------- /assets/vscode.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/vscode.png -------------------------------------------------------------------------------- /assets/watchtower.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/watchtower.png -------------------------------------------------------------------------------- /assets/webtop.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/webtop.png -------------------------------------------------------------------------------- /assets/wireguard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/wireguard.png -------------------------------------------------------------------------------- /assets/xteve.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/xteve.png -------------------------------------------------------------------------------- /assets/yacht-light.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/yacht-light.png -------------------------------------------------------------------------------- /assets/yacht.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/yacht.png -------------------------------------------------------------------------------- /assets/zabbix.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/zabbix.png -------------------------------------------------------------------------------- /assets/zerotier.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/zerotier.png -------------------------------------------------------------------------------- /assets/zigbee2mqtt.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/HASANALI117/home-server/318ee6ee02431a80cf0ecc239131f4e62049b89a/assets/zigbee2mqtt.png -------------------------------------------------------------------------------- /compose/adguardhome-sync.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # AdGuard Home Sync - Sync Settings between AdGuard Homes 3 | adguardhome-sync: 4 | image: lscr.io/linuxserver/adguardhome-sync:latest 5 | container_name: adguardhome-sync 6 | restart: unless-stopped 7 | profiles: ["core", "all", "dns"] 8 | environment: 9 | TZ: $TZ 10 | PUID: $PUID 11 | PGID: $PGID 12 | CONFIGFILE: /config/adguardhome-sync.yaml #optional 13 | volumes: 14 | - $DOCKERDIR/appdata/adguardhome-sync:/config -------------------------------------------------------------------------------- /compose/adguardhome.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # AdGuard Home - DNS AdBlocking 3 | adguardhome: 4 | container_name: adguardhome 5 | image: adguard/adguardhome 6 | restart: unless-stopped 7 | profiles: ["core", "all", "dns"] 8 | network_mode: host 9 | # networks: 10 | # - default 11 | # ports: 12 | # - 53:53/udp 13 | # - 67:67/udp 14 | # - 68:68/tcp 15 | # - 1068:68/udp # port conflict with Raspbery PI OS DHCPD https://github.com/AdguardTeam/AdGuardHome/issues/1049 16 | # - 81:80/tcp 17 | # - 444:443/tcp 18 | # - 853:853/tcp 19 | # # - 3000:3000/tcp 20 | volumes: 21 | - $DOCKERDIR/appdata/adguardhome/conf:/opt/adguardhome/conf 22 | - $DOCKERDIR/appdata/adguardhome/work:/opt/adguardhome/work 23 | # - $DOCKERDIR/shared/certs/$DOMAINNAME_SHB:/certs # optional: if you have your own SSL certs -------------------------------------------------------------------------------- /compose/airsonic-advanced.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Airsonic Advanced - Music Server 3 | airsonic-advanced: 4 | image: lscr.io/linuxserver/airsonic-advanced 5 | container_name: airsonic-advanced 6 | networks: 7 | - default 8 | security_opt: 9 | - no-new-privileges:true 10 | restart: "no" 11 | profiles: ["media", "all"] 12 | volumes: 13 | - $DOCKERDIR/appdata/airsonic/podcasts:/data/podcasts 14 | - $DOCKERDIR/appdata/airsonic/playlists:/data/playlists 15 | - $DOCKERDIR/appdata/airsonic/config:/config 16 | - $DATADIR/data/media/music:/data/music 17 | ports: 18 | - "4040:4040" 19 | environment: 20 | TZ: $TZ 21 | PUID: $PUID 22 | PGID: $PGID 23 | JAVA_OPTS: '-Dserver.forward-headers-strategy=native' # optional - if you use a reverse-proxy -------------------------------------------------------------------------------- /compose/authelia.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Authelia (Lite) - Self-Hosted Single Sign-On and Two-Factor Authentication 3 | authelia: 4 | container_name: authelia 5 | image: authelia/authelia:4.38.8 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["core", "all"] 10 | networks: 11 | - t3_proxy 12 | - default 13 | # ports: 14 | # - "9091:9091" 15 | volumes: 16 | - $DOCKERDIR/appdata/authelia:/config 17 | environment: 18 | - TZ=$TZ 19 | - PUID=$PUID 20 | - PGID=$PGID 21 | - AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE=/run/secrets/authelia_jwt_secret 22 | - AUTHELIA_SESSION_SECRET_FILE=/run/secrets/authelia_session_secret 23 | - AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE=/run/secrets/authelia_storage_encryption_key 24 | # - AUTHELIA_STORAGE_MYSQL_PASSWORD_FILE=/run/secrets/authelia_storage_mysql_password 25 | # - AUTHELIA_SESSION_REDIS_PASSWORD_FILE=/run/secrets/authelia_session_redis_password 26 | # - AUTHELIA_DUO_API_SECRET_KEY_FILE=/run/secrets/authelia_duo_api_secret_key 27 | secrets: 28 | - authelia_jwt_secret 29 | - authelia_storage_encryption_key 30 | - authelia_session_secret 31 | labels: 32 | - "traefik.enable=true" 33 | ## HTTP Routers 34 | - "traefik.http.routers.authelia-rtr.entrypoints=websecure" 35 | - "traefik.http.routers.authelia-rtr.rule=Host(`authelia.$DOMAINNAME_HS`)" 36 | ## Middlewares 37 | - "traefik.http.routers.authelia-rtr.middlewares=chain-no-auth@file" 38 | ## HTTP Services 39 | - "traefik.http.routers.authelia-rtr.service=authelia-svc" 40 | - "traefik.http.services.authelia-svc.loadbalancer.server.port=9091" -------------------------------------------------------------------------------- /compose/autoindex.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Autoindex - Simple Directory Index 3 | autoindex: 4 | container_name: autoindex 5 | image: dceoy/nginx-autoindex:latest 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["apps", "all"] 10 | networks: 11 | - t3_proxy 12 | # ports: 13 | # - "$AUTOINDEX_PORT:80" 14 | volumes: 15 | #- $USERDIR:/var/lib/nginx/html:ro # Location you want to index 16 | - $EXTDRIVE:/var/lib/nginx/html:ro # Location you want to index 17 | labels: 18 | - "traefik.enable=true" 19 | # HTTP Routers 20 | - "traefik.http.routers.autoindex-rtr.entrypoints=websecure" 21 | - "traefik.http.routers.autoindex-rtr.rule=Host(`index.$DOMAINNAME_HS`)" 22 | # Middlewares 23 | - "traefik.http.routers.autoindex-rtr.middlewares=chain-oauth@file" 24 | # HTTP Services 25 | - "traefik.http.routers.autoindex-rtr.service=autoindex-svc" 26 | - "traefik.http.services.autoindex-svc.loadbalancer.server.port=80" -------------------------------------------------------------------------------- /compose/bazarr.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Bazarr - Subtitle Management 3 | bazarr: 4 | image: lscr.io/linuxserver/bazarr:latest 5 | container_name: bazarr 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: "no" 9 | # profiles: ["media", "arrs", "all"] 10 | networks: 11 | - default 12 | ports: 13 | - "6767:6767" 14 | volumes: 15 | - $DOCKERDIR/appdata/bazarr:/config 16 | - $DATADIR/media:/media 17 | environment: 18 | TZ: $TZ 19 | PUID: $PUID 20 | PGID: $PGID 21 | -------------------------------------------------------------------------------- /compose/certdumper.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Traefik Certs Dumper - Extract LetsEncrypt Certificates - Traefik2 Compatible 3 | certdumper: 4 | container_name: traefik_certdumper 5 | image: humenius/traefik-certs-dumper:latest 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["apps", "all"] 10 | networks: 11 | - default 12 | # command: --restart-containers container1,container2,container3 13 | volumes: 14 | - $DOCKERDIR/appdata/traefik2/acme:/traefik:ro 15 | - $DOCKERDIR/shared/certs/$DOMAINNAME_DS918:/output:rw 16 | # - /var/run/docker.sock:/var/run/docker.sock:ro # Only needed if restarting containers (use Docker Socket Proxy instead) 17 | environment: 18 | DOMAIN: $DOMAINNAME_DS918 -------------------------------------------------------------------------------- /compose/cloudflare-bouncer.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # CrowdSec Bouncer - Cloudflare 3 | # sudo docker exec crowdsec cscli bouncer add cloudflare-bouncer 4 | # Set max ip number right the first time (max 10000). Recreating container deletes all ips and readds them causing cloudflare 429 rate limiting. 5 | cloudflare-bouncer: 6 | image: crowdsecurity/cloudflare-bouncer 7 | container_name: cloudflare-bouncer 8 | security_opt: 9 | - no-new-privileges:true 10 | restart: unless-stopped 11 | profiles: ["core", "all"] 12 | networks: 13 | - t2_proxy 14 | volumes: 15 | - $DOCKERDIR/appdata/cloudflare-bouncer/cfg.yaml:/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml -------------------------------------------------------------------------------- /compose/crowdsec.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # CrowdSec - Open-source & collaborative security IPS 3 | crowdsec: 4 | image: crowdsecurity/crowdsec 5 | container_name: crowdsec 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["core", "all"] 10 | ports: 11 | - "8080:8080" 12 | - "$ZEROTIER_IP_CLOUDSERVER:6060:6060" # Exposing metrics via Zerotier IP 13 | environment: 14 | COLLECTIONS: "crowdsecurity/traefik crowdsecurity/http-cve crowdsecurity/whitelist-good-actors crowdsecurity/iptables crowdsecurity/linux fulljackz/proxmox" 15 | GID: "${GID-1000}" 16 | CUSTOM_HOSTNAME: home-server 17 | DISABLE_LOCAL_API: "true" # Only after successfully registering and validating remote agent below. 18 | # For the following, check local_api_credentials.yaml after cscli lapi register (secondary machine) and cscli machine validate (on primary machine) 19 | AGENT_USERNAME: $CROWDSEC_AGENT_USERNAME 20 | AGENT_PASSWORD: $CROWDSEC_AGENT_PASSWORD 21 | LOCAL_API_URL: $CROWDSEC_LOCAL_API_URL 22 | volumes: 23 | - $DOCKERDIR/logs/cloudserver:/logs/cloudserver:ro 24 | - /var/log:/var/log:ro 25 | - $EXTDRIVE/zbox/var/log:/logs/zbox:ro 26 | - $DOCKERDIR/appdata/crowdsec/data:/var/lib/crowdsec/data 27 | - $DOCKERDIR/appdata/crowdsec/config:/etc/crowdsec -------------------------------------------------------------------------------- /compose/ddns-updater.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Cloudflare DDNS - Dynamic DNS Updater 3 | ddns-updater: 4 | image: qmcgaw/ddns-updater 5 | container_name: ddns-updater 6 | restart: unless-stopped 7 | profiles: ["core", "all", "dns"] 8 | networks: 9 | - t2_proxy 10 | ports: 11 | - 8000:8000/tcp 12 | volumes: 13 | - $DOCKERDIR/appdata/ddns-updater:/updater/data # Owned by UID 1000 14 | environment: 15 | TZ: $TZ 16 | PERIOD: 4h 17 | UPDATE_COOLDOWN_PERIOD: 5m 18 | PUBLICIP_DNS_TIMEOUT: 3s 19 | HTTP_TIMEOUT: 10s 20 | DATADIR: /updater/data 21 | # Web UI 22 | LISTENING_PORT: 8000 23 | # Backup 24 | BACKUP_PERIOD: 96h # 0 to disable 25 | BACKUP_DIRECTORY: /updater/data/backups 26 | # Other 27 | LOG_LEVEL: warning 28 | SHOUTRRR_ADDRESSES: $DISCORD_SHOUTRRR_ADDRESS -------------------------------------------------------------------------------- /compose/deunhealth.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # DeUnhealth - Restart your unhealthy containers safely (e.g. containers depending on VPN and VPN reconnects) 3 | deunhealth: 4 | image: qmcgaw/deunhealth 5 | container_name: deunhealth 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["apps", "all"] 10 | networks: 11 | - socket_proxy 12 | environment: 13 | LOG_LEVEL: info 14 | HEALTH_SERVER_ADDRESS: 127.0.0.1:9999 15 | TZ: $TZ 16 | DOCKER_HOST: tcp://socket-proxy:2375 -------------------------------------------------------------------------------- /compose/docker-gc.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Docker-GC - Automatic Docker Garbage Collection 3 | # Create docker-gc-exclude file 4 | docker-gc: 5 | image: clockworksoul/docker-gc-cron:latest 6 | container_name: docker-gc 7 | security_opt: 8 | - no-new-privileges:true 9 | restart: unless-stopped 10 | # profiles: ["apps", "all"] 11 | networks: 12 | - socket_proxy 13 | volumes: 14 | # - /var/run/docker.sock:/var/run/docker.sock # Use Docker Socket Proxy instead for improved security 15 | - $DOCKERDIR/appdata/docker-gc/docker-gc-exclude:/etc/docker-gc-exclude 16 | environment: 17 | CRON: 0 0 0 * * ? # Every day at midnight 18 | FORCE_IMAGE_REMOVAL: 1 19 | FORCE_CONTAINER_REMOVAL: 0 20 | GRACE_PERIOD_SECONDS: 604800 21 | DRY_RUN: 0 22 | CLEAN_UP_VOLUMES: 1 23 | TZ: $TZ 24 | DOCKER_HOST: tcp://socket-proxy:2375 25 | -------------------------------------------------------------------------------- /compose/dockge.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Dockge - Docker Compose Manager 3 | dockge: 4 | image: louislam/dockge 5 | container_name: dockge 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["apps", "all"] 10 | # ports: 11 | # - "5001:5001" 12 | networks: 13 | - t3_proxy 14 | - socket_proxy 15 | volumes: 16 | - $DOCKERDIR/appdata/dockge:/app/data 17 | - $USERDIR/test:/opt/stacks 18 | environment: 19 | - DOCKGE_STACKS_DIR=/opt/stacks 20 | - DOCKER_HOST=tcp://socket-proxy:2375 21 | labels: 22 | - "traefik.enable=true" 23 | # HTTP Routers 24 | - "traefik.http.routers.dockge-rtr.entrypoints=websecure" 25 | - "traefik.http.routers.dockge-rtr.rule=Host(`dockge.$DOMAINNAME_HS`)" 26 | # Middlewares 27 | - "traefik.http.routers.dockge-rtr.middlewares=chain-oauth@file" 28 | # HTTP Services 29 | - "traefik.http.routers.dockge-rtr.service=dockge-svc" 30 | - "traefik.http.services.dockge-svc.loadbalancer.server.port=5001" 31 | -------------------------------------------------------------------------------- /compose/dozzle.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Dozzle - Real-time Docker Log Viewer 3 | dozzle: 4 | image: amir20/dozzle:latest 5 | container_name: dozzle 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["apps", "all"] 10 | networks: 11 | - socket_proxy 12 | - default 13 | ports: 14 | - "8082:8080" 15 | environment: 16 | DOZZLE_LEVEL: info 17 | DOZZLE_TAILSIZE: 300 18 | DOZZLE_FILTER: "status=running" 19 | # DOZZLE_FILTER: "label=log_me" # limits logs displayed to containers with this label 20 | DOCKER_HOST: tcp://socket-proxy:2375 21 | # volumes: 22 | # - /var/run/docker.sock:/var/run/docker.sock # Use Docker Socket Proxy instead for improved security 23 | -------------------------------------------------------------------------------- /compose/firefly.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Firefly III - Personal Finance Manager 3 | firefly: 4 | image: fireflyiii/core:latest 5 | container_name: firefly 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["apps", "all"] 10 | networks: 11 | - t3_proxy 12 | ports: 13 | - 8088:8080 14 | volumes: 15 | - $DOCKERDIR/appdata/firefly:/var/www/html/storage/upload 16 | env_file: $DOCKERDIR/appdata/firefly/firefly.env 17 | labels: 18 | - "traefik.enable=true" 19 | # HTTP Routers 20 | - "traefik.http.routers.firefly-rtr.entrypoints=websecure" 21 | - "traefik.http.routers.firefly-rtr.rule=Host(`firefly.$DOMAINNAME_HS`)" 22 | # Middlewares 23 | - "traefik.http.routers.firefly-rtr.middlewares=chain-oauth@file" 24 | # HTTP Services 25 | - "traefik.http.routers.firefly-rtr.service=firefly-svc" 26 | - "traefik.http.services.firefly-svc.loadbalancer.server.port=8080" 27 | 28 | importer: 29 | image: fireflyiii/data-importer:latest 30 | container_name: firefly_importer 31 | security_opt: 32 | - no-new-privileges:true 33 | restart: unless-stopped 34 | profiles: ["apps", "all"] 35 | networks: 36 | - t3_proxy 37 | ports: 38 | - '8089:8080' 39 | depends_on: 40 | - firefly 41 | env_file: $DOCKERDIR/appdata/firefly/importer.env 42 | labels: 43 | - "traefik.enable=true" 44 | # HTTP Routers 45 | - "traefik.http.routers.firefly-importer-rtr.entrypoints=websecure" 46 | - "traefik.http.routers.firefly-importer-rtr.rule=Host(`importer.$DOMAINNAME_HS`)" 47 | # Middlewares 48 | - "traefik.http.routers.firefly-importer-rtr.middlewares=chain-oauth@file" 49 | # HTTP Services 50 | - "traefik.http.routers.firefly-importer-rtr.service=firefly-importer-svc" 51 | - "traefik.http.services.firefly-importer-svc.loadbalancer.server.port=8080" -------------------------------------------------------------------------------- /compose/firefox.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Firefox - Web Broswer 3 | # VNC password not working - check 4 | firefox: 5 | image: jlesage/firefox:latest 6 | container_name: firefox 7 | security_opt: 8 | - no-new-privileges:true 9 | - seccomp:unconfined # October 15, 2020 https://github.com/jlesage/docker-firefox/blob/master/README.md#allowing-the-membarrier-system-call 10 | restart: unless-stopped 11 | profiles: ["apps", "all"] 12 | networks: 13 | - t3_proxy 14 | # ports: 15 | # - "$FIREFOX_PORT:5800" 16 | volumes: 17 | - $DOCKERDIR/appdata/firefox:/config 18 | - $DATADIR/downloads:/data/downloads 19 | - /dev/shm:/dev/shm 20 | environment: 21 | USER_ID: $PUID 22 | GROUP_ID: $PGID 23 | TZ: $TZ 24 | UMASK: 002 25 | KEEP_APP_RUNNING: 1 26 | CLEAN_TMP_DIR: 1 27 | DISPLAY_WIDTH: 1920 28 | DISPLAY_HEIGHT: 1080 29 | VNC_PASSWD: $FIREFOX_VNC_PASSWD 30 | labels: 31 | - "traefik.enable=true" 32 | # HTTP Routers 33 | - "traefik.http.routers.firefox-rtr.entrypoints=websecure" 34 | - "traefik.http.routers.firefox-rtr.rule=Host(`firefox.$DOMAINNAME_HS`)" 35 | # Middlewares 36 | - "traefik.http.routers.firefox-rtr.middlewares=chain-oauth@file" 37 | # HTTP Services 38 | - "traefik.http.routers.firefox-rtr.service=firefox-svc" 39 | - "traefik.http.services.firefox-svc.loadbalancer.server.port=5800" -------------------------------------------------------------------------------- /compose/glances.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Glances - System Information 3 | glances: 4 | image: nicolargo/glances:latest-full 5 | container_name: glances 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["apps", "all"] 10 | # privileged: true # Only for VM 11 | # network_mode: host 12 | networks: 13 | - traefik_proxy 14 | - socket_proxy 15 | - default 16 | ports: 17 | - "61208:61208" 18 | pid: host 19 | volumes: 20 | - $DOCKERDIR/appdata/glances/glances.conf:/glances/conf/glances.conf # Use this if you want to add a glances.conf file 21 | - $DATADIR1:/data/data:ro 22 | - $DOCKERDIR:/data/docker:ro 23 | # - /var/run/docker.sock:/var/run/docker.sock:ro # Use Docker Socket Proxy instead for improved security 24 | environment: 25 | # GLANCES_OPT: "-C /glances/conf/glances.conf --quiet --export influxdb" 26 | # GLANCES_OPT: "--export influxdb" 27 | GLANCES_OPT: "-w" 28 | DOCKER_HOST: tcp://socket-proxy:2375 29 | labels: 30 | - "traefik.enable=true" 31 | # HTTP Routers 32 | - "traefik.http.routers.glances-rtr.entrypoints=https" 33 | - "traefik.http.routers.glances-rtr.rule=Host(`glances.$DOMAINNAME_DS918`)" 34 | # Middlewares 35 | - "traefik.http.routers.glances-rtr.middlewares=chain-oauth@file" 36 | # HTTP Services 37 | - "traefik.http.routers.glances-rtr.service=glances-svc" 38 | - "traefik.http.services.glances-svc.loadbalancer.server.port=61208" -------------------------------------------------------------------------------- /compose/gluetun.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Gluetun - VPN Client for Docker Containers and More 3 | # Gluetun only for use by torrent clients + on demand lan devices. 4 | # Arr apps do not need VPN (not recommended), unless you have ISP/country restrictions. 5 | gluetun: 6 | image: qmcgaw/gluetun 7 | container_name: gluetun 8 | security_opt: 9 | - no-new-privileges:true 10 | restart: unless-stopped 11 | profiles: ["core", "all"] 12 | networks: 13 | - t3_proxy 14 | cap_add: 15 | - NET_ADMIN 16 | devices: 17 | - /dev/net/tun 18 | ports: 19 | - "8081:8080" # Exposing qBittorrent through Docker Host LAN IP 20 | # # - 8888:8888/tcp # HTTP proxy 21 | # # - 8388:8388/tcp # Shadowsocks 22 | # # - 8388:8388/udp # Shadowsocks 23 | volumes: 24 | - $DOCKERDIR/appdata/gluetun:/gluetun 25 | environment: 26 | TZ: $TZ 27 | # Wireguard 28 | VPN_SERVICE_PROVIDER: surfshark 29 | VPN_TYPE: wireguard 30 | WIREGUARD_PRIVATE_KEY: $SURFSHARK_WG_PRIVATE_KEY 31 | WIREGUARD_ADDRESSES: 10.14.0.2/16 32 | SERVER_COUNTRIES: Netherlands 33 | # # OpenVPN 34 | # VPN_SERVICE_PROVIDER: nordvpn 35 | # VPN_TYPE: openvpn 36 | # OPENVPN_USER: $NORDVPN_USERNAME 37 | # OPENVPN_PASSWORD: $NORDVPN_PASSWORD 38 | labels: 39 | - "traefik.enable=true" 40 | # HTTP Routers 41 | - "traefik.http.routers.gluetun-qbittorrent-rtr.entrypoints=websecure" 42 | - "traefik.http.routers.gluetun-qbittorrent-rtr.rule=Host(`qbit.$DOMAINNAME_HS`)" # qBittorrent 43 | # Middlewares 44 | - "traefik.http.routers.gluetun-qbittorrent-rtr.middlewares=chain-oauth@file" # qBittorrent 45 | # HTTP Services 46 | - "traefik.http.routers.gluetun-qbittorrent-rtr.service=gluetun-svc" # qBittorrent 47 | - "traefik.http.services.gluetun-svc.loadbalancer.server.port=8080" # qBittorrent -------------------------------------------------------------------------------- /compose/grafana.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Grafana - Graphical data visualization for InfluxDB data 3 | grafana: 4 | image: grafana/grafana:latest 5 | container_name: grafana 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["apps", "all"] 10 | networks: 11 | - t3_proxy 12 | ports: 13 | - "3000:3000" 14 | user: "$PUID:$PGID" 15 | volumes: 16 | - $DOCKERDIR/appdata/grafana:/var/lib/grafana 17 | environment: 18 | GF_INSTALL_PLUGINS: "grafana-clock-panel,grafana-simple-json-datasource,grafana-worldmap-panel,grafana-piechart-panel" 19 | labels: 20 | - "traefik.enable=true" 21 | # HTTP Routers 22 | - "traefik.http.routers.grafana-rtr.entrypoints=websecure" 23 | - "traefik.http.routers.grafana-rtr.rule=Host(`grafana.$DOMAINNAME_HS`)" 24 | # Middlewares 25 | - "traefik.http.routers.grafana-rtr.middlewares=chain-oauth@file" 26 | # HTTP Services 27 | - "traefik.http.routers.grafana-rtr.service=grafana-svc" 28 | - "traefik.http.services.grafana-svc.loadbalancer.server.port=3000" -------------------------------------------------------------------------------- /compose/guacamole.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Guacamole - Remote desktop, SSH, on Telnet on any HTML5 Browser 3 | # Create all databases and tables first 4 | guacamole: 5 | image: guacamole/guacamole:latest 6 | container_name: guacamole 7 | security_opt: 8 | - no-new-privileges:true 9 | restart: unless-stopped 10 | profiles: ["apps", "all"] 11 | networks: 12 | - t3_proxy 13 | - default 14 | ports: 15 | - "8083:8080" 16 | environment: 17 | GUACD_HOSTNAME: guacd 18 | MYSQL_HOSTNAME: $MARIADB_HOST 19 | MYSQL_PORT: 3306 20 | MYSQL_DATABASE_FILE: /run/secrets/guac_db_name 21 | MYSQL_USER_FILE: /run/secrets/guac_mysql_user 22 | MYSQL_PASSWORD_FILE: /run/secrets/guac_mysql_password 23 | secrets: 24 | - guac_db_name 25 | - guac_mysql_user 26 | - guac_mysql_password 27 | labels: 28 | - "traefik.enable=true" 29 | # HTTP Routers 30 | - "traefik.http.routers.guacamole-rtr.entrypoints=websecure" 31 | - "traefik.http.routers.guacamole-rtr.rule=Host(`guac.$DOMAINNAME_HS`)" 32 | # Middlewares 33 | - "traefik.http.routers.guacamole-rtr.middlewares=chain-oauth@file,add-guacamole" 34 | - "traefik.http.middlewares.add-guacamole.addPrefix.prefix=/guacamole" 35 | # HTTP Services 36 | - "traefik.http.routers.guacamole-rtr.service=guacamole-svc" 37 | - "traefik.http.services.guacamole-svc.loadbalancer.server.port=8080" 38 | 39 | # Guacamole Daemon - Needed for Guacamole 40 | guacd: 41 | image: guacamole/guacd 42 | container_name: guacd 43 | security_opt: 44 | - no-new-privileges:true 45 | restart: unless-stopped 46 | profiles: ["apps", "all"] -------------------------------------------------------------------------------- /compose/homepage.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Homepage - Application Dashboard 3 | homepage: 4 | image: ghcr.io/gethomepage/homepage:latest 5 | container_name: homepage 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["apps", "all"] 10 | networks: 11 | - socket_proxy 12 | - default 13 | ports: 14 | - "3000:3000" 15 | volumes: 16 | - $DOCKERDIR/appdata/homepage:/app/config 17 | environment: 18 | TZ: $TZ 19 | PUID: $PUID 20 | PGID: $PGID 21 | -------------------------------------------------------------------------------- /compose/influxdb.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # InfluxDB - Database for sensor data 3 | influxdb: 4 | image: influxdb:latest 5 | container_name: influxdb 6 | networks: 7 | - default 8 | security_opt: 9 | - no-new-privileges:true 10 | restart: unless-stopped 11 | profiles: ["dbs", "all"] 12 | ports: 13 | - "8086:8086" 14 | volumes: 15 | - $DOCKERDIR/appdata/influxdb2/config:/etc/influxdb2 16 | - $DOCKERDIR/appdata/influxdb2/db:/var/lib/influxdb2 -------------------------------------------------------------------------------- /compose/it-tools.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # IT-Tools - Status Page & Monitoring Server 3 | it-tools: 4 | image: corentinth/it-tools 5 | container_name: it-tools 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["apps", "all"] 10 | networks: 11 | - t3_proxy 12 | labels: 13 | - "traefik.enable=true" 14 | # HTTP Routers 15 | - "traefik.http.routers.it-tools-rtr.entrypoints=websecure" 16 | - "traefik.http.routers.it-tools-rtr.rule=Host(`tools.$DOMAINNAME_HS`)" 17 | # Middlewares 18 | - "traefik.http.routers.it-tools-rtr.middlewares=chain-oauth@file" 19 | # HTTP Services 20 | - "traefik.http.routers.it-tools-rtr.service=it-tools-svc" 21 | - "traefik.http.services.it-tools-svc.loadbalancer.server.port=80" -------------------------------------------------------------------------------- /compose/jdownloader.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # jDownloader - Download management 3 | jdownloader: 4 | image: jlesage/jdownloader-2:latest 5 | container_name: jdownloader 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["apps", "all"] 10 | networks: 11 | - t3_proxy 12 | # ports: 13 | # - "$JDOWNLOADER_PORT:5800" 14 | volumes: 15 | - $DATADIR/downloads:/data/downloads 16 | - $DOCKERDIR/appdata/jdownloader:/config 17 | environment: 18 | USER_ID: $PUID 19 | GROUP_ID: $PGID 20 | TZ: $TZ 21 | UMASK: 002 22 | KEEP_APP_RUNNING: 1 23 | CLEAN_TMP_DIR: 1 24 | DISPLAY_WIDTH: 1600 25 | DISPLAY_HEIGHT: 960 26 | VNC_PASSWORD: $JDOWN_VNC_PASSWD 27 | labels: 28 | - "traefik.enable=true" 29 | # HTTP Routers 30 | - "traefik.http.routers.jdownloader-rtr.entrypoints=websecure" 31 | - "traefik.http.routers.jdownloader-rtr.rule=Host(`jdown.$DOMAINNAME_HS`)" 32 | # Middlewares 33 | - "traefik.http.routers.jdownloader-rtr.middlewares=chain-oauth@file" 34 | # HTTP Services 35 | - "traefik.http.routers.jdownloader-rtr.service=jdownloader-svc" 36 | - "traefik.http.services.jdownloader-svc.loadbalancer.server.port=5800" -------------------------------------------------------------------------------- /compose/jellyfin.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Jellyfin - Media Server 3 | jellyfin: 4 | image: jellyfin/jellyfin:latest 5 | container_name: jellyfin 6 | networks: 7 | - default 8 | security_opt: 9 | - no-new-privileges:true 10 | restart: "no" 11 | # profiles: ["media", "all"] 12 | user: $PUID:$PGID 13 | # devices: 14 | # - /dev/dri:/dev/dri # for harware transcoding 15 | ports: 16 | - "8096:8096" 17 | # - "8920:8920" # Emby also uses same port if running both 18 | environment: 19 | UMASK_SET: 022 20 | TZ: $TZ 21 | volumes: 22 | - $DOCKERDIR/appdata/jellyfin:/config 23 | - $DATADIR/media:/media 24 | #- $EXTDIR/ssd/home-server/downloads:/data/downloads 25 | - /dev/shm:/data/transcode # Offload transcoding to RAM if you have enough RAM 26 | -------------------------------------------------------------------------------- /compose/kaizoku.yml: -------------------------------------------------------------------------------- 1 | volumes: 2 | db: 3 | redis: 4 | 5 | services: 6 | app: 7 | container_name: kaizoku 8 | image: ghcr.io/oae/kaizoku:latest 9 | environment: 10 | - DATABASE_URL=postgresql://kaizoku:kaizoku@db:5432/kaizoku 11 | - KAIZOKU_PORT=3000 12 | - REDIS_HOST=redis 13 | - REDIS_PORT=6379 14 | - PUID= 15 | - PGID= 16 | - TZ=Europe/Istanbul 17 | volumes: 18 | - $DOCKERDIR/appdata/kaizoku:/config 19 | - $DATADIR/data/media/manga:/data/manga # Manga is just an example you can have the name you want. See the following 20 | - $DATADIR/data/media/comics:/data/comics # Use as many as you want 21 | - $DATADIR/data/media/manhwa:/data/manhwa # 22 | - $DATADIR/data/media/manhua:/data/manhua # 23 | - $DATADIR/data/media/books:/data/books # 24 | - :/logs 25 | depends_on: 26 | db: 27 | condition: service_healthy 28 | ports: 29 | - "3000:3000" 30 | redis: 31 | image: redis:7-alpine 32 | volumes: 33 | - redis:/data 34 | db: 35 | image: postgres:alpine 36 | restart: unless-stopped 37 | healthcheck: 38 | test: ["CMD-SHELL", "pg_isready -U kaizoku"] 39 | interval: 5s 40 | timeout: 5s 41 | retries: 5 42 | environment: 43 | - POSTGRES_USER=kaizoku 44 | - POSTGRES_DB=kaizoku 45 | - POSTGRES_PASSWORD=kaizoku 46 | volumes: 47 | - db:/var/lib/postgresql/data 48 | -------------------------------------------------------------------------------- /compose/kasm.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Kasm - Remote Workspaces 3 | kasm: 4 | image: lscr.io/linuxserver/kasm:latest 5 | container_name: kasm 6 | # privileged: true 7 | security_opt: 8 | - no-new-privileges:true 9 | - apparmor:unconfined 10 | - seccomp:unconfined 11 | cap_add: 12 | - NET_ADMIN 13 | - SYS_ADMIN 14 | restart: unless-stopped 15 | profiles: ["apps", "all"] 16 | networks: 17 | - t3_proxy 18 | ports: 19 | - 3001:3000 20 | - 4443:443 21 | volumes: 22 | - $DOCKERDIR/appdata/kasm/data:/opt 23 | - $DOCKERDIR/appdata/kasm/profiles:/profiles #optional 24 | - /dev/input:/dev/input #optional 25 | - /run/udev/data:/run/udev/data #optional 26 | environment: 27 | TZ: $TZ 28 | KASM_PORT: 443 29 | # DOCKER_HUB_USERNAME: USER #optional 30 | # DOCKER_HUB_PASSWORD: PASS #optional 31 | # DOCKER_MTU: 1500 #optional 32 | labels: 33 | - "traefik.enable=true" 34 | # HTTP Routers 35 | - "traefik.http.routers.kasm-rtr.entrypoints=websecure" 36 | - "traefik.http.routers.kasm-rtr.rule=Host(`kasm.$DOMAINNAME_HS`)" 37 | # Middlewares 38 | - "traefik.http.routers.kasm-rtr.middlewares=chain-oauth@file" 39 | # HTTP Services 40 | - "traefik.http.routers.kasm-rtr.service=kasm-svc" 41 | - "traefik.http.services.kasm-svc.loadbalancer.server.port=3000" 42 | 43 | -------------------------------------------------------------------------------- /compose/kavita.yml: -------------------------------------------------------------------------------- 1 | services: 2 | kavita: 3 | image: jvmilazz0/kavita:latest # Using the stable branch from the official dockerhub repo. 4 | container_name: kavita 5 | ports: 6 | - "5000:5000" # Change the public port (the first 5000) if you have conflicts with other services 7 | volumes: 8 | - $DOCKERDIR/appdata/kavita:/config # Change './data if you want to have the config files in a different place. 9 | # /kavita/config must not be changed 10 | - $DATADIR/data/media/manga:/data/manga # Manga is just an example you can have the name you want. See the following 11 | - $DATADIR/data/media/comics:/data/comics # Use as many as you want 12 | - $DATADIR/data/media/manhwa:/data/manhwa # 13 | - $DATADIR/data/media/manhua:/data/manhua # 14 | - $DATADIR/data/media/books:/data/books # 15 | environment: 16 | - TZ: $TZ 17 | restart: unless-stopped 18 | -------------------------------------------------------------------------------- /compose/komga.yml: -------------------------------------------------------------------------------- 1 | services: 2 | komga: 3 | image: gotson/komga 4 | container_name: komga 5 | volumes: 6 | - $DOCKERDIR/appdata/komga:/config 7 | - $DATADIR/data/media/manga:/data 8 | environment: 9 | - TZ=$TZ 10 | ports: 11 | - 25600:25600 12 | user: "1000:1000" 13 | restart: unless-stopped 14 | -------------------------------------------------------------------------------- /compose/lidarr-exporter.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Lidarr Exporter - Lidarr metrics for Prometheus 3 | lidarr-exporter: 4 | image: ghcr.io/onedr0p/exportarr:latest 5 | container_name: lidarr-exporter 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: "no" 9 | profiles: ["all", "media", "arrs"] 10 | networks: 11 | - t3_proxy 12 | ports: 13 | - "9709:9709" 14 | environment: 15 | PORT: 9709 16 | URL: "http://lidarr:8686" 17 | APIKEY: $LIDARR_API_KEY 18 | ENABLE_ADDITIONAL_METRICS: TRUE 19 | command: ["lidarr"] -------------------------------------------------------------------------------- /compose/lidarr.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Lidarr - Music Management 3 | # Set url_base in lidarr settings if using PathPrefix 4 | lidarr: 5 | image: lscr.io/linuxserver/lidarr:latest 6 | container_name: lidarr 7 | security_opt: 8 | - no-new-privileges:true 9 | restart: "no" 10 | profiles: ["media","arrs", "all"] 11 | networks: 12 | - t3_proxy 13 | ports: 14 | - "8686:8686" 15 | volumes: 16 | - $DOCKERDIR/appdata/lidarr:/config 17 | - $DATADIR:/data 18 | - "/etc/localtime:/etc/localtime:ro" 19 | environment: 20 | TZ: $TZ 21 | PUID: $PUID 22 | PGID: $PGID 23 | labels: 24 | - "traefik.enable=true" 25 | # HTTP Routers Auth Bypass 26 | - "traefik.http.routers.lidarr-rtr-bypass.entrypoints=websecure" 27 | #- "traefik.http.routers.lidarr-rtr-bypass.rule=Host(`lidarr.$DOMAINNAME_HS`) && (Header(`X-Api-Key`, `$LIDARR_API_KEY`) || Query(`apikey`, `$LIDARR_API_KEY`))" 28 | - "traefik.http.routers.lidarr-rtr-bypass.rule=Host(`lidarr.$DOMAINNAME_HS`) && Header(`traefik-auth-bypass-key`, `$TRAEFIK_AUTH_BYPASS_KEY`)" # Bypass Auth for LunaSea on iOS 29 | - "traefik.http.routers.lidarr-rtr-bypass.priority=100" 30 | # HTTP Routers Auth 31 | - "traefik.http.routers.lidarr-rtr.entrypoints=websecure" 32 | - "traefik.http.routers.lidarr-rtr.rule=Host(`lidarr.$DOMAINNAME_HS`)" 33 | - "traefik.http.routers.lidarr-rtr.priority=99" 34 | # Middlewares 35 | - "traefik.http.routers.lidarr-rtr-bypass.middlewares=chain-no-auth@file" 36 | - "traefik.http.routers.lidarr-rtr.middlewares=chain-oauth@file" 37 | # HTTP Services 38 | - "traefik.http.routers.lidarr-rtr.service=lidarr-svc" 39 | - "traefik.http.routers.lidarr-rtr-bypass.service=lidarr-svc" 40 | - "traefik.http.services.lidarr-svc.loadbalancer.server.port=8686" -------------------------------------------------------------------------------- /compose/makemkv.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # MakeMKV - Video Editing (Ripping from Disks) 3 | makemkv: 4 | image: jlesage/makemkv:latest 5 | container_name: makemkv 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: "no" 9 | profiles: ["media","all"] 10 | networks: 11 | - t3_proxy 12 | # ports: 13 | # - "$MAKEMKV_PORT:5800" 14 | volumes: 15 | - $DOWNLOADSDIR:/data/downloads 16 | - $DOCKERDIR/appdata/makemkv/config:/config 17 | - /dev/shm:/dev/shm 18 | environment: 19 | USER_ID: $PUID 20 | GROUP_ID: $PGID 21 | UMASK: 002 22 | TZ: $TZ 23 | KEEP_APP_RUNNING: 1 24 | CLEAN_TMP_DIR: 1 25 | DISPLAY_WIDTH: 1600 26 | DISPLAY_HEIGHT: 960 27 | # VNC_PASSWORD: $MAKEMKV_VNC_PASSWD 28 | labels: 29 | - "traefik.enable=true" 30 | # HTTP Routers 31 | - "traefik.http.routers.makemkv-rtr.entrypoints=websecure" 32 | - "traefik.http.routers.makemkv-rtr.rule=Host(`makemkv.$DOMAINNAME_HS`)" 33 | # Middlewares 34 | - "traefik.http.routers.makemkv-rtr.middlewares=chain-oauth@file" 35 | # HTTP Services 36 | - "traefik.http.routers.makemkv-rtr.service=makemkv-svc" 37 | - "traefik.http.services.makemkv-svc.loadbalancer.server.port=5800" -------------------------------------------------------------------------------- /compose/mango.yml: -------------------------------------------------------------------------------- 1 | services: 2 | mango: 3 | image: hkalexling/mango 4 | container_name: mango 5 | expose: 6 | - 9000 7 | ports: 8 | - 9000:9000 9 | volumes: 10 | - $DOCKERDIR/appdata/mango:/config 11 | - $DATADIR/data/media/manga:/data/manga # Manga is just an example you can have the name you want. See the following 12 | - $DATADIR/data/media/comics:/data/comics # Use as many as you want 13 | - $DATADIR/data/media/manhwa:/data/manhwa # 14 | - $DATADIR/data/media/manhua:/data/manhua # 15 | - $DATADIR/data/media/books:/data/books # 16 | -------------------------------------------------------------------------------- /compose/mariadb.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # MariaDB - MySQL Database 3 | # After starting container for first time dexec and mysqladmin -u root password 4 | mariadb: 5 | container_name: mariadb 6 | image: lscr.io/linuxserver/mariadb 7 | networks: 8 | - default 9 | security_opt: 10 | - no-new-privileges:true 11 | restart: unless-stopped 12 | profiles: ["dbs", "all"] 13 | ports: 14 | - "3306:3306" 15 | volumes: 16 | - $DOCKERDIR/appdata/mariadb/data:/config 17 | environment: 18 | TZ: $TZ 19 | PUID: $PUID 20 | PGID: $PGID 21 | FILE__MYSQL_ROOT_PASSWORD: /run/secrets/mysql_root_password # Note FILE__ (double underscore) - Issue #127 22 | secrets: 23 | - mysql_root_password -------------------------------------------------------------------------------- /compose/mergerfs.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # MergerFS - A featureful union filesystem 3 | mergerfs: 4 | container_name: mergerfs 5 | hostname: mergerfs 6 | image: hotio/mergerfs:latest 7 | restart: always 8 | # depends_on: 9 | # - gdrive # if using rclone 10 | # - gcrypt # if using rclone 11 | user: $PUID:$PGID 12 | command: "/data/media1:/data/media2 \ 13 | /data/media \ 14 | -o rw,\ 15 | use_ino,\ 16 | allow_other,\ 17 | func.getattr=newest,\ 18 | category.action=all,\ 19 | category.create=ff,\ 20 | statfs_ignore=nc,\ 21 | cache.files=auto-full,\ 22 | func.getattr=newest,\ 23 | dropcacheonclose=true,\ 24 | nonempty" 25 | cap_add: 26 | - SYS_ADMIN 27 | security_opt: 28 | - apparmor:unconfined 29 | devices: 30 | - /dev/fuse 31 | environment: 32 | - TZ=$TZ 33 | volumes: 34 | - /etc/passwd:/etc/passwd:ro 35 | - /etc/group:/etc/group:ro 36 | - /etc/fuse.conf:/etc/fuse.conf:shared 37 | #- $DATADIR:/data:slave # creates local-media and shb-media on host 38 | - $DATADIR1/test:/data/media1:rshared 39 | - $DATADIR2/test:/data/media2:rshared 40 | - $DATADIR1/mnt/media:/data/media:rshared -------------------------------------------------------------------------------- /compose/mkvtoolnix.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # MKVToolNix - Video Editing (Remuxing - changing media container while keeping original source quality) 3 | mkvtoolnix: 4 | image: jlesage/mkvtoolnix:latest 5 | container_name: mkvtoolnix 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: "no" 9 | profiles: ["media","all"] 10 | networks: 11 | - t3_proxy 12 | # ports: 13 | # - "$MKVTOOLNIX_PORT:5800" 14 | volumes: 15 | - $DOWNLOADSDIR:/data/downloads 16 | - $DOCKERDIR/appdata/mkvtoolnix/config:/config:rw 17 | environment: 18 | USER_ID: $PUID 19 | GROUP_ID: $PGID 20 | UMASK: 002 21 | TZ: $TZ 22 | KEEP_APP_RUNNING: 1 23 | CLEAN_TMP_DIR: 1 24 | DISPLAY_WIDTH: 1600 25 | DISPLAY_HEIGHT: 960 26 | # VNC_PASSWORD: $MKVTOOLNIX_VNC_PASSWD 27 | labels: 28 | - "traefik.enable=true" 29 | # HTTP Routers 30 | - "traefik.http.routers.mkvtoolnix-rtr.entrypoints=websecure" 31 | - "traefik.http.routers.mkvtoolnix-rtr.rule=Host(`mkvtoolnix.$DOMAINNAME_HS`)" 32 | # Middlewares 33 | - "traefik.http.routers.mkvtoolnix-rtr.middlewares=chain-oauth@file" 34 | # HTTP Services 35 | - "traefik.http.routers.mkvtoolnix-rtr.service=mkvtoolnix-svc" 36 | - "traefik.http.services.mkvtoolnix-svc.loadbalancer.server.port=5800" -------------------------------------------------------------------------------- /compose/nginx.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Nginx - Web Server 3 | nginx: 4 | container_name: nginx 5 | image: nginx:1.24 # 1.20 updated 4/19/2024 # 1.18 Updated 8/9/2021 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["core", "all"] 10 | networks: 11 | - t2_proxy 12 | depends_on: 13 | - php7 14 | - redis 15 | volumes: 16 | - /etc/localtime:/etc/localtime:ro 17 | - /etc/timezone:/etc/timezone:ro 18 | - $DOCKERDIR/logs/ws/nginx:/var/log/nginx 19 | - $DOCKERDIR/appdata/nginx:/etc/nginx 20 | - $DOCKERDIR/appdata/sites/shb/html:/var/www/html/shb 21 | - $DOCKERDIR/logs/ws/wordpress/debug.log:/var/www/html/shb/wp-content/debug.log 22 | - $DOCKERDIR/appdata/sites/shb/beta:/var/www/html/beta 23 | - $DOCKERDIR/appdata/sites/khub/html:/var/www/html/khub 24 | - $DOCKERDIR/appdata/sites/dash/html:/var/www/html/dash 25 | secrets: 26 | - basic_auth_credentials 27 | labels: 28 | - "traefik.enable=true" 29 | # HTTP Routers SHB (WordPress) Auth 30 | - "traefik.http.routers.nginx-shb-auth-rtr.entrypoints=websecure" 31 | - "traefik.http.routers.nginx-shb-auth-rtr.rule=Host(`www.$DOMAINNAME_WS`) && Path(`/wp-login.php`)" # crowdsec 32 | - "traefik.http.routers.nginx-shb-auth-rtr.priority=100" 33 | # HTTP Routers SHB (WordPress) Bypass 34 | - "traefik.http.routers.nginx-shb-rtr.entrypoints=websecure" 35 | - "traefik.http.routers.nginx-shb-rtr.rule=Host(`$DOMAINNAME_WS`) || Host(`www.$DOMAINNAME_WS`)" # no crowdsec 36 | - "traefik.http.routers.nginx-shb-rtr.priority=99" 37 | # HTTP Routers SHB Beta (WordPress) 38 | - "traefik.http.routers.nginx-shb-beta-rtr.entrypoints=websecure" 39 | - "traefik.http.routers.nginx-shb-beta-rtr.rule=Host(`beta.$DOMAINNAME_WS`)" 40 | # HTTP Routers DASH (non-WordPress) 41 | - "traefik.http.routers.nginx-dash-rtr.entrypoints=websecure" 42 | - "traefik.http.routers.nginx-dash-rtr.rule=Host(`dash.$DOMAINNAME_WS`)" # crowdsec 43 | # HTTP Routers KHUB (non-WordPress) 44 | - "traefik.http.routers.nginx-khub-rtr.entrypoints=websecure" 45 | - "traefik.http.routers.nginx-khub-rtr.rule=Host(`$DOMAINNAME_KHUB`) || Host(`www.$DOMAINNAME_KHUB`)" 46 | # Redirect shb non-www to www middleware 47 | - "traefik.http.middlewares.shb-redirect.redirectregex.regex=^https?://$DOMAINNAME_WS/(.*)" 48 | - "traefik.http.middlewares.shb-redirect.redirectregex.replacement=https://www.$DOMAINNAME_WS/$${1}" 49 | - "traefik.http.middlewares.shb-redirect.redirectregex.permanent=true" 50 | # Redirect khub non-www to www middleware 51 | - "traefik.http.middlewares.khub-redirect.redirectregex.regex=^https?://$DOMAINNAME_KHUB/(.*)" 52 | - "traefik.http.middlewares.khub-redirect.redirectregex.replacement=https://www.$DOMAINNAME_KHUB/$${1}" 53 | - "traefik.http.middlewares.khub-redirect.redirectregex.permanent=true" 54 | # Middlewares 55 | - "traefik.http.routers.nginx-khub-rtr.middlewares=khub-redirect,chain-no-auth@file" 56 | - "traefik.http.routers.nginx-shb-rtr.middlewares=shb-redirect,chain-no-auth-wp@file" # no crowdsec 57 | - "traefik.http.routers.nginx-shb-auth-rtr.middlewares=shb-redirect,chain-no-auth-crowdsec-wp@file" # crowdsec 58 | - "traefik.http.routers.nginx-dash-rtr.middlewares=chain-oauth@file" 59 | - "traefik.http.routers.nginx-shb-beta-rtr.middlewares=chain-oauth@file" 60 | # HTTP Services 61 | - "traefik.http.routers.nginx-shb-rtr.service=nginx-svc" 62 | - "traefik.http.routers.nginx-shb-auth-rtr.service=nginx-svc" 63 | - "traefik.http.routers.nginx-khub-rtr.service=nginx-svc" 64 | - "traefik.http.routers.nginx-dash-rtr.service=nginx-svc" 65 | - "traefik.http.routers.nginx-shb-beta-rtr.service=nginx-svc" 66 | - "traefik.http.services.nginx-svc.loadbalancer.server.port=80" -------------------------------------------------------------------------------- /compose/node-exporter.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Node Exporter - Metrics to Prometheus 3 | node-exporter: 4 | container_name: node-exporter 5 | image: prom/node-exporter:latest 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["monitoring", "all"] 10 | networks: 11 | - default 12 | ports: 13 | - "9100:9100" 14 | volumes: 15 | - /proc:/host/proc:ro 16 | - /sys:/host/sys:ro 17 | - /:/rootfs:ro 18 | command: 19 | - '--path.procfs=/host/proc' 20 | - '--path.sysfs=/host/sys' 21 | - --collector.filesystem.ignored-mount-points 22 | - "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)" 23 | -------------------------------------------------------------------------------- /compose/notifiarr.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Client for Notifiarr.com 3 | notifiarr: 4 | image: golift/notifiarr 5 | container_name: notifiarr 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: "no" 9 | profiles: ["media", "all"] 10 | networks: 11 | - t3_proxy 12 | # t3_proxy: 13 | # ipv4_address: 192.168.90.3 # You can specify a static IP 14 | ports: 15 | - "5454:5454" 16 | volumes: 17 | - $DOCKERDIR/appdata/notifiarr:/config 18 | - /var/run/utmp:/var/run/utmp 19 | - /etc/machine-id:/etc/machine-id 20 | environment: 21 | DN_API_KEY: $NOTIFIARR_API_KEY 22 | DN_AUTO_UPDATE: off 23 | labels: 24 | - "traefik.enable=true" 25 | # HTTP Routers Auth 26 | - "traefik.http.routers.notifiarr-rtr.entrypoints=websecure" 27 | - "traefik.http.routers.notifiarr-rtr.rule=Host(`notifiarr.$DOMAINNAME_HS`)" 28 | # Middlewares 29 | - "traefik.http.routers.notifiarr-rtr.middlewares=chain-oauth@file" 30 | # HTTP Services 31 | - "traefik.http.routers.notifiarr-rtr.service=notifiarr-svc" 32 | - "traefik.http.services.notifiarr-svc.loadbalancer.server.port=5454" -------------------------------------------------------------------------------- /compose/oauth.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Google OAuth - Single Sign On using OAuth 2.0 3 | # https://www.smarthomebeginner.com/google-oauth-with-traefik-docker/ 4 | # Also possible to forward all authentication requests to external service. See middlewares-oauth-external and chain-oauth-external. 5 | oauth: 6 | container_name: oauth 7 | image: thomseddon/traefik-forward-auth:latest 8 | # image: thomseddon/traefik-forward-auth:2.1-arm # Use this image with Raspberry Pi 9 | security_opt: 10 | - no-new-privileges:true 11 | restart: unless-stopped 12 | #profiles: ["core", "all"] 13 | networks: 14 | - traefik_proxy 15 | # Allow apps to bypass OAuth. Radarr example below will bypass OAuth if API key is present in the request (eg. from NZB360 mobile app). 16 | # While this is one way, the recommended way is to bypass authentication using Traefik labels shown in some of the apps later. 17 | # command: --rule.radarr.action=allow --rule.radarr.rule="Headers(`X-Api-Key`, `$RADARR_API_KEY`)" 18 | # command: --rule.sabnzbd.action=allow --rule.sabnzbd.rule="HeadersRegexp(`X-Forwarded-Uri`, `$SABNZBD_API_KEY`)" 19 | environment: 20 | - CONFIG=/config 21 | - COOKIE_DOMAIN=$DOMAINNAME_DS918 22 | - INSECURE_COOKIE=false 23 | - AUTH_HOST=oauth.$DOMAINNAME_DS918 24 | - URL_PATH=/_oauth 25 | - LOG_LEVEL=warn 26 | - LOG_FORMAT=text 27 | - LIFETIME=86400 # 1 day 28 | - DEFAULT_ACTION=auth 29 | - DEFAULT_PROVIDER=google 30 | secrets: 31 | - source: traefik_forward_auth 32 | target: /config 33 | labels: 34 | - "traefik.enable=true" 35 | # HTTP Routers 36 | - "traefik.http.routers.oauth-rtr.tls=true" 37 | - "traefik.http.routers.oauth-rtr.entrypoints=https" 38 | - "traefik.http.routers.oauth-rtr.rule=Host(`oauth.$DOMAINNAME_DS918`)" 39 | # Middlewares 40 | - "traefik.http.routers.oauth-rtr.middlewares=chain-oauth@file" 41 | # HTTP Services 42 | - "traefik.http.routers.oauth-rtr.service=oauth-svc" 43 | - "traefik.http.services.oauth-svc.loadbalancer.server.port=4181" -------------------------------------------------------------------------------- /compose/php7.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # PHP - Hypertext Preprocessor 3 | php7: 4 | container_name: php7 5 | image: php:7.4-fpm-custom 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["core", "all"] 10 | networks: 11 | - t2_proxy 12 | build: 13 | context: $DOCKERDIR/custom/ 14 | dockerfile: Dockerfile-php7 15 | user: $PUID:$PGID # allows upgrading WP and plugins 16 | volumes: 17 | - $DOCKERDIR/appdata/sites/shb/html:/var/www/html/shb 18 | - $DOCKERDIR/appdata/sites/shb/beta:/var/www/html/beta 19 | - $DOCKERDIR/appdata/php/php7:/usr/local/etc/php 20 | - $DOCKERDIR/appdata/sites/khub/html:/var/www/html/khub 21 | - $DOCKERDIR/appdata/sites/dash/html:/var/www/html/dash -------------------------------------------------------------------------------- /compose/phpmyadmin.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # phpMyAdmin - Database management 3 | # Create a new user with admin privileges. Cannot login as MySQL root for some reason. 4 | phpmyadmin: 5 | image: phpmyadmin/phpmyadmin:latest 6 | container_name: phpmyadmin 7 | security_opt: 8 | - no-new-privileges:true 9 | restart: unless-stopped 10 | profiles: ["apps", "all"] 11 | networks: 12 | - t3_proxy 13 | environment: 14 | - PMA_HOST=$MARIADB_HOST 15 | - PMA_PORT=$MARIADB_PORT 16 | #- PMA_ARBITRARY=1 17 | - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql_root_password 18 | secrets: 19 | - mysql_root_password 20 | labels: 21 | - "traefik.enable=true" 22 | # HTTP Routers 23 | - "traefik.http.routers.phpmyadmin-rtr.entrypoints=websecure" 24 | - "traefik.http.routers.phpmyadmin-rtr.rule=Host(`pma.$DOMAINNAME_HS`)" 25 | # Middlewares 26 | - "traefik.http.routers.phpmyadmin-rtr.middlewares=chain-oauth@file" 27 | # HTTP Services 28 | - "traefik.http.routers.phpmyadmin-rtr.service=phpmyadmin-svc" 29 | - "traefik.http.services.phpmyadmin-svc.loadbalancer.server.port=80" -------------------------------------------------------------------------------- /compose/picard.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Picard - Music Library Tagging and Management 3 | picard: 4 | image: mikenye/picard:latest 5 | container_name: picard 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: "no" 9 | profiles: ["media", "all"] 10 | networks: 11 | - t3_proxy 12 | # ports: 13 | # - "$PICARD_PORT:5800" 14 | volumes: 15 | - $DATADIR:/data:rw 16 | - $DOCKERDIR/appdata/picard:/config:rw 17 | - /dev/shm:/dev/shm 18 | environment: 19 | USER_ID: $PUID 20 | GROUP_ID: $PGID 21 | TZ: $TZ 22 | UMASK: 002 23 | DISPLAY_WIDTH: 1600 24 | DISPLAY_HEIGHT: 960 25 | labels: 26 | - "traefik.enable=true" 27 | # HTTP Routers 28 | - "traefik.http.routers.picard-rtr.entrypoints=websecure" 29 | - "traefik.http.routers.picard-rtr.rule=Host(`picard.$DOMAINNAME_HS`)" 30 | # Middlewares 31 | - "traefik.http.routers.picard-rtr.middlewares=chain-oauth@file" 32 | # HTTP Services 33 | - "traefik.http.routers.picard-rtr.service=picard-svc" 34 | - "traefik.http.services.picard-svc.loadbalancer.server.port=5800" -------------------------------------------------------------------------------- /compose/plex-image-cleanup.yml: -------------------------------------------------------------------------------- 1 | services: 2 | pic: 3 | image: meisnate12/plex-image-cleanup 4 | container_name: pic 5 | environment: 6 | - TZ=$TZ #optional 7 | volumes: 8 | - $DOCKERDIR/appdata/plex-image-cleanup:/config 9 | - $DOCKERDIR/appdata/plex/Library/Application Support/Plex Media Server:/plex 10 | restart: unless-stopped -------------------------------------------------------------------------------- /compose/plex-meta-manager.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Plex Meta Manager - Automatic Metadata Manager for Plex 3 | plexmm: 4 | image: lscr.io/linuxserver/plex-meta-manager:latest 5 | container_name: plexmm 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: "no" 9 | profiles: ["media", "all"] 10 | environment: 11 | TZ: $TZ 12 | PUID: $PUID 13 | PGID: $PGID 14 | PMM_CONFIG: /config/config.yml #optional 15 | PMM_TIME: 03:00 #optional 16 | PMM_RUN: "True" #optional 17 | PMM_TEST: "False" #optional 18 | PMM_NO_MISSING: "False" #optional 19 | volumes: 20 | - $DOCKERDIR/appdata/plex-meta-manager:/config -------------------------------------------------------------------------------- /compose/plex-sync.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Plex-Sync - For Syncing watched status between plex servers 3 | plex-sync: 4 | image: patsissons/plex-sync:develop 5 | container_name: plex-sync 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["media", "all"] 10 | networks: 11 | - default 12 | environment: 13 | INITIAL_RUN: "true" 14 | #DRY_RUN: 0 15 | CRON_SCHEDULE: "*/30 * * * *" 16 | SECTION_MAPS: > 17 | $HOME_SERVER_PLEX/$HOME_SERVER_PLEX_MOVHOL $SYNOLOGY_PLEX/$SYNOLOGY_PLEX_MOVHOL | 18 | $HOME_SERVER_PLEX/$HOME_SERVER_PLEX_SHOTV $SYNOLOGY_PLEX/$SYNOLOGY_PLEX_SHOTV | 19 | $HOME_SERVER_PLEX/$HOME_SERVER_PLEX_SHOKID $SYNOLOGY_PLEX/$SYNOLOGY_PLEX_SHOKID | 20 | $HOME_SERVER_PLEX/$HOME_SERVER_PLEX_MOVKID $SYNOLOGY_PLEX/$SYNOLOGY_PLEX_MOVKID | 21 | $HOME_SERVER_PLEX/$HOME_SERVER_PLEX_MOVIND $SYNOLOGY_PLEX/$SYNOLOGY_PLEX_MOVIND | 22 | $HOME_SERVER_PLEX/$HOME_SERVER_PLEX_MOVKOL $SYNOLOGY_PLEX/$SYNOLOGY_PLEX_MOVKOL | 23 | $HOME_SERVER_PLEX/$HOME_SERVER_PLEX_MOVDOC $SYNOLOGY_PLEX/$SYNOLOGY_PLEX_MOVDOC | 24 | $HOME_SERVER_PLEX/$HOME_SERVER_PLEX_SHODOC $SYNOLOGY_PLEX/$SYNOLOGY_PLEX_SHODOC | 25 | $HOME_SERVER_PLEX/$HOME_SERVER_PLEX_MOVFOR $SYNOLOGY_PLEX/$SYNOLOGY_PLEX_MOVFOR | 26 | $HOME_SERVER_PLEX/$HOME_SERVER_PLEX_SHOFOR $SYNOLOGY_PLEX/$SYNOLOGY_PLEX_SHOFOR | 27 | $HOME_SERVER_PLEX/$HOME_SERVER_PLEX_SHOIND $SYNOLOGY_PLEX/$SYNOLOGY_PLEX_SHOIND -------------------------------------------------------------------------------- /compose/plex.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Plex - Media Server 3 | plex: 4 | image: lscr.io/linuxserver/plex:latest 5 | container_name: plex 6 | networks: 7 | - default 8 | security_opt: 9 | - no-new-privileges:true 10 | restart: "no" 11 | # profiles: ["media", "all"] 12 | # devices: 13 | # - /dev/dri:/dev/dri # for hardware transcoding 14 | ports: 15 | - "32400:32400/tcp" 16 | - "3005:3005/tcp" 17 | - "8324:8324/tcp" 18 | - "32469:32469/tcp" 19 | - "1900:1900/udp" 20 | - "32410:32410/udp" 21 | - "32412:32412/udp" 22 | - "32413:32413/udp" 23 | - "32414:32414/udp" 24 | volumes: 25 | - $DOCKERDIR/appdata/plex:/config 26 | - $DATADIR/media:/media # Media Folder 27 | - /dev/shm:/data/transcode # Offload transcoding to RAM if you have enough RAM 28 | environment: 29 | TZ: $TZ 30 | HOSTNAME: "myPlex" 31 | #PLEX_CLAIM_FILE: /run/secrets/plex_claim # Not required initially 32 | PLEX_CLAIM: $PLEX_CLAIM 33 | PLEX_UID: $PUID 34 | PLEX_GID: $PGID 35 | ADVERTISE_IP: "http://$SERVER_IP:32400/" 36 | ALLOWED_NETWORKS: $LOCAL_IPS 37 | secrets: 38 | - plex_claim 39 | -------------------------------------------------------------------------------- /compose/portainer.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Portainer - WebUI for Containers 3 | portainer: 4 | container_name: portainer 5 | image: portainer/portainer-ce:latest # Use portainer-ee if you have a Business Edition license key 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["core", "all"] 10 | networks: 11 | - socket_proxy 12 | # command: -H unix:///var/run/docker.sock # # Use Docker Socket Proxy instead for improved security 13 | command: -H tcp://socket-proxy:2375 14 | ports: 15 | - "9000:9000" 16 | volumes: 17 | # - /var/run/docker.sock:/var/run/docker.sock:ro # # Use Docker Socket Proxy instead for improved security 18 | - $DOCKERDIR/appdata/portainer/data:/data # Change to local directory if you want to save/transfer config locally 19 | environment: 20 | - TZ=$TZ 21 | -------------------------------------------------------------------------------- /compose/prometheus.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Prometheus - Database for sensor data 3 | prometheus: 4 | image: prom/prometheus:latest 5 | container_name: prometheus 6 | networks: 7 | - default 8 | security_opt: 9 | - no-new-privileges:true 10 | restart: unless-stopped 11 | profiles: ["dbs", "all"] 12 | ports: 13 | - "9090:9090" 14 | volumes: 15 | - $DOCKERDIR/appdata/prometheus/config:/etc/prometheus 16 | - $DOCKERDIR/appdata/prometheus/data:/prometheus 17 | user: $PUID:$PGID 18 | command: 19 | - '--config.file=/etc/prometheus/prometheus.yml' 20 | - '--storage.tsdb.path=/prometheus' 21 | - '--web.console.libraries=/usr/share/prometheus/console_libraries' 22 | - '--web.console.templates=/usr/share/prometheus/consoles' 23 | - '--web.enable-lifecycle' 24 | - '--web.enable-admin-api' -------------------------------------------------------------------------------- /compose/prowlarr-exporter.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Prowlarr Exporter - Prowlarr metrics for Prometheus 3 | prowlarr-exporter: 4 | image: ghcr.io/onedr0p/exportarr:latest 5 | container_name: prowlarr-exporter 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["all", "apps"] 10 | networks: 11 | - t3_proxy 12 | ports: 13 | - "9710:9710" 14 | environment: 15 | PORT: 9710 16 | URL: "http://prowlarr:9696" 17 | APIKEY: $PROWLARR_API_KEY 18 | ENABLE_ADDITIONAL_METRICS: TRUE 19 | command: ["prowlarr"] -------------------------------------------------------------------------------- /compose/prowlarr.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Prowlarr - Torrent proxy 3 | prowlarr: 4 | image: ghcr.io/linuxserver/prowlarr:latest 5 | container_name: prowlarr 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["apps", "all"] 10 | networks: 11 | - default 12 | ports: 13 | - "9696:9696" 14 | volumes: 15 | - $DOCKERDIR/appdata/prowlarr:/config 16 | - "/etc/localtime:/etc/localtime:ro" 17 | environment: 18 | TZ: $TZ 19 | PUID: $PUID 20 | PGID: $PGID 21 | labels: 22 | - "traefik.enable=true" 23 | # HTTP Routers 24 | - "traefik.http.routers.prowlarr-rtr.entrypoints=websecure" 25 | - "traefik.http.routers.prowlarr-rtr.rule=Host(`prowlarr.$DOMAINNAME_HS`)" 26 | # Middlewares 27 | - "traefik.http.routers.prowlarr-rtr.middlewares=chain-oauth@file" 28 | # HTTP Services 29 | - "traefik.http.routers.prowlarr-rtr.service=prowlarr-svc" 30 | - "traefik.http.services.prowlarr-svc.loadbalancer.server.port=9696" 31 | -------------------------------------------------------------------------------- /compose/qbittorrent.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # qBittorrent - Torrent downloader 3 | qbittorrent: 4 | image: lscr.io/linuxserver/qbittorrent:latest 5 | container_name: qbittorrent 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["apps", "downloads", "all"] 10 | networks: 11 | - default 12 | ports: 13 | - "8081:8080" 14 | volumes: 15 | - $DOCKERDIR/appdata/qbittorrent:/config 16 | - $DATADIR/downloads:/data/downloads # Ensure that downloads folder is set to /data/downloads in qBittorrent 17 | environment: 18 | TZ: $TZ 19 | PUID: $PUID 20 | PGID: $PGID 21 | UMASK_SET: 002 22 | healthcheck: # https://github.com/qdm12/gluetun/issues/641#issuecomment-933856220 23 | test: "curl -sf https://example.com || exit 1" 24 | interval: 1m 25 | timeout: 10s 26 | retries: 1 27 | labels: # Traefik labels added via glueten 28 | - "deunhealth.restart.on.unhealthy=true" 29 | -------------------------------------------------------------------------------- /compose/qdirstat.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # qDirStat - Directory Statistics 3 | qdirstat: 4 | image: jlesage/qdirstat:latest 5 | container_name: qdirstat 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["apps", "all"] 10 | networks: 11 | - traefik_proxy 12 | ports: 13 | - "5800:5800" 14 | volumes: 15 | - /volume1:/storage:ro 16 | - $DOCKERDIR/appdata/qdirstat/config:/config:rw 17 | environment: 18 | USER_ID: $PUID 19 | GROUP_ID: $PGID 20 | UMASK: 002 21 | TZ: $TZ 22 | KEEP_APP_RUNNING: 1 23 | CLEAN_TMP_DIR: 1 24 | DISPLAY_WIDTH: 1600 25 | DISPLAY_HEIGHT: 960 26 | VNC_PASSWORD: $QDIRSTAT_VNC_PASSWD 27 | labels: 28 | - "traefik.enable=true" 29 | # HTTP Routers 30 | - "traefik.http.routers.qdirstat-rtr.entrypoints=https" 31 | - "traefik.http.routers.qdirstat-rtr.rule=Host(`qdir.$DOMAINNAME_DS918`)" 32 | # Middlewares 33 | - "traefik.http.routers.qdirstat-rtr.middlewares=chain-oauth@file" 34 | # HTTP Services 35 | - "traefik.http.routers.qdirstat-rtr.service=qdirstat-svc" 36 | - "traefik.http.services.qdirstat-svc.loadbalancer.server.port=5800" -------------------------------------------------------------------------------- /compose/radarr-exporter.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Radarr Exporter - Radarr metrics for Prometheus 3 | radarr-exporter: 4 | image: ghcr.io/onedr0p/exportarr:latest 5 | container_name: radarr-exporter 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: "no" 9 | profiles: ["all", "media", "arrs"] 10 | networks: 11 | - t3_proxy 12 | ports: 13 | - "9707:9707" 14 | environment: 15 | PORT: 9707 16 | URL: "http://radarr:7878" 17 | APIKEY: $RADARR_API_KEY 18 | ENABLE_ADDITIONAL_METRICS: TRUE 19 | command: ["radarr"] -------------------------------------------------------------------------------- /compose/radarr.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Radarr - Movie management 3 | radarr: 4 | image: lscr.io/linuxserver/radarr:latest 5 | container_name: radarr 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: "no" 9 | # profiles: ["media", "arrs", "all"] 10 | networks: 11 | - default 12 | ports: 13 | - "7878:7878" 14 | volumes: 15 | - $DOCKERDIR/appdata/radarr:/config 16 | - $DATADIR/media/movies:/movies 17 | - $DATADIR/downloads:/data/downloads 18 | - "/etc/localtime:/etc/localtime:ro" 19 | environment: 20 | TZ: $TZ 21 | PUID: $PUID 22 | PGID: $PGID 23 | -------------------------------------------------------------------------------- /compose/rclone-gcrypt.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Rclone - Google Drive Mount 3 | gcrypt: 4 | container_name: gcrypt 5 | image: rclone/rclone:latest 6 | security_opt: 7 | - no-new-privileges:true 8 | - apparmor:unconfined 9 | restart: unless-stopped 10 | # profiles: ["core", "all"] 11 | networks: 12 | - traefik_proxy 13 | cap_add: 14 | - SYS_ADMIN 15 | command: 16 | "mount gcrypt: /data/gcrypt \ 17 | --use-mmap \ 18 | --allow-other \ 19 | --no-modtime \ 20 | --allow-non-empty \ 21 | --dir-cache-time=1000h \ 22 | --buffer-size=128M \ 23 | --uid=1026 \ 24 | --gid=100 \ 25 | --umask=002 \ 26 | --user-agent=ds918 \ 27 | --cache-dir=/data/cache/gcrypt \ 28 | --vfs-cache-mode=full \ 29 | --vfs-cache-max-age=336h \ 30 | --vfs-cache-max-size=512G \ 31 | --vfs-read-chunk-size-limit=2G \ 32 | --log-file /config/rclone/logs/gcrypt.log \ 33 | --log-level=NOTICE" 34 | #--bwlimit 3M \ 35 | # 3M approxmimately equals 253 GB limit per day 36 | devices: 37 | - /dev/fuse 38 | volumes: 39 | - $DOCKERDIR/appdata/rclone:/config/rclone 40 | - $DATADIR1/mnt/rclone/gcrypt:/data/gcrypt:shared 41 | - $DATADIR1/mnt/rclone/cache/gcrypt:/data/cache/gcrypt 42 | - /etc/passwd:/etc/passwd:ro 43 | - /etc/group:/etc/group:ro 44 | - /etc/fuse.conf:/etc/fuse.conf:ro 45 | environment: 46 | TZ: $TZ 47 | PUID: $PUID 48 | PGID: $PGID -------------------------------------------------------------------------------- /compose/rclone-gdrive.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Rclone - Google Drive Mount 3 | # https://github.com/openbridge/ob_bulkstash/issues/19 4 | # https://github.com/romancin/rclonebrowser-docker 5 | # https://hub.docker.com/r/d2dyno/rclone-gui 6 | gdrive: 7 | container_name: gdrive 8 | image: rclone/rclone:latest 9 | security_opt: 10 | - no-new-privileges:true 11 | - apparmor:unconfined 12 | restart: unless-stopped 13 | # profiles: ["core", "all"] 14 | networks: 15 | - traefik_proxy 16 | cap_add: 17 | - SYS_ADMIN 18 | command: 19 | "mount gdrive: /data/gdrive \ 20 | --use-mmap \ 21 | --allow-other \ 22 | --no-modtime \ 23 | --allow-non-empty \ 24 | --dir-cache-time=1000h \ 25 | --buffer-size=128M \ 26 | --umask=002 \ 27 | --uid=1026 \ 28 | --gid=100 \ 29 | --user-agent=ds918 \ 30 | --cache-dir=/data/cache/gdrive \ 31 | --vfs-cache-mode=full \ 32 | --vfs-cache-max-age=336h \ 33 | --vfs-cache-max-size=512G \ 34 | --vfs-read-chunk-size-limit=2G \ 35 | --log-file /config/rclone/logs/gdrive.log \ 36 | --rc \ 37 | --rc-web-gui \ 38 | --rc-addr :5572 \ 39 | --rc-user=$RCLONE_WEBUI_USER \ 40 | --rc-pass=$RCLONE_WEBUI_PASS \ 41 | --log-level=NOTICE" 42 | #--bwlimit 150M \ 43 | #--bwlimit-file 40M \ 44 | devices: 45 | - /dev/fuse 46 | volumes: 47 | - $DOCKERDIR/appdata/rclone:/config/rclone 48 | - $DATADIR1/mnt/rclone/gdrive:/data/gdrive:shared 49 | - $DATADIR1/mnt/rclone/cache/gdrive:/data/cache/gdrive 50 | - /etc/passwd:/etc/passwd:ro 51 | - /etc/group:/etc/group:ro 52 | - /etc/fuse.conf:/etc/fuse.conf:ro 53 | environment: 54 | TZ: $TZ 55 | PUID: $PUID 56 | PGID: $PGID 57 | labels: 58 | - "traefik.enable=true" 59 | # HTTP Routers 60 | - "traefik.http.routers.rclone-drive-rtr.entrypoints=https" 61 | - "traefik.http.routers.rclone-drive-rtr.rule=Host(`rclone.$DOMAINNAME_DS918`)" 62 | # Middlewares 63 | - "traefik.http.routers.rclone-drive-rtr.middlewares=chain-oauth@file" 64 | # HTTP Services 65 | - "traefik.http.routers.rclone-drive-rtr.service=rclone-drive-svc" 66 | - "traefik.http.services.rclone-drive-svc.loadbalancer.server.port=5572" -------------------------------------------------------------------------------- /compose/redis.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Redis - Key-value Store 3 | redis: 4 | container_name: redis 5 | image: redis:latest 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["core", "all"] 10 | networks: 11 | - t2_proxy 12 | entrypoint: redis-server --appendonly yes --requirepass $REDIS_PASSWORD --maxmemory 512mb --maxmemory-policy allkeys-lru 13 | ports: 14 | - "6379:6379" 15 | volumes: 16 | - $DOCKERDIR/appdata/redis/data:/data 17 | - /etc/timezone:/etc/timezone:ro 18 | - /etc/localtime:/etc/localtime:ro -------------------------------------------------------------------------------- /compose/sabnzbd-exporter.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # SABnzbd Exporter - SABnzbd metrics for Prometheus 3 | sabnzbd-exporter: 4 | image: ghcr.io/onedr0p/exportarr:latest 5 | container_name: sabnzbd-exporter 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: "unless-stopped" 9 | profiles: ["all", "downloads"] 10 | networks: 11 | - t3_proxy 12 | ports: 13 | - "9712:9712" 14 | environment: 15 | PORT: 9712 16 | URL: "http://sabnzbd:8080" 17 | APIKEY: $SABNZBD_API_KEY 18 | ENABLE_ADDITIONAL_METRICS: TRUE 19 | command: ["sabnzbd"] -------------------------------------------------------------------------------- /compose/sabnzbd.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # SABnzbd - Binary newsgrabber (NZB downloader) 3 | # Disable SABNnzbd's built-in HTTPS support for traefik proxy to work 4 | # Needs trailing / if using PathPrefix 5 | sabnzbd: 6 | image: lscr.io/linuxserver/sabnzbd:latest 7 | container_name: sabnzbd 8 | security_opt: 9 | - no-new-privileges:true 10 | restart: unless-stopped 11 | profiles: ["apps", "downloads", "all"] 12 | networks: 13 | - t3_proxy 14 | ports: 15 | - "8084:8080" 16 | volumes: 17 | - $DOCKERDIR/appdata/sabnzbd:/config 18 | - $DOWNLOADSDIR:/data/downloads 19 | environment: 20 | PUID: $PUID 21 | PGID: $PGID 22 | TZ: $TZ 23 | UMASK_SET: 002 24 | labels: 25 | - "traefik.enable=true" 26 | # HTTP Routers Auth Bypass 27 | - "traefik.http.routers.sabnzbd-rtr-bypass.entrypoints=websecure" 28 | # - "traefik.http.routers.sabnzbd-rtr-bypass.rule=Host(`sabnzbd.$DOMAINNAME_HS`) && Query(`apikey`, `$SABNZBD_API_KEY`)" 29 | - "traefik.http.routers.sabnzbd-rtr-bypass.rule=Host(`sabnzbd.$DOMAINNAME_HS`) && Header(`traefik-auth-bypass-key`, `$TRAEFIK_AUTH_BYPASS_KEY`)" # Bypass Auth for LunaSea on iOS 30 | - "traefik.http.routers.sabnzbd-rtr-bypass.priority=100" 31 | # HTTP Routers Auth 32 | - "traefik.http.routers.sabnzbd-rtr.entrypoints=websecure" 33 | - "traefik.http.routers.sabnzbd-rtr.rule=Host(`sabnzbd.$DOMAINNAME_HS`)" 34 | - "traefik.http.routers.sabnzbd-rtr.priority=99" 35 | # Middlewares 36 | - "traefik.http.routers.sabnzbd-rtr-bypass.middlewares=chain-no-auth@file" 37 | - "traefik.http.routers.sabnzbd-rtr.middlewares=chain-oauth@file" 38 | # HTTP Services 39 | - "traefik.http.routers.sabnzbd-rtr.service=sabnzbd-svc" 40 | - "traefik.http.routers.sabnzbd-rtr-bypass.service=sabnzbd-svc" 41 | - "traefik.http.services.sabnzbd-svc.loadbalancer.server.port=8080" -------------------------------------------------------------------------------- /compose/scrutiny.yml: -------------------------------------------------------------------------------- 1 | services: 2 | scrutiny: 3 | image: ghcr.io/analogj/scrutiny:master-web 4 | container_name: scrutiny 5 | security_opt: 6 | - no-new-privileges:true 7 | restart: unless-stopped 8 | profiles: ["core", "all"] 9 | networks: 10 | - t3_proxy 11 | ports: 12 | - 8090:8080 13 | volumes: 14 | - $DOCKERDIR/appdata/scrutiny:/opt/scrutiny/config 15 | labels: 16 | - "traefik.enable=true" 17 | # HTTP Routers 18 | - "traefik.http.routers.scrutiny-rtr.entrypoints=websecure" 19 | - "traefik.http.routers.scrutiny-rtr.rule=Host(`scrutiny.$DOMAINNAME_HS`)" 20 | # Middlewares 21 | - "traefik.http.routers.scrutiny-rtr.middlewares=chain-oauth@file" 22 | # HTTP Services 23 | - "traefik.http.routers.scrutiny-rtr.service=scrutiny-svc" 24 | - "traefik.http.services.scrutiny-svc.loadbalancer.server.port=8080" -------------------------------------------------------------------------------- /compose/sitespeed.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Autoindex - Simple Directory Index (for Sitespeed.io Results) 3 | sitespeed: 4 | container_name: sitespeed 5 | image: dceoy/nginx-autoindex:latest 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["apps", "all"] 10 | networks: 11 | - t3_proxy 12 | volumes: 13 | - $EXTDRIVE/ssd/sitespeed:/var/lib/nginx/html:ro # Location you want to index 14 | labels: 15 | - "traefik.enable=true" 16 | # HTTP Routers 17 | - "traefik.http.routers.sitespeed-rtr.entrypoints=websecure" 18 | - "traefik.http.routers.sitespeed-rtr.rule=Host(`sitespeed.$DOMAINNAME_HS`)" 19 | # Middlewares 20 | - "traefik.http.routers.sitespeed-rtr.middlewares=chain-oauth@file" 21 | # HTTP Services 22 | - "traefik.http.routers.sitespeed-rtr.service=sitespeed-svc" 23 | - "traefik.http.services.sitespeed-svc.loadbalancer.server.port=80" -------------------------------------------------------------------------------- /compose/socket-proxy.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Docker Socket Proxy - Security Enchanced Proxy for Docker Socket 3 | socket-proxy: 4 | container_name: socket-proxy 5 | image: tecnativa/docker-socket-proxy 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["core", "all"] 10 | networks: 11 | socket_proxy: 12 | ipv4_address: 192.168.91.254 # You can specify a static IP 13 | privileged: true # true for VM. false for unprivileged LXC container on Proxmox. 14 | ports: 15 | - "127.0.0.1:2375:2375" # Do not expose this to the internet with port forwarding 16 | volumes: 17 | - "/var/run/docker.sock:/var/run/docker.sock" 18 | environment: 19 | - LOG_LEVEL=info # debug,info,notice,warning,err,crit,alert,emerg 20 | ## Variables match the URL prefix (i.e. AUTH blocks access to /auth/* parts of the API, etc.). 21 | # 0 to revoke access. 22 | # 1 to grant access. 23 | ## Granted by Default 24 | - EVENTS=1 25 | - PING=1 26 | - VERSION=1 27 | ## Revoked by Default 28 | # Security critical 29 | - AUTH=0 30 | - SECRETS=0 31 | - POST=1 # Watchtower 32 | # Not always needed 33 | - BUILD=0 34 | - COMMIT=0 35 | - CONFIGS=0 36 | - CONTAINERS=1 # Traefik, Portainer, etc. 37 | - DISTRIBUTION=0 38 | - EXEC=0 39 | - IMAGES=1 # Portainer 40 | - INFO=1 # Portainer 41 | - NETWORKS=1 # Portainer 42 | - NODES=0 43 | - PLUGINS=0 44 | - SERVICES=1 # Portainer 45 | - SESSION=0 46 | - SWARM=0 47 | - SYSTEM=0 48 | - TASKS=1 # Portainer 49 | - VOLUMES=1 # Portainer 50 | -------------------------------------------------------------------------------- /compose/sonarr-exporter.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Sonarr Exporter - Sonarr metrics for Prometheus 3 | sonarr-exporter: 4 | image: ghcr.io/onedr0p/exportarr:latest 5 | container_name: sonarr-exporter 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: "no" 9 | profiles: ["all", "media", "arrs"] 10 | networks: 11 | - t3_proxy 12 | ports: 13 | - "9708:9708" 14 | environment: 15 | PORT: 9708 16 | URL: "http://sonarr:8989" 17 | APIKEY: $SONARR_API_KEY 18 | ENABLE_ADDITIONAL_METRICS: TRUE 19 | command: ["sonarr"] -------------------------------------------------------------------------------- /compose/sonarr.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Sonarr - TV Shows Management 3 | # Set url_base in sonarr settings if using PathPrefix 4 | sonarr: 5 | image: lscr.io/linuxserver/sonarr:latest 6 | container_name: sonarr 7 | security_opt: 8 | - no-new-privileges:true 9 | restart: "no" 10 | # profiles: ["media", "arrs", "all"] 11 | networks: 12 | - default 13 | ports: 14 | - "8989:8989" 15 | volumes: 16 | - $DOCKERDIR/appdata/sonarr:/config 17 | - $DATADIR/media/tvshows:/tvshows 18 | - $DATADIR/downloads:/data/downloads 19 | - "/etc/localtime:/etc/localtime:ro" 20 | environment: 21 | TZ: $TZ 22 | PUID: $PUID 23 | PGID: $PGID 24 | -------------------------------------------------------------------------------- /compose/syncthing.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # SyncThing - Keep folders in Sync 3 | syncthing: 4 | image: lscr.io/linuxserver/syncthing 5 | container_name: syncthing 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["core", "all"] 10 | networks: 11 | - traefik_proxy 12 | ports: 13 | - "8384:8384" 14 | - "22000:22000/tcp" 15 | - "22000:22000/udp" 16 | - "21027:21027/udp" 17 | volumes: 18 | - /volume1:/data/volume1 19 | - $DOCKERDIR/appdata/syncthing:/config 20 | environment: 21 | TZ: $TZ 22 | PUID: $PUID 23 | PGID: $PGID 24 | labels: 25 | - "traefik.enable=true" 26 | # HTTP Routers 27 | - "traefik.http.routers.syncthing-rtr.entrypoints=https" 28 | - "traefik.http.routers.syncthing-rtr.rule=Host(`stnas.$DOMAINNAME_DS918`)" 29 | # Middlewares 30 | - "traefik.http.routers.syncthing-rtr.middlewares=chain-oauth@file" 31 | # HTTP Services 32 | - "traefik.http.routers.syncthing-rtr.service=syncthing-svc" 33 | - "traefik.http.services.syncthing-svc.loadbalancer.server.port=8384" -------------------------------------------------------------------------------- /compose/tachidesk.yml: -------------------------------------------------------------------------------- 1 | services: 2 | suwayomi: 3 | image: ghcr.io/suwayomi/tachidesk:preview 4 | environment: 5 | TZ: $TZ # Use TZ database name from https://en.wikipedia.org/wiki/List_of_tz_database_time_zones 6 | # ################################################################################################# 7 | # 8 | # !!! IMPORTANT !!! 9 | # - server settings can be changed during runtime in the WebUI 10 | # - providing an environment variable will OVERWRITE the current setting value when starting the container 11 | # 12 | # ################################################################################################# 13 | # 14 | # example for setting env vars: 15 | # 16 | # - BIND_IP=0.0.0.0 17 | # - BIND_PORT=4567 18 | # - SOCKS_PROXY_ENABLED=false 19 | # - DOWNLOAD_AS_CBZ=true 20 | # - BASIC_AUTH_ENABLED=true 21 | # - BASIC_AUTH_USERNAME=manga 22 | # - BASIC_AUTH_PASSWORD=hello123 23 | # - EXTENSION_REPOS=["http://github.com/orginazation-name/repo-name", "http://github.com/orginazation-name-2/repo-name-2"] 24 | # - FLARESOLVERR_ENABLED=true 25 | # - FLARESOLVERR_URL=http://flaresolverr:8191 26 | volumes: 27 | - $DATADIR/data/media/Tachidesk:/home/suwayomi/.local/share/Tachidesk 28 | ports: 29 | - "4567:4567" 30 | restart: on-failure:3 31 | flaresolverr: 32 | image: ghcr.io/flaresolverr/flaresolverr:latest 33 | container_name: flaresolverr 34 | environment: 35 | TZ: $TZ # Use TZ database name from https://en.wikipedia.org/wiki/List_of_tz_database_time_zones 36 | ports: 37 | - "8191:8191" 38 | restart: unless-stopped 39 | -------------------------------------------------------------------------------- /compose/tautulli.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Tautulli - Plex statistics and monitoring 3 | # Set HTTP Root in Tautulli settings if using PathPrefix 4 | tautulli: 5 | image: lscr.io/linuxserver/tautulli:latest 6 | container_name: tautulli 7 | security_opt: 8 | - no-new-privileges:true 9 | restart: "no" 10 | profiles: ["media", "all"] 11 | networks: 12 | - default 13 | ports: 14 | - "8181:8181" 15 | volumes: 16 | - $DOCKERDIR/appdata/tautulli/config:/config 17 | - $DOCKERDIR/appdata/plex/Library/Application Support/Plex Media Server/Logs:/logs:ro # For tautulli Plex log viewer 18 | environment: 19 | TZ: $TZ 20 | PUID: $PUID 21 | PGID: $PGID 22 | -------------------------------------------------------------------------------- /compose/tdarr.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Tdarr Server - Library Optimizer 3 | tdarr: 4 | image: ghcr.io/haveagitgat/tdarr:latest 5 | logging: 6 | options: 7 | max-size: "10m" 8 | max-file: "3" 9 | container_name: tdarr 10 | security_opt: 11 | - no-new-privileges:true 12 | restart: unless-stopped 13 | # profiles: ["media", "all"] 14 | networks: 15 | - traefik_proxy 16 | devices: 17 | - /dev/dri:/dev/dri # for hardware transcoding 18 | ports: 19 | - 8265:8265 # webUI port 20 | - 8266:8266 # server port 21 | volumes: 22 | - $DOCKERDIR/appdata/tdarr/server:/app/server 23 | - $DOCKERDIR/appdata/tdarr/configs:/app/configs 24 | - $DOCKERDIR/appdata/tdarr/logs:/app/logs 25 | - $DOWNLOADSDIR/transcode/tdarr:/data/temp 26 | - $ZDATADIR/Photos/zVideos:/data/zVideos-source:ro 27 | - $DATADIR1/media/zvideos:/data/zVideos-destination 28 | environment: 29 | TZ: $TZ 30 | PUID: $PUID 31 | PGID: $PGID 32 | UMASK_SET: 002 33 | serverIP: 0.0.0.0 # or hostname 34 | serverPort: 8266 35 | webUIPort: 8265 36 | internalNode: true 37 | inContainer: true 38 | ffmpegVersion: 6 39 | nodeName: tdarr-node-ds918 40 | labels: 41 | - "traefik.enable=true" 42 | # HTTP Routers 43 | - "traefik.http.routers.tdarr-rtr.entrypoints=https" 44 | - "traefik.http.routers.tdarr-rtr.rule=Host(`tdarr.$DOMAINNAME_DS918`)" 45 | # Middlewares 46 | - "traefik.http.routers.tdarr-rtr.middlewares=chain-oauth@file" 47 | # HTTP Services 48 | - "traefik.http.routers.tdarr-rtr.service=tdarr-svc" 49 | - "traefik.http.services.tdarr-svc.loadbalancer.server.port=8265" -------------------------------------------------------------------------------- /compose/traefik-bouncer.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # CrowdSec Bouncer - Traefik 3 | traefik-bouncer: 4 | image: fbonalair/traefik-crowdsec-bouncer 5 | container_name: traefik-bouncer 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["core", "all"] 10 | networks: 11 | - t3_proxy 12 | environment: 13 | GIN_MODE: release # default is debug (more logs) 14 | CROWDSEC_BOUNCER_API_KEY: $CROWDSEC_BOUNCER_TRAEFIK_API_KEY 15 | CROWDSEC_AGENT_HOST: $CROWDSEC_LAPI_HOST:$CROWDSEC_LAPI_PORT # CrowdSec host and port -------------------------------------------------------------------------------- /compose/traefik.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Traefik 2 - Reverse Proxy 3 | traefik: 4 | container_name: traefik 5 | image: traefik:2.10 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | #profiles: ["core", "all"] 10 | networks: 11 | t2_proxy: 12 | ipv4_address: 192.168.90.254 # You can specify a static IP 13 | socket_proxy: 14 | command: # CLI arguments 15 | - --global.checkNewVersion=true 16 | - --global.sendAnonymousUsage=true 17 | - --entrypoints.http.address=:80 18 | - --entrypoints.https.address=:443 19 | - --entrypoints.traefik.address=:8080 20 | # - --entrypoints.ping.address=:8081 21 | - --entrypoints.http.http.redirections.entrypoint.to=https 22 | - --entrypoints.http.http.redirections.entrypoint.scheme=https 23 | - --entrypoints.http.http.redirections.entrypoint.permanent=true 24 | - --api=true 25 | - --api.dashboard=true 26 | - --api.insecure=true 27 | #- --ping=true 28 | # - --serversTransport.insecureSkipVerify=true 29 | # Allow these IPs to set the X-Forwarded-* headers - Cloudflare IPs: https://www.cloudflare.com/ips/ 30 | - --entrypoints.https.forwardedHeaders.trustedIPs=$CLOUDFLARE_IPS,$LOCAL_IPS 31 | - --log=true 32 | - --log.filePath=/logs/traefik.log 33 | - --log.level=INFO # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC 34 | - --accessLog=true 35 | - --accessLog.filePath=/logs/access.log 36 | - --accessLog.bufferingSize=100 # Configuring a buffer of 100 lines 37 | - --accessLog.filters.statusCodes=204-299,400-499,500-599 38 | - --providers.docker=true 39 | # - --providers.docker.endpoint=unix:///var/run/docker.sock # Disable for Socket Proxy. Enable otherwise. 40 | - --providers.docker.endpoint=tcp://socket-proxy:2375 # Enable for Socket Proxy. Disable otherwise. 41 | - --providers.docker.exposedByDefault=false 42 | - --providers.docker.network=t2_proxy # Previously t2_proxy 43 | - --providers.docker.swarmMode=false 44 | - --entrypoints.https.http.tls=true 45 | - --entrypoints.https.http.tls.options=tls-opts@file 46 | # Add dns-cloudflare as default certresolver for all services. Also enables TLS and no need to specify on individual services 47 | - --entrypoints.https.http.tls.certresolver=dns-cloudflare 48 | - --entrypoints.https.http.tls.domains[0].main=$DOMAINNAME_DNS 49 | - --entrypoints.https.http.tls.domains[0].sans=*.$DOMAINNAME_DNS 50 | - --providers.file.directory=/rules # Load dynamic configuration from one or more .toml or .yml files in a directory 51 | - --providers.file.watch=true # Only works on top level files in the rules folder 52 | - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing 53 | - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json 54 | - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare 55 | - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53 56 | - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.delayBeforeCheck=90 # To delay DNS check and reduce LE hitrate 57 | # - --metrics.prometheus=true 58 | # - --metrics.prometheus.buckets=0.1,0.3,1.2,5.0 59 | #healthcheck: 60 | # test: ["CMD", "traefik", "healthcheck", "--ping"] 61 | # interval: 5s 62 | # retries: 3 63 | ports: 64 | - target: 80 65 | published: 80 66 | protocol: tcp 67 | mode: host 68 | - target: 443 69 | published: 443 70 | protocol: tcp 71 | mode: host 72 | # - target: 8080 # need to enable --api.insecure=true 73 | # published: 8080 74 | # protocol: tcp 75 | # mode: host 76 | volumes: 77 | - $DOCKERDIR/appdata/traefik2/rules/$HOSTNAME:/rules # Dynamic File Provider directory 78 | # - /var/run/docker.sock:/var/run/docker.sock:ro # Enable if not using Socket Proxy 79 | - $DOCKERDIR/appdata/traefik2/acme/acme.json:/acme.json # Certs File 80 | - $DOCKERDIR/logs/$HOSTNAME/traefik:/logs # Traefik logs 81 | environment: 82 | - TZ=$TZ 83 | - CF_DNS_API_TOKEN_FILE=/run/secrets/cf_dns_api_token 84 | - HTPASSWD_FILE=/run/secrets/basic_auth_credentials # HTTP Basic Auth Credentials 85 | - DOMAINNAME_DNS 86 | - DOMAINNAME_HS 87 | secrets: 88 | - cf_dns_api_token 89 | - basic_auth_credentials 90 | labels: 91 | #- "autoheal=true" 92 | - "traefik.enable=true" 93 | # HTTP Routers 94 | - "traefik.http.routers.traefik-rtr.entrypoints=https" 95 | - "traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAINNAME_DNS` )" 96 | # Services - API 97 | - "traefik.http.routers.traefik-rtr.service=api@internal" 98 | # Healthcheck/ping 99 | #- "traefik.http.routers.ping.rule=Host(`traefik.$DOMAINNAME_DNS`) && Path(`/ping`)" 100 | #- "traefik.http.routers.ping.tls=true" 101 | #- "traefik.http.routers.ping.service=ping@internal" 102 | # Middlewares 103 | - "traefik.http.routers.traefik-rtr.middlewares=chain-basic-auth@file" 104 | #- "traefik.http.routers.traefik-rtr.middlewares=chain-oauth@file" -------------------------------------------------------------------------------- /compose/unbound.yml: -------------------------------------------------------------------------------- 1 | services: 2 | unbound: 3 | container_name: unbound 4 | image: mvance/unbound-rpi:latest 5 | network_mode: host 6 | volumes: 7 | - $DOCKERDIR/appdata/unbound:/opt/unbound/etc/unbound 8 | healthcheck: 9 | disable: true 10 | restart: unless-stopped 11 | profiles: ["core", "all", "dns"] -------------------------------------------------------------------------------- /compose/uptime-kuma.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # Uptime Kuma - Status Page & Monitoring Server 3 | uptime-kuma: 4 | image: louislam/uptime-kuma 5 | container_name: uptime-kuma 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["core", "all"] 10 | networks: 11 | - t3_proxy 12 | - default 13 | volumes: 14 | - $DOCKERDIR/appdata/uptime-kuma:/app/data 15 | labels: 16 | - "traefik.enable=true" 17 | # HTTP Routers 18 | - "traefik.http.routers.uptime-kuma-rtr.entrypoints=websecure" 19 | - "traefik.http.routers.uptime-kuma-rtr.rule=Host(`kuma.$DOMAINNAME_HS`)" 20 | # Middlewares 21 | - "traefik.http.routers.uptime-kuma-rtr.middlewares=chain-oauth@file" 22 | # HTTP Services 23 | - "traefik.http.routers.uptime-kuma-rtr.service=uptime-kuma-svc" 24 | - "traefik.http.services.uptime-kuma-svc.loadbalancer.server.port=3001" -------------------------------------------------------------------------------- /compose/vscode.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # VSCode - VSCode Editing 3 | vscode: 4 | image: lscr.io/linuxserver/code-server:latest 5 | container_name: vscode 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["core", "all"] 10 | networks: 11 | - traefik_proxy 12 | ports: 13 | - "8443:8443" 14 | volumes: 15 | - $DOCKERDIR:/data/docker 16 | - $DOCKERDIR/appdata/vscode:/config 17 | - $DATADIR1:/data/data 18 | environment: 19 | TZ: $TZ 20 | PUID: $PUID 21 | PGID: $PGID 22 | # DOCKER_HOST: tcp://socket-proxy:2375 23 | # PASSWORD: $VSCODE_PASSWORD 24 | # HASHED_PASSWORD: #optional 25 | # SUDO_PASSWORD: password #optional 26 | # SUDO_PASSWORD_HASH: #optional 27 | # PROXY_DOMAIN: code-server.my.domain #optional 28 | # DEFAULT_WORKSPACE: /config/data/User/Workspaces/AZ.code-workspace #optional 29 | labels: 30 | - "traefik.enable=true" 31 | # HTTP Routers 32 | - "traefik.http.routers.vscode-rtr.entrypoints=https" 33 | - "traefik.http.routers.vscode-rtr.rule=Host(`code.$DOMAINNAME_DS918`)" 34 | # Middlewares 35 | - "traefik.http.routers.vscode-rtr.middlewares=chain-oauth@file" 36 | # HTTP Services 37 | - "traefik.http.routers.vscode-rtr.service=vscode-svc" 38 | - "traefik.http.services.vscode-svc.loadbalancer.server.port=8443" -------------------------------------------------------------------------------- /compose/wg-easy.yml: -------------------------------------------------------------------------------- 1 | # services: 2 | # # WG-EASY - WireGuard Easy 3 | # wg-easy: 4 | # image: weejewel/wg-easy 5 | # container_name: wg-easy 6 | # restart: unless-stopped 7 | # profiles: ["core", "all"] 8 | # network_mode: host 9 | # # networks: 10 | # # - rpi4b 11 | # cap_add: 12 | # - NET_ADMIN 13 | # - SYS_MODULE 14 | # # sysctls: 15 | # # - net.ipv4.ip_forward=1 16 | # # - net.ipv4.conf.all.src_valid_mark=1 17 | # # ports: 18 | # # - "51822:51822/udp" 19 | # # - "51821:51821/tcp" # WebUI 20 | # volumes: 21 | # - $DOCKERDIR/appdata/wireguard:/etc/wireguard 22 | # environment: 23 | # - WG_HOST=$DOMAINNAME_CLOUD_SERVER 24 | # - PASSWORD=$WGEASY_PASSWORD 25 | # # Optional: 26 | # # - WG_PORT=18205 # does not work in host mode 27 | # - WG_DEFAULT_ADDRESS=192.168.20.x 28 | # - WG_DEFAULT_DNS=192.168.1.101,192.168.1.102 29 | # # - WG_MTU=1420 30 | # - WG_ALLOWED_IPS=0.0.0.0/0, ::/0 31 | # # - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt 32 | # # - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt 33 | # # - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt 34 | # # - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt -------------------------------------------------------------------------------- /compose/whoami.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # WhoAmI - For Testing and Troubleshooting 3 | whoami: 4 | image: traefik/whoami 5 | container_name: whoami 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | profiles: ["apps", "all"] 10 | networks: 11 | - t3_proxy 12 | labels: 13 | - "traefik.enable=true" 14 | # HTTP Routers 15 | - "traefik.http.routers.whoami-rtr.entrypoints=websecure" 16 | - "traefik.http.routers.whoami-rtr.rule=Host(`whoami.$DOMAINNAME_HS`)" 17 | # Middlewares 18 | - "traefik.http.routers.whoami-rtr.middlewares=chain-oauth@file" 19 | # HTTP Services 20 | - "traefik.http.routers.whoami-rtr.service=whoami-svc" 21 | - "traefik.http.services.whoami-svc.loadbalancer.server.port=80" -------------------------------------------------------------------------------- /compose/zerotier.yml: -------------------------------------------------------------------------------- 1 | services: 2 | # ZeroTier-One - Private Network over Internet 3 | zerotier: 4 | image: zerotier/zerotier-synology:latest 5 | container_name: zerotier 6 | security_opt: 7 | - no-new-privileges:true 8 | restart: unless-stopped 9 | # profiles: ["core", "all"] 10 | network_mode: host 11 | cap_add: 12 | - NET_ADMIN 13 | - SYS_ADMIN 14 | devices: 15 | - /dev/net/tun 16 | volumes: 17 | - $DOCKERDIR/appdata/zerotier:/var/lib/zerotier-one -------------------------------------------------------------------------------- /configs/docker-gc/docker-gc-exclude: -------------------------------------------------------------------------------- 1 | # If there is a dependent image it seems that the docker-gc can only identify them 2 | # using the image id 3 | # If you pull them specifically it will use the tag otherwise it uses the imageid 4 | # 5 | # The file consists of the name of the image followed by the image id (can be either the short version or the long version) 6 | # 7 | #################################################################################################### 8 | 9 | clockworksoul/docker-gc-cron:20240219 10 | -------------------------------------------------------------------------------- /configs/homepage/docker-configs/bookmarks.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | -------------------------------------------------------------------------------- /configs/homepage/docker-configs/services.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # For configuration options and examples, please see: 3 | # https://gethomepage.dev/latest/configs/services 4 | # icons found here https://github.com/walkxcode/dashboard-icons 5 | 6 | - Hypervisor: 7 | - Proxmox: 8 | icon: proxmox.svg 9 | href: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 10 | description: pve1 11 | widget: 12 | type: proxmox 13 | url: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 14 | username: "{{HOMEPAGE_VAR_PROXMOX_USER}}" 15 | password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}" 16 | node: xing-01 17 | - Proxmox: 18 | icon: proxmox.svg 19 | href: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 20 | description: pve2 21 | widget: 22 | type: proxmox 23 | url: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 24 | username: "{{HOMEPAGE_VAR_PROXMOX_USER}}" 25 | password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}" 26 | node: xing-02 27 | - Proxmox: 28 | icon: proxmox.svg 29 | href: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 30 | description: pve2 31 | widget: 32 | type: proxmox 33 | url: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 34 | username: "{{HOMEPAGE_VAR_PROXMOX_USER}}" 35 | password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}" 36 | node: xing-03 37 | - Proxmox: 38 | icon: proxmox.svg 39 | href: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 40 | description: pve4 41 | widget: 42 | type: proxmox 43 | url: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 44 | username: "{{HOMEPAGE_VAR_PROXMOX_USER}}" 45 | password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}" 46 | node: storinator 47 | - Containers: 48 | - Rancher: 49 | icon: rancher.svg 50 | href: "{{HOMEPAGE_VAR_RACNHER_URL}}" 51 | description: k8s 52 | - Longhorn: 53 | icon: longhorn.svg 54 | href: "{{HOMEPAGE_VAR_LONGHORN_URL}}" 55 | description: k8s storage 56 | - Portainer: 57 | icon: portainer.svg 58 | href: "{{HOMEPAGE_VAR_PORTAINER_URL}}" 59 | description: docker 60 | widget: 61 | type: portainer 62 | url: "{{HOMEPAGE_VAR_PORTAINER_URL}}" 63 | env: 2 64 | key: "{{HOMEPAGE_VAR_PORTAINER_API_KEY}}" 65 | - Dozzle: 66 | icon: dozzle.svg 67 | href: "{{HOMEPAGE_VAR_DOZZLE_URL}}" 68 | description: container logs 69 | - Homepage: 70 | icon: homepage.svg 71 | href: "{{HOMEPAGE_VAR_HOMEPAGE_URL}}" 72 | description: dashboard 73 | - Socket-Proxy: 74 | icon: socket-proxy.svg 75 | href: "{{HOMEPAGE_VAR_SOCKET_PROXY_URL}}" 76 | description: proxy service 77 | - Docker-GC: 78 | icon: docker-gc.svg 79 | href: "{{HOMEPAGE_VAR_DOCKER_GC_URL}}" 80 | description: container garbage collection 81 | - DNS: 82 | - Pi-Hole1: 83 | icon: pi-hole.svg 84 | href: "{{HOMEPAGE_VAR_PIHOLE_URL_1}}" 85 | description: quasar 86 | widget: 87 | type: pihole 88 | url: "{{HOMEPAGE_VAR_PIHOLE_URL_1}}" 89 | key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_1}}" 90 | - Pi-Hole2: 91 | icon: pi-hole.svg 92 | href: "{{HOMEPAGE_VAR_PIHOLE_URL_2}}" 93 | description: blazar 94 | widget: 95 | type: pihole 96 | url: "{{HOMEPAGE_VAR_PIHOLE_URL_2}}" 97 | key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_2}}" 98 | - Pi-Hole3: 99 | icon: pi-hole.svg 100 | href: "{{HOMEPAGE_VAR_PIHOLE_URL_3}}" 101 | description: electron 102 | widget: 103 | type: pihole 104 | url: "{{HOMEPAGE_VAR_PIHOLE_URL_3}}" 105 | key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_3}}" 106 | - Network: 107 | - UniFi: 108 | icon: unifi.svg 109 | href: "{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}" 110 | description: network 111 | widget: 112 | type: unifi 113 | url: "{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}" 114 | username: "{{HOMEPAGE_VAR_UNIFI_NETWORK_USERNAME}}" 115 | password: "{{HOMEPAGE_VAR_UNIFI_NETWORK_PASSWORD}}" 116 | - Uptime Kuma: 117 | icon: uptime-kuma.svg 118 | href: "{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}" 119 | description: internal 120 | widget: 121 | type: uptimekuma 122 | url: "{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}" 123 | slug: home 124 | - Uptime Robot: 125 | icon: https://play-lh.googleusercontent.com/cUrv0t00FYQ1GKLuOTvv8qjo1lSDjqZC16IOp3Fb6ijew6Br5m4o16HhDp0GBu_Bw8Y=w240-h480-rw 126 | href: https://uptimerobot.com/dashboard 127 | description: external 128 | widget: 129 | type: uptimerobot 130 | url: https://api.uptimerobot.com 131 | key: "{{HOMEPAGE_VAR_UPTIME_ROBOT_API_KEY}}" 132 | - Storage: 133 | - TrueNAS: 134 | icon: truenas.svg 135 | href: "{{HOMEPAGE_VAR_TRUENAS_URL}}" 136 | description: scale 137 | widget: 138 | type: truenas 139 | url: "{{HOMEPAGE_VAR_TRUENAS_URL}}" 140 | key: "{{HOMEPAGE_VAR_TRUENAS_API_KEY}}" 141 | - MinIO: 142 | icon: minio.svg 143 | href: "{{HOMEPAGE_VAR_MINIO_URL}}" 144 | description: object storage 145 | - Media: 146 | - Plex: 147 | icon: plex.svg 148 | href: "{{HOMEPAGE_VAR_PLEX_URL}}" 149 | description: media server 150 | widget: 151 | type: plex 152 | url: "{{HOMEPAGE_VAR_PLEX_URL}}" 153 | key: "{{HOMEPAGE_VAR_PLEX_API_TOKEN}}" 154 | - Tautulli: 155 | icon: tautulli.svg 156 | href: "{{HOMEPAGE_VAR_TAUTULLI_URL}}" 157 | description: plex stats 158 | widget: 159 | type: tautulli 160 | url: "{{HOMEPAGE_VAR_TAUTULLI_URL}}" 161 | key: "{{HOMEPAGE_VAR_TAUTULLI_API_KEY}}" 162 | - HDHomerun: 163 | icon: hdhomerun.png 164 | href: "{{HOMEPAGE_VAR_HDHOMERUN_URL}}" 165 | description: flex 4k 166 | widget: 167 | type: hdhomerun 168 | url: "{{HOMEPAGE_VAR_HDHOMERUN_URL}}" 169 | - Jellyfin: 170 | icon: jellyfin.svg 171 | href: "{{HOMEPAGE_VAR_JELLYFIN_URL}}" 172 | description: media server 173 | - qBittorrent: 174 | icon: qbittorrent.svg 175 | href: "{{HOMEPAGE_VAR_QBITTORRENT_URL}}" 176 | description: torrent client 177 | - Sonarr: 178 | icon: sonarr.svg 179 | href: "{{HOMEPAGE_VAR_SONARR_URL}}" 180 | description: tv shows 181 | - Radarr: 182 | icon: radarr.svg 183 | href: "{{HOMEPAGE_VAR_RADARR_URL}}" 184 | description: movies 185 | - Prowlarr: 186 | icon: prowlarr.svg 187 | href: "{{HOMEPAGE_VAR_PROWLARR_URL}}" 188 | description: indexer manager 189 | - Bazarr: 190 | icon: bazarr.svg 191 | href: "{{HOMEPAGE_VAR_BAZARR_URL}}" 192 | description: subtitles 193 | - Remote Access: 194 | - PiKVM: 195 | icon: https://avatars.githubusercontent.com/u/41749659?s=200&v=4 196 | href: "{{HOMEPAGE_VAR_PIKVM_URL}}" 197 | description: remote kvm 198 | - IPMI: 199 | icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg 200 | href: "{{HOMEPAGE_VAR_IPMI_1_URL}}" 201 | description: storinator 202 | - IPMI: 203 | icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg 204 | href: "{{HOMEPAGE_VAR_IPMI_2_URL}}" 205 | description: hl15 206 | - Netboot: 207 | icon: https://netboot.xyz/img/nbxyz-laptop.gif 208 | href: "{{HOMEPAGE_VAR_NETBOOT_URL}}" 209 | description: network boot utility 210 | - Tripp Lite: 211 | icon: https://upload.wikimedia.org/wikipedia/commons/f/f9/Tripp_Lite_logo.svg 212 | href: "{{HOMEPAGE_VAR_UPS_1_URL}}" 213 | description: 1500 214 | - Eaton: 215 | icon: https://cdn11.bigcommerce.com/s-fg272t4iw0/images/stencil/1280x1280/products/2549/2802/C-12556__63907.1557814942.jpg?c=2 216 | href: "{{HOMEPAGE_VAR_UPS_2_URL}}" 217 | description: 5p 218 | - Home Automation: 219 | - Home Assistant: 220 | icon: home-assistant.svg 221 | href: "{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}" 222 | description: home 223 | widget: 224 | type: homeassistant 225 | url: "{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}" 226 | key: "{{HOMEPAGE_VAR_HOME_ASSISTANT_API_KEY}}" 227 | - UniFi: 228 | icon: https://play-lh.googleusercontent.com/DmgQvSdocOrGr0D0rxSBE9sqh23Fw3ck3BgKRN788cZnOKgcZlcEAFRYwmUbp6vMTVI 229 | href: "{{HOMEPAGE_VAR_UNIFI_PROTECT_URL}}" 230 | description: protect 231 | - Scryped: 232 | icon: https://www.scrypted.app/images/web_hi_res_512.png 233 | href: "{{HOMEPAGE_VAR_SCRYPTED_URL}}" 234 | description: mgmt console 235 | - Broadlink Control: 236 | icon: https://nwzimg.wezhan.net/contents/sitefiles3606/18030899/images/5430245.png 237 | href: "{{HOMEPAGE_VAR_BROADLINK_CONTROL_URL}}" 238 | description: light control 239 | - Other: 240 | - GitLab: 241 | icon: gitlab.svg 242 | href: https://gitlab.com 243 | description: source code 244 | - GitHub: 245 | icon: github.svg 246 | href: https://github.com/HASANALI117/home-server 247 | description: source code 248 | - Shlink: 249 | icon: https://shlink.io/images/shlink-logo-blue.svg 250 | href: "{{HOMEPAGE_VAR_SHLINK_URL}}" 251 | description: dashboard 252 | -------------------------------------------------------------------------------- /configs/homepage/docker-configs/settings.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # For configuration options and examples, please see: 3 | # https://gethomepage.dev/latest/configs/settings 4 | 5 | title: Techno Tim Homepage 6 | 7 | background: 8 | image: https://cdnb.artstation.com/p/assets/images/images/006/897/659/large/mikael-gustafsson-wallpaper-mikael-gustafsson.jpg 9 | blur: sm # sm, md, xl... see https://tailwindcss.com/docs/backdrop-blur 10 | saturate: 100 # 0, 50, 100... see https://tailwindcss.com/docs/backdrop-saturate 11 | brightness: 50 # 0, 50, 75... see https://tailwindcss.com/docs/backdrop-brightness 12 | opacity: 100 # 0-100 13 | 14 | theme: dark 15 | color: slate 16 | 17 | useEqualHeights: true 18 | 19 | layout: 20 | Hypervisor: 21 | header: true 22 | style: row 23 | columns: 4 24 | Containers: 25 | header: true 26 | style: row 27 | columns: 4 28 | DNS: 29 | header: true 30 | style: row 31 | columns: 4 32 | Network: 33 | header: true 34 | style: row 35 | columns: 4 36 | Remote Access: 37 | header: true 38 | style: row 39 | columns: 4 40 | Storage: 41 | header: true 42 | style: row 43 | columns: 4 44 | Media: 45 | header: true 46 | style: row 47 | columns: 4 48 | Home Automation: 49 | header: true 50 | style: row 51 | columns: 4 52 | Other: 53 | header: true 54 | style: row 55 | columns: 4 56 | -------------------------------------------------------------------------------- /configs/homepage/docker-configs/widgets.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # For configuration options and examples, please see: 3 | # https://gethomepage.dev/latest/configs/service-widgets 4 | 5 | - resources: 6 | cpu: true 7 | memory: true 8 | disk: / 9 | 10 | - datetime: 11 | text_size: xl 12 | format: 13 | timeStyle: short 14 | -------------------------------------------------------------------------------- /configs/homepage/kubernetes-configs/config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: homepage 5 | namespace: default 6 | labels: 7 | app: homepage 8 | data: 9 | kubernetes.yaml: | 10 | mode: cluster 11 | settings.yaml: | 12 | title: Techno Tim Homepage 13 | 14 | background: 15 | image: https://cdnb.artstation.com/p/assets/images/images/006/897/659/large/mikael-gustafsson-wallpaper-mikael-gustafsson.jpg 16 | blur: sm # sm, md, xl... see https://tailwindcss.com/docs/backdrop-blur 17 | saturate: 100 # 0, 50, 100... see https://tailwindcss.com/docs/backdrop-saturate 18 | brightness: 50 # 0, 50, 75... see https://tailwindcss.com/docs/backdrop-brightness 19 | opacity: 100 # 0-100 20 | 21 | theme: dark 22 | color: slate 23 | 24 | useEqualHeights: true 25 | 26 | layout: 27 | Hypervisor: 28 | header: true 29 | style: row 30 | columns: 4 31 | Containers: 32 | header: true 33 | style: row 34 | columns: 4 35 | DNS: 36 | header: true 37 | style: row 38 | columns: 4 39 | Network: 40 | header: true 41 | style: row 42 | columns: 4 43 | Remote Access: 44 | header: true 45 | style: row 46 | columns: 4 47 | Storage: 48 | header: true 49 | style: row 50 | columns: 4 51 | Media: 52 | header: true 53 | style: row 54 | columns: 4 55 | Home Automation: 56 | header: true 57 | style: row 58 | columns: 4 59 | Other: 60 | header: true 61 | style: row 62 | columns: 4 63 | custom.css: "" 64 | custom.js: "" 65 | bookmarks.yaml: "" 66 | services.yaml: | 67 | - Hypervisor: 68 | - Proxmox: 69 | icon: proxmox.svg 70 | href: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 71 | description: pve1 72 | widget: 73 | type: proxmox 74 | url: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 75 | username: "{{HOMEPAGE_VAR_PROXMOX_USER}}" 76 | password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}" 77 | node: xing-01 78 | - Proxmox: 79 | icon: proxmox.svg 80 | href: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 81 | description: pve2 82 | widget: 83 | type: proxmox 84 | url: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 85 | username: "{{HOMEPAGE_VAR_PROXMOX_USER}}" 86 | password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}" 87 | node: xing-02 88 | - Proxmox: 89 | icon: proxmox.svg 90 | href: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 91 | description: pve2 92 | widget: 93 | type: proxmox 94 | url: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 95 | username: "{{HOMEPAGE_VAR_PROXMOX_USER}}" 96 | password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}" 97 | node: xing-03 98 | - Proxmox: 99 | icon: proxmox.svg 100 | href: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 101 | description: pve4 102 | widget: 103 | type: proxmox 104 | url: "{{HOMEPAGE_VAR_PROXMOX_URL}}" 105 | username: "{{HOMEPAGE_VAR_PROXMOX_USER}}" 106 | password: "{{HOMEPAGE_VAR_PROXMOX_API_KEY}}" 107 | node: storinator 108 | - Containers: 109 | - Rancher: 110 | icon: rancher.svg 111 | href: "{{HOMEPAGE_VAR_RACNHER_URL}}" 112 | description: k8s 113 | - Longhorn: 114 | icon: longhorn.svg 115 | href: "{{HOMEPAGE_VAR_LONGHORN_URL}}" 116 | description: k8s storage 117 | - Portainer: 118 | icon: portainer.svg 119 | href: "{{HOMEPAGE_VAR_PORTAINER_URL}}" 120 | description: docker 121 | widget: 122 | type: portainer 123 | url: "{{HOMEPAGE_VAR_PORTAINER_URL}}" 124 | env: 2 125 | key: "{{HOMEPAGE_VAR_PORTAINER_API_KEY}}" 126 | - DNS: 127 | - Pi-Hole1: 128 | icon: pi-hole.svg 129 | href: "{{HOMEPAGE_VAR_PIHOLE_URL_1}}" 130 | description: quasar 131 | widget: 132 | type: pihole 133 | url: "{{HOMEPAGE_VAR_PIHOLE_URL_1}}" 134 | key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_1}}" 135 | - Pi-Hole2: 136 | icon: pi-hole.svg 137 | href: "{{HOMEPAGE_VAR_PIHOLE_URL_2}}" 138 | description: blazar 139 | widget: 140 | type: pihole 141 | url: "{{HOMEPAGE_VAR_PIHOLE_URL_2}}" 142 | key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_2}}" 143 | - Pi-Hole3: 144 | icon: pi-hole.svg 145 | href: "{{HOMEPAGE_VAR_PIHOLE_URL_3}}" 146 | description: electron 147 | widget: 148 | type: pihole 149 | url: "{{HOMEPAGE_VAR_PIHOLE_URL_3}}" 150 | key: "{{HOMEPAGE_VAR_PIHOLE_API_KEY_3}}" 151 | - Network: 152 | - UniFi: 153 | icon: unifi.svg 154 | href: "{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}" 155 | description: network 156 | widget: 157 | type: unifi 158 | url: "{{HOMEPAGE_VAR_UNIFI_NETWORK_URL}}" 159 | username: "{{HOMEPAGE_VAR_UNIFI_NETWORK_USERNAME}}" 160 | password: "{{HOMEPAGE_VAR_UNIFI_NETWORK_PASSWORD}}" 161 | - Uptime Kuma: 162 | icon: uptime-kuma.svg 163 | href: "{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}" 164 | description: internal 165 | widget: 166 | type: uptimekuma 167 | url: "{{HOMEPAGE_VAR_UPTIME_KUMA_URL}}" 168 | slug: home 169 | - Uptime Robot: 170 | icon: https://play-lh.googleusercontent.com/cUrv0t00FYQ1GKLuOTvv8qjo1lSDjqZC16IOp3Fb6ijew6Br5m4o16HhDp0GBu_Bw8Y=w240-h480-rw 171 | href: https://uptimerobot.com/dashboard 172 | description: external 173 | widget: 174 | type: uptimerobot 175 | url: https://api.uptimerobot.com 176 | key: "{{HOMEPAGE_VAR_UPTIME_ROBOT_API_KEY}}" 177 | - Storage: 178 | - TrueNAS: 179 | icon: truenas.svg 180 | href: "{{HOMEPAGE_VAR_TRUENAS_URL}}" 181 | description: scale 182 | widget: 183 | type: truenas 184 | url: "{{HOMEPAGE_VAR_TRUENAS_URL}}" 185 | key: "{{HOMEPAGE_VAR_TRUENAS_API_KEY}}" 186 | - MinIO: 187 | icon: minio.svg 188 | href: "{{HOMEPAGE_VAR_MINIO_URL}}" 189 | description: object storage 190 | - Media: 191 | - Plex: 192 | icon: plex.svg 193 | href: "{{HOMEPAGE_VAR_PLEX_URL}}" 194 | description: media server 195 | widget: 196 | type: plex 197 | url: "{{HOMEPAGE_VAR_PLEX_URL}}" 198 | key: "{{HOMEPAGE_VAR_PLEX_API_TOKEN}}" 199 | - Tautulla: 200 | icon: tautulli.svg 201 | href: "{{HOMEPAGE_VAR_TAUTULLI_URL}}" 202 | description: plex stats 203 | widget: 204 | type: tautulli 205 | url: "{{HOMEPAGE_VAR_TAUTULLI_URL}}" 206 | key: "{{HOMEPAGE_VAR_TAUTULLI_API_KEY}}" 207 | - HDHomerun: 208 | icon: hdhomerun.png 209 | href: "{{HOMEPAGE_VAR_HDHOMERUN_URL}}" 210 | description: flex 4k 211 | widget: 212 | type: hdhomerun 213 | url: "{{HOMEPAGE_VAR_HDHOMERUN_URL}}" 214 | - Remote Access: 215 | - PiKVM: 216 | icon: https://avatars.githubusercontent.com/u/41749659?s=200&v=4 217 | href: "{{HOMEPAGE_VAR_PIKVM_URL}}" 218 | description: remote kvm 219 | - IPMI: 220 | icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg 221 | href: "{{HOMEPAGE_VAR_IPMI_1_URL}}" 222 | description: storinator 223 | - IPMI: 224 | icon: https://upload.wikimedia.org/wikipedia/commons/1/1d/Super_Micro_Computer_Logo.svg 225 | href: "{{HOMEPAGE_VAR_IPMI_2_URL}}" 226 | description: hl15 227 | - Netboot: 228 | icon: https://netboot.xyz/img/nbxyz-laptop.gif 229 | href: "{{HOMEPAGE_VAR_NETBOOT_URL}}" 230 | description: network boot utility 231 | - Tripp Lite: 232 | icon: https://upload.wikimedia.org/wikipedia/commons/f/f9/Tripp_Lite_logo.svg 233 | href: "{{HOMEPAGE_VAR_UPS_1_URL}}" 234 | description: 1500 235 | - Eaton: 236 | icon: https://cdn11.bigcommerce.com/s-fg272t4iw0/images/stencil/1280x1280/products/2549/2802/C-12556__63907.1557814942.jpg?c=2 237 | href: "{{HOMEPAGE_VAR_UPS_2_URL}}" 238 | description: 5p 239 | - Home Automation: 240 | - Home Assistant: 241 | icon: home-assistant.svg 242 | href: "{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}" 243 | description: home 244 | widget: 245 | type: homeassistant 246 | url: "{{HOMEPAGE_VAR_HOME_ASSISTANT_URL}}" 247 | key: "{{HOMEPAGE_VAR_HOME_ASSISTANT_API_KEY}}" 248 | - UniFi: 249 | icon: https://play-lh.googleusercontent.com/DmgQvSdocOrGr0D0rxSBE9sqh23Fw3ck3BgKRN788cZnOKgcZlcEAFRYwmUbp6vMTVI 250 | href: "{{HOMEPAGE_VAR_UNIFI_PROTECT_URL}}" 251 | description: protect 252 | - Scryped: 253 | icon: https://www.scrypted.app/images/web_hi_res_512.png 254 | href: "{{HOMEPAGE_VAR_SCRYPTED_URL}}" 255 | description: mgmt console 256 | - Broadlink Control: 257 | icon: https://nwzimg.wezhan.net/contents/sitefiles3606/18030899/images/5430245.png 258 | href: "{{HOMEPAGE_VAR_BROADLINK_CONTROL_URL}}" 259 | description: light control 260 | - Other: 261 | - GitLab: 262 | icon: gitlab.svg 263 | href: https://gitlab.com 264 | description: source code 265 | - GitHub: 266 | icon: github.svg 267 | href: https://github.com 268 | description: source code 269 | - Shlink: 270 | icon: https://shlink.io/images/shlink-logo-blue.svg 271 | href: "{{HOMEPAGE_VAR_SHLINK_URL}}" 272 | description: dashboard 273 | widgets.yaml: | 274 | - resources: 275 | cpu: true 276 | memory: true 277 | disk: / 278 | 279 | - datetime: 280 | text_size: xl 281 | format: 282 | timeStyle: short 283 | docker.yaml: "" 284 | -------------------------------------------------------------------------------- /configs/homepage/kubernetes-configs/deployment.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: homepage 6 | namespace: default 7 | labels: 8 | app: homepage 9 | annotations: 10 | reloader.stakater.com/auto: "true" 11 | spec: 12 | selector: 13 | matchLabels: 14 | app: homepage 15 | replicas: 3 16 | progressDeadlineSeconds: 600 17 | revisionHistoryLimit: 1 18 | strategy: 19 | type: RollingUpdate 20 | rollingUpdate: 21 | maxUnavailable: 25% 22 | maxSurge: 1 23 | template: 24 | metadata: 25 | labels: 26 | app: homepage 27 | annotations: 28 | deploy-date: "deploy-date-value" 29 | spec: 30 | containers: 31 | - name: homepage 32 | image: ghcr.io/gethomepage/homepage:v0.8.4 33 | resources: 34 | requests: 35 | memory: 128Mi 36 | cpu: 200m 37 | envFrom: 38 | - secretRef: 39 | name: homepage-secret 40 | ports: 41 | - containerPort: 3000 42 | name: http 43 | readinessProbe: 44 | httpGet: 45 | path: / 46 | port: http 47 | initialDelaySeconds: 60 48 | periodSeconds: 10 49 | failureThreshold: 5 50 | timeoutSeconds: 5 51 | livenessProbe: 52 | httpGet: 53 | path: / 54 | port: http 55 | initialDelaySeconds: 10 56 | periodSeconds: 10 57 | timeoutSeconds: 5 58 | volumeMounts: 59 | - mountPath: /app/config/custom.js 60 | name: homepage-config 61 | subPath: custom.js 62 | - mountPath: /app/config/custom.css 63 | name: homepage-config 64 | subPath: custom.css 65 | - mountPath: /app/config/bookmarks.yaml 66 | name: homepage-config 67 | subPath: bookmarks.yaml 68 | - mountPath: /app/config/docker.yaml 69 | name: homepage-config 70 | subPath: docker.yaml 71 | - mountPath: /app/config/kubernetes.yaml 72 | name: homepage-config 73 | subPath: kubernetes.yaml 74 | - mountPath: /app/config/services.yaml 75 | name: homepage-config 76 | subPath: services.yaml 77 | - mountPath: /app/config/settings.yaml 78 | name: homepage-config 79 | subPath: settings.yaml 80 | - mountPath: /app/config/widgets.yaml 81 | name: homepage-config 82 | subPath: widgets.yaml 83 | - mountPath: /app/config/logs 84 | name: logs 85 | volumes: 86 | - name: homepage-config 87 | configMap: 88 | name: homepage 89 | - name: logs 90 | emptyDir: {} 91 | topologySpreadConstraints: 92 | - maxSkew: 1 93 | topologyKey: topology.kubernetes.io/zone 94 | whenUnsatisfiable: DoNotSchedule 95 | labelSelector: 96 | matchLabels: 97 | app: homepage 98 | -------------------------------------------------------------------------------- /configs/homepage/kubernetes-configs/secret.yaml: -------------------------------------------------------------------------------- 1 | kind: Secret 2 | apiVersion: v1 3 | type: Opaque 4 | metadata: 5 | name: homepage-secret 6 | namespace: default 7 | stringData: 8 | HOMEPAGE_VAR_PIHOLE_API_KEY_1: "" 9 | HOMEPAGE_VAR_PIHOLE_API_KEY_2: "" 10 | HOMEPAGE_VAR_PIHOLE_API_KEY_3: "" 11 | HOMEPAGE_VAR_PIHOLE_URL_1: "" 12 | HOMEPAGE_VAR_PIHOLE_URL_2: "" 13 | HOMEPAGE_VAR_PIHOLE_URL_3: "" 14 | HOMEPAGE_VAR_PLEX_url: "" 15 | HOMEPAGE_VAR_PLEX_API_TOKEN: "" 16 | HOMEPAGE_VAR_TAUTULLI_url: "" 17 | HOMEPAGE_VAR_TAUTULLI_API_key: "" 18 | HOMEPAGE_VAR_HDHOMERUN_url: "" 19 | HOMEPAGE_VAR_HOME_ASSISTANT_url: "" 20 | HOMEPAGE_VAR_HOME_ASSISTANT_API_key: "" 21 | HOMEPAGE_VAR_TRUENAS_url: "" 22 | HOMEPAGE_VAR_TRUENAS_API_key: "" 23 | HOMEPAGE_VAR_UNIFI_NETWORK_url: "" 24 | HOMEPAGE_VAR_UNIFI_NETWORK_username: "" 25 | HOMEPAGE_VAR_UNIFI_NETWORK_password: "" 26 | HOMEPAGE_VAR_UNIFI_PROTECT_url: "" 27 | HOMEPAGE_VAR_UPTIME_KUMA_url: "" 28 | HOMEPAGE_VAR_MINIO_url: "" 29 | HOMEPAGE_VAR_RACNHER_url: "" 30 | HOMEPAGE_VAR_LONGHORN_url: "" 31 | HOMEPAGE_VAR_PORTAINER_url: "" 32 | HOMEPAGE_VAR_PORTAINER_API_key: "" 33 | HOMEPAGE_VAR_PROXMOX_url: "" 34 | HOMEPAGE_VAR_PROXMOX_USER: "" 35 | HOMEPAGE_VAR_PROXMOX_API_key: "" 36 | HOMEPAGE_VAR_UPTIME_ROBOT_API_key: "" 37 | HOMEPAGE_VAR_SCRYPTED_url: "" 38 | HOMEPAGE_VAR_PIKVM_url: "" 39 | HOMEPAGE_VAR_NETBOOT_url: "" 40 | HOMEPAGE_VAR_BROADLINK_CONTROL_url: "" 41 | HOMEPAGE_VAR_IPMI_1_url: "" 42 | HOMEPAGE_VAR_IPMI_2_url: "" 43 | HOMEPAGE_VAR_UPS_1_url: "" 44 | HOMEPAGE_VAR_UPS_2_url: "" 45 | HOMEPAGE_VAR_SHLINK_url: "" 46 | -------------------------------------------------------------------------------- /configs/qbittorrent/qbittorrent.conf: -------------------------------------------------------------------------------- 1 | [Preferences] 2 | Connection\PortRangeMin=6881 3 | Connection\UPnP=false 4 | Downloads\SavePath=/downloads/ 5 | Downloads\TempPath=/downloads/incomplete/ 6 | General\Locale=en 7 | MailNotification\req_auth=true 8 | WebUI\Address=* 9 | WebUI\Enabled=true 10 | WebUI\HostHeaderValidation=false 11 | WebUI\LocalHostAuth=false 12 | WebUI\Password_PBKDF2="@ByteArray(ARQ77eY1NUZaQsuDHbIMCA==:0WMRkYTUWVT9wVvdDtHAjU9b3b7uB8NR1Gur2hmQCvCDpm39Q+PsJRJPaCU51dEiz+dTzh8qbPsL8WkFljQYFQ==)" 13 | WebUI\Port=8080 14 | WebUI\ServerDomains=* 15 | WebUI\Username=admin 16 | -------------------------------------------------------------------------------- /master-compose.yml: -------------------------------------------------------------------------------- 1 | ########################### NETWORKS 2 | networks: 3 | default: 4 | driver: bridge 5 | socket_proxy: 6 | name: socket_proxy 7 | driver: bridge 8 | ipam: 9 | config: 10 | - subnet: 192.168.91.0/24 11 | 12 | ########################### SECRETS 13 | secrets: 14 | plex_claim: 15 | file: $DOCKERDIR/secrets/plex_claim 16 | # mysql_root_password: 17 | # file: $DOCKERDIR/secrets/mysql_root_password 18 | 19 | include: 20 | ########################### SERVICES 21 | # PREFIX udms = Ultimate Docker Media Server 22 | # HOSTNAME=udms - defined in .env 23 | 24 | # CORE 25 | - compose/socket-proxy.yml 26 | - compose/portainer.yml 27 | - compose/dozzle.yml 28 | - compose/homepage.yml 29 | # MEDIA 30 | - compose/plex.yml 31 | - compose/jellyfin.yml 32 | # DOWNLOADERS 33 | # - compose/sabnzbd.yml 34 | - compose/qbittorrent.yml 35 | # PVRS 36 | - compose/radarr.yml 37 | - compose/sonarr.yml 38 | - compose/prowlarr.yml 39 | # COMPLEMENTARY APPS 40 | - compose/bazarr.yml 41 | # - compose/tautulli.yml 42 | # MONITORING 43 | # - compose/uptime-kuma.yml 44 | # DATABASES 45 | # - compose/mariadb.yml 46 | # UTILITIES 47 | # - compose/filebrowser.yml 48 | # MAINTENANCE 49 | - compose/docker-gc.yml 50 | -------------------------------------------------------------------------------- /scripts/bash_aliases: -------------------------------------------------------------------------------- 1 | # Rename shared/config/bash_aliases.env.example and use it as a starter 2 | 3 | # SOURCE ENVIRONMENTAL VARIABLES FOR BASH_ALIASES 4 | if [[ -f "./bash_aliases.env" ]]; then 5 | source ./bash_aliases.env 6 | fi 7 | 8 | # CHANGE TO CUSTOM BASH PROMPT 9 | username="$USER" # or use $USER 10 | export PS1='[\e[0;32m\u\e[0m@\e[0;33m\H\e[0m: \e[0;36m\w\e[0m]\$ ' 11 | 12 | # DOCKER - All Docker commands start with "d" AND Docker Compose commands start with "dc" 13 | alias dstop='sudo docker stop $(sudo docker ps -a -q)' # usage: dstop container_name 14 | alias dstopall='sudo docker stop $(sudo docker ps -aq)' # stop all containers 15 | alias drm='sudo docker rm $(sudo docker ps -a -q)' # usage: drm container_name 16 | alias dprunevol='sudo docker volume prune' # remove unused volumes 17 | alias dprunesys='sudo docker system prune -a' # remove unsed docker data 18 | alias ddelimages='sudo docker rmi $(sudo docker images -q)' # remove unused docker images 19 | alias derase='dstopcont ; drmcont ; ddelimages ; dvolprune ; dsysprune' # WARNING: removes everything! 20 | alias dprune='ddelimages ; dprunevol ; dprunesys' # remove unused data, volumes, and images (perfect for safe clean up) 21 | alias dexec='sudo docker exec -ti' # usage: dexec container_name (to access container terminal) 22 | alias dps='sudo docker ps -a' # running docker processes 23 | alias dpss='sudo docker ps -a --format "table {{.Names}}\t{{.State}}\t{{.Status}}\t{{.Image}}" | (sed -u 1q; sort)' # running docker processes as nicer table 24 | alias ddf='sudo docker system df' # docker data usage (/var/lib/docker) 25 | alias dlogs='sudo docker logs -tf --tail="50" ' # usage: dlogs container_name 26 | alias dlogsize='sudo du -ch $(sudo docker inspect --format='{{.LogPath}}' $(sudo docker ps -qa)) | sort -h' # see the size of docker containers 27 | alias dips="sudo docker ps -q | xargs -n 1 sudo docker inspect -f '{{.Name}}%tab%{{range .NetworkSettings.Networks}}{{.IPAddress}}%tab%{{end}}' | sed 's#%tab%#\t#g' | sed 's#/##g' | sort | column -t -N NAME,IP\(s\) -o $'\t'" 28 | 29 | alias dp600="sudo chown -R root:root $SECRETS ; sudo chmod -R 600 $SECRETS ; sudo chown -R root:root $ENV_FILE ; sudo chmod -R 600 $ENV_FILE" # re-lock permissions 30 | alias dp777="sudo chown -R $USER:$USER $SECRETS ; sudo chmod -R 777 $SECRETS ; sudo chown -R $USER:$USER $ENV_FILE ; sudo chmod -R 777 $ENV_FILE" # open permissions for editing 31 | 32 | # DOCKER COMPOSE TRAEFIK 2 - All docker-compose commands start with "dc" 33 | case $HOSTNAME in 34 | ds918) # synology at this point uses an old version of docker. Therefore, 'docker-compose' instead of 'docker compose' 35 | alias dcrun="sudo docker-compose -f $MASTER_COMPOSE" # /volume1/docker symlinked to /var/services/homes/user/docker 36 | ;; 37 | *) 38 | alias dcrun="sudo docker compose --profile all -f $MASTER_COMPOSE" 39 | ;; 40 | esac 41 | 42 | alias dclogs="dcrun logs -tf --tail='50'" # usage: dclogs container_name 43 | alias dcup="dcrun up -d --build --remove-orphans" # up the stack 44 | alias dcdown="dcrun down --remove-orphans" # down the stack 45 | alias dcrec="dcrun up -d --force-recreate --remove-orphans" # usage: dcrec container_name 46 | alias dcstop="dcrun stop" # usage: dcstop container_name 47 | alias dcrestart="dcrun restart" # usage: dcrestart container_name 48 | alias dcstart="dcrun start" # usage: dcstart container_name 49 | alias dcpull="dcrun pull" # usage: dcpull to pull all new images or dcpull container_name 50 | alias traefiklogs="tail -f $LOGS/$HOSTNAME/traefik/traefik.log" # tail traefik logs 51 | 52 | # Manage "core" services as defined by profiles in docker compose 53 | alias startcore="sudo docker compose --profile core -f $MASTER_COMPOSE start" 54 | alias createcore="sudo docker compose --profile core -f $MASTER_COMPOSE up -d --build --remove-orphans" 55 | alias stopcore="sudo docker compose --profile core -f $MASTER_COMPOSE stop" 56 | # Manage "media" services as defined by profiles in docker compose 57 | alias stopmedia="sudo docker compose --profile media -f $MASTER_COMPOSE stop" 58 | alias createmedia="sudo docker compose --profile media -f $MASTER_COMPOSE up -d --build --remove-orphans" 59 | alias startmedia="sudo docker compose --profile media -f $MASTER_COMPOSE start" 60 | # Manage "diwkiads" services as defined by profiles in docker compose 61 | alias stopdownloads="sudo docker compose --profile downloads -f $MASTER_COMPOSE stop" 62 | alias createdownloads="sudo docker compose --profile downloads -f $MASTER_COMPOSE up -d --build --remove-orphans" 63 | alias startdownloads="sudo docker compose --profile downloads -f $MASTER_COMPOSE start" 64 | # Manage Starr apps as defined by profiles in docker compose 65 | alias stoparrs="sudo docker compose --profile arrs -f $MASTER_COMPOSE stop" 66 | alias startarrs="sudo docker compose --profile arrs -f $MASTER_COMPOSE start" 67 | alias createarrs="sudo docker compose --profile arrs -f $MASTER_COMPOSE up -d --build --remove-orphans" 68 | # Manage "dbs" (database) services as defined by profiles in docker compose 69 | alias stopdbs="sudo docker compose --profile dbs -f $MASTER_COMPOSE stop" 70 | alias createdbs="sudo docker compose --profile dbs -f $MASTER_COMPOSE up -d --build --remove-orphans" 71 | alias startdbs="sudo docker compose --profile dbs -f $MASTER_COMPOSE start" 72 | 73 | # CROWDSEC 74 | alias cscli='dcrun exec -t crowdsec cscli' 75 | alias csdecisions='cscli decisions list' 76 | alias csalerts='cscli alerts list' 77 | alias csinspect='cscli alerts inspect -d' 78 | alias cshubs='cscli hub list' 79 | alias csparsers='cscli parsers list' 80 | alias cscollections='cscli collections list' 81 | alias cshubupdate='cscli hub update' 82 | alias cshubupgrade='cscli hub update' 83 | alias csmetrics='cscli metrics' 84 | alias csmachines='cscli machines list' 85 | alias csbouncers='cscli bouncers list' 86 | alias csfbstatus='sudo systemctl status crowdsec-firewall-bouncer.service' 87 | alias csfbstart='sudo systemctl start crowdsec-firewall-bouncer.service' 88 | alias csfbstop='sudo systemctl stop crowdsec-firewall-bouncer.service' 89 | alias csfbrestart='sudo systemctl restart crowdsec-firewall-bouncer.service' 90 | alias tailkern='sudo tail -f /var/log/kern.log' 91 | alias tailauth='sudo tail -f /var/log/auth.log' 92 | alias tailcsfb='sudo tail -f /var/log/crowdsec-firewall-bouncer.log' 93 | alias csbrestart='dcrec2 traefik-bouncer ; csfbrestart' 94 | 95 | # WEB STACK 96 | alias webrs='dcrec php7 redis nginx' 97 | 98 | # DOCKER TRAEFIK 1 SWARM 99 | alias dslogs="sudo docker service logs -tf --tail='50'" 100 | alias dsps="sudo docker stack ps zstack" 101 | alias dsse="sudo docker stack services zstack" 102 | alias dsls="sudo docker stack ls" 103 | alias dsrm="sudo docker stack rm" 104 | alias dsup="sudo docker stack deploy --compose-file $DOCKER_ROOT/docker-compose-swarm.yml zstack" 105 | alias dshelp="echo 'dslogs dsps dsse dsls dsrm dsup'" 106 | 107 | # COMPRESSION 108 | alias untargz='tar --same-owner -zxvf' 109 | alias untarbz='tar --same-owner -xjvf' 110 | alias lstargz='tar -ztvf' 111 | alias lstarbz='tar -jtvf' 112 | alias targz='tar -zcvf' 113 | alias tarbz='tar -cjvf' 114 | 115 | # NAVIGATION 116 | alias cd..='cd ..' 117 | alias ..='cd ..' 118 | alias ...='cd ../..' 119 | alias .3='cd ../../..' 120 | alias .4='cd ../../../..' 121 | alias .5='cd ../../../../..' 122 | 123 | # SYNC AND COPY 124 | alias scp="scp -r" 125 | alias rsynce="sudo rsync -avzh --progress --force --delete --exclude-from $SHARED/config/rsync-exclude" 126 | alias rsyncne="sudo rsync -avzh --progress --force --delete" 127 | alias cpn="cp --verbose" # native copy 128 | alias cp="sudo rsync -avzh --info=progress2" # copy files with rsync 129 | alias mv="sudo rsync -avzh --info=progress2 --remove-source-files" # move files with rsync 130 | alias mvn="mv --verbose" # native move 131 | 132 | # SEARCH AND FIND 133 | alias gh='history|grep' # search bash history 134 | alias findr='sudo find / -name' 135 | alias grep='grep --color=auto' 136 | alias egrep='egrep --color=auto' 137 | alias fgrep='fgrep --color=auto' 138 | 139 | # TRASH - trash-cli 140 | alias rm='trash-put' 141 | alias rmv='rm -rv' 142 | alias tempty='trash-empty ; sudo trash-empty ; sudo -H trash-empty' 143 | alias tlist='trash-list' 144 | alias srmt='sudo trash-put' 145 | 146 | # FILE SIZE AND STORAGE 147 | alias fdisk='sudo fdisk -l' 148 | alias uuid='sudo vol_id -u' 149 | alias ls='ls -F --color=auto --group-directories-first' 150 | alias ll='ls -alh --color=auto --group-directories-first' 151 | alias lt='ls --human-readable --color=auto --size -1 -S --classify' # file size sorted 152 | alias lsr='ls --color=auto -t -1' # recently modified 153 | alias mnt='mount | grep -E ^/dev | column -t' # show mounted drives 154 | alias dirsize='sudo du -hx --max-depth=1' 155 | alias dirusage='du -ch | grep total' # Grabs the disk usage in the current directory 156 | alias diskusage='df -hl --total | grep total' # Gets the total disk usage on your machine 157 | alias partusage='df -hlT --exclude-type=tmpfs --exclude-type=devtmpfs' # Shows the individual partition usages without the temporary memory values 158 | alias usage10='du -hsx * | sort -rh | head -10' # Gives you what is using the most space. Both directories and files. Varies on current directory 159 | 160 | # BASH ALIASES 161 | alias baupdate=". ~/.bashrc" 162 | alias baedit="nano $HOME/.bash_aliases" 163 | alias bacopy="sudo cp $HOME/.bash_aliases* /root/" 164 | alias baget="curl -s https://raw.githubusercontent.com/htpcBeginner/docker-traefik/master/shared/config/bash_aliases -o /$HOME/.bash_aliases >/dev/null 2>&1" 165 | 166 | # GIT AND SITE MANAGEMENT 167 | alias gcpush="echo 'Usage: gcpush ../commits/date.txt' ; cd $DOCKER_ROOT ; bash scripts/github/doccheck.sh" # To push my files to docker-traefik repo 168 | alias gpush="cd $DOCKER_ROOT ; git push" 169 | alias ggraph="git log --all --decorate --oneline --graph" 170 | 171 | # MAIL SERVER TESTING 172 | alias nullsend='sudo echo 1 > /var/spool/nullmailer/trigger' 173 | alias tmail1='echo -e "### `date +'\''%Y-%m-%d %H:%M'\''` ### \n\n This is a mail server test using tmail1 alias." | mail -s "tmail1 from $HOSTNAME" info@$PRIMARY_DOMAIN -aFrom:$HOSTNAME@$PRIMARY_DOMAIN' 174 | alias tmail2='echo -e "### `date +'\''%Y-%m-%d %H:%M'\''` ### \n\n This is a mail server test using tmail2 alias. It needs and email id after the tmail2 command." | mail -s "tmail2 from $HOSTNAME"' 175 | 176 | # UFW FIREWALL 177 | alias ufwenable='sudo ufw enable' 178 | alias ufwdisable='sudo ufw disable' 179 | alias ufwallow='sudo ufw allow' 180 | alias ufwlimit='sudo ufw limit' 181 | alias ufwlist='sudo ufw status numbered' 182 | alias ufwdelete='sudo ufw delete' 183 | alias ufwreload='sudo ufw reload' 184 | 185 | # SYSTEMD START, STOP AND RESTART 186 | alias ctlreload='sudo systemctl daemon-reload' 187 | alias ctlstart='sudo systemctl start' 188 | alias ctlstop='sudo systemctl stop' 189 | alias ctlrestart='sudo systemctl restart' 190 | alias ctlstatus='sudo systemctl status' 191 | alias ctlenable='sudo systemctl enable' 192 | alias ctldisable='sudo systemctl disable' 193 | alias ctlactive='sudo systemctl is-active' 194 | 195 | alias shellstart='ctlstart shellinabox' 196 | alias shellstop='ctlstop shellinabox' 197 | alias shellrestart='ctlrestart shellinabox' 198 | alias shellstatus='ctlstatus shellinabox' 199 | 200 | alias sshstart='ctlstart ssh' 201 | alias sshstop='ctlstop ssh' 202 | alias sshrestart='ctlrestart ssh' 203 | alias sshstatus='ctlstatus ssh' 204 | 205 | alias ufwstart='ctlstart ufw' 206 | alias ufwstop='ctlstop ufw' 207 | alias ufwrestart='ctlrestart ufw' 208 | alias ufwstatus='ctlstatus ufw' 209 | 210 | alias webminstart='ctlstart webmin' 211 | alias webminstop='ctlstop webmin' 212 | alias webminrestart='ctlrestart webmin' 213 | alias webminstatus='ctlstatus webmin' 214 | 215 | alias sambastart='ctlstart smbd' 216 | alias sambastop='ctlstop smbd' 217 | alias sambarestart='ctlrestart smbd' 218 | alias sambastatus='ctlstatus smbd' 219 | 220 | alias nfsstart='ctlstart nfs-kernel-server' 221 | alias nfsstop='ctlstop nfs-kernel-server' 222 | alias nfsrestart='ctlrestart nfs-kernel-server' 223 | alias nfsstatus='ctlstatus nfs-kernel-server' 224 | alias nfsreload='sudo exportfs -a' 225 | 226 | # INSTALLATION AND UPGRADE 227 | alias update='sudo apt-get update' 228 | alias upgrade='sudo apt-get update && sudo apt-get upgrade' 229 | alias install='sudo apt-get install' 230 | alias finstall='sudo apt-get -f install' 231 | alias rinstall='sudo apt-get -f install --reinstall' 232 | alias uninstall='sudo apt-get remove' 233 | alias search='sudo apt-cache search' 234 | alias addkey='sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com' 235 | 236 | # CLEANING 237 | alias clean='sudo apt-get clean && sudo apt-get autoclean' 238 | alias remove='sudo apt-get remove && sudo apt-get autoremove' 239 | alias purge='sudo apt-get purge' 240 | alias deborphan='sudo deborphan | xargs sudo apt-get -y remove --purge' 241 | alias cleanall='clean && remove && deborphan && purge' 242 | 243 | # SHUTDOWN AND RESTART 244 | alias shutdown='sudo shutdown -h now' 245 | alias reboot='sudo reboot' 246 | 247 | # NETWORKING 248 | alias portsused='sudo netstat -tulpn | grep LISTEN' 249 | alias showports='netstat -lnptu' 250 | alias showlistening='lsof -i -n | egrep "COMMAND|LISTEN"' 251 | alias ping='ping -c 5' 252 | alias ipe='curl ipinfo.io/ip' # external ip 253 | alias ipi='ipconfig getifaddr en0' # internal ip 254 | alias header='curl -I' # get web server headers 255 | 256 | # SYNOLOGY DSM COMMANDS 257 | alias servicelist='sudo synoservicecfg --list' # does not work in DSM 7 258 | alias servicestatus='sudo synosystemctl status' 259 | alias servicestop='sudo synosystemctl stop' 260 | alias servicehstop='sudo synoservicecfg --hard-stop' # does not work in DSM 7 261 | alias servicestart='sudo synosystemctl start' 262 | alias servicehstart='sudo synoservicecfg --hard-start' # does not work in DSM 7 263 | alias servicerestart='sudo synosystemctl restart' 264 | alias restartdocker='sudo synosystemctl restart pkgctl-Docker' 265 | 266 | # MISCELLANEOUS 267 | alias wget="wget -c" 268 | alias nano="sudo nano -iSw$" 269 | alias scxterm="bash $SCRIPTS/xterm.sh" 270 | 271 | # SYSTEM MONITORING 272 | alias meminfo='free -m -l -t' # memory usage 273 | alias psmem='ps auxf | sort -nr -k 4' # get top process eating memory 274 | alias psmem10='ps auxf | sort -nr -k 4 | head -10' # get top process eating memory 275 | alias pscpu='ps auxf | sort -nr -k 3' # get top process eating cpu 276 | alias pscpu10='ps auxf | sort -nr -k 3 | head -10' # get top process eating cpu 277 | alias cpuinfo='lscpu' # Get server cpu info 278 | alias gpumeminfo='grep -i --color memory /var/log/Xorg.0.log' # get GPU ram on desktop / laptop 279 | alias free='free -h' 280 | 281 | # RCLONE 282 | alias rcdlogs="tail -f $LOGS/cloudserver/rclone-drive.log" 283 | alias rcclogs="tail -f $LOGS/cloudserver/rclone-crypt.log" 284 | alias rcupmedia="bash $SCRIPTS/cloudserver/upload-media-now.sh" 285 | alias rcupmedialogs="tail -f $LOGS/cloudserver/upload-media-now.log" 286 | alias rcupdump="bash $SCRIPTS/cloudserver/upload-dump.sh" 287 | alias rcupdumplogs="tail -f $LOGS/cloudserver/upload-dump.log" 288 | alias rcrestart="sudo bash $SCRIPTS/rclone-restart.sh" 289 | alias rcstop="sudo bash $SCRIPTS/rclone-stop.sh" 290 | alias rcstart="sudo bash $SCRIPTS/rclone-start.sh" 291 | alias rcstatus="sudo bash $SCRIPTS/rclone-status.sh" 292 | alias rcps="ps -ef | grep '/usr/bin/rclone sync\|/usr/bin/rclone copy\|/usr/bin/rclone move'" # see running rclone copy sync or move 293 | alias rcupdate="sudo -v ; curl https://rclone.org/install.sh | sudo bash" # update rclone 294 | alias rcpurge="kill -SIGHUP $(pidof rclone)" # purge rclone cache 295 | alias rcforget="rclone rc vfs/forget" # rclone forget via remote control 296 | 297 | # YT-DLP 298 | alias ytupdate="yt-dlp -U" 299 | alias ytlist="yt-dlp --list-formats" 300 | alias ytdump="yt-dlp --dump-json" 301 | alias ytdv="yt-dlp --config-location $APPDATA/yt-dlp/yt-dlp-video.conf" 302 | alias ytdvc="yt-dlp --cookies '$APPDATA/yt-dlp/cookies.txt' --config-location $APPDATA/yt-dlp/yt-dlp-video.conf" 303 | alias ytda="yt-dlp --config-location $APPDATA/yt-dlp/yt-dlp-audio.conf" 304 | alias ytdac="yt-dlp --cookies '$APPDATA/yt-dlp/cookies.txt' --config-location $APPDATA/yt-dlp/yt-dlp-audio.conf" 305 | 306 | # Auto-Traefik 307 | alias sshagent="eval '$(ssh-agent -s)' ; ssh-add $HOME/auto-traefik/.git/auto_traefik_github" 308 | alias atpush="sshagent ; git add -A ; git commit -m "updates" ; git push" 309 | 310 | # PiHole 311 | alias pidis="bash $HOME/server/scripts/pihole-disable.sh" 312 | alias pien="bash $HOME/server/scripts/pihole-enable.sh" 313 | alias pi10="bash $HOME/server/scripts/pihole-10.sh" 314 | alias piup="bash $HOME/server/scripts/pihole-update.sh" 315 | alias rpi3up="bash $HOME/server/scripts/rpi3-update.sh" 316 | alias rpi0up="bash $HOME/server/scripts/rpi0-update.sh" 317 | 318 | # VNC 319 | alias vnc1='vncserver -geometry 1270x720 -depth 24' 320 | alias vnckill1='vncserver -kill :1' 321 | -------------------------------------------------------------------------------- /scripts/bash_aliases.env.example: -------------------------------------------------------------------------------- 1 | BA_USERNAME=your_username 2 | BA_MYEMAIL1=your_email 3 | BA_MOSQUITTO_HOST=example_mosquitto_host_ip 4 | BA_MOSQUITTO_USERNAME=example_mosquitto_username 5 | BA_MOSQUITTO_PASSWORD=example_mosquitto_password 6 | 7 | # DOMAIN 8 | # I am sure there is a better way than using $HOSTNAME - if you do, feel free to share/contribute 9 | case $HOSTNAME in 10 | cDoc|zDoc|zSyn) 11 | BA_DOMAINNAME='example1.com' 12 | ;; 13 | cSHB|zSHB) 14 | BA_DOMAINNAME='example2.com' 15 | ;; 16 | *) 17 | esac -------------------------------------------------------------------------------- /scripts/config.env: -------------------------------------------------------------------------------- 1 | # Configuration variables 2 | 3 | # Directories 4 | DATADIR="/media/storage" 5 | DOCKER_ROOT="$HOME/docker" 6 | APPDATA="$DOCKER_ROOT/appdata" 7 | COMPOSE="$DOCKER_ROOT/compose" 8 | LOGS="$DOCKER_ROOT/logs" 9 | SCRIPTS="$DOCKER_ROOT/scripts" 10 | SECRETS="$DOCKER_ROOT/secrets" 11 | SHARED="$DOCKER_ROOT/shared" 12 | 13 | # Environment and Compose files 14 | ENV_FILE="$DOCKER_ROOT/.env" 15 | MASTER_COMPOSE="$DOCKER_ROOT/master-compose.yml" 16 | ENV_EXAMPLE="../.env.example" 17 | DOCKER_COMPOSE="../master-compose.yml" 18 | 19 | # Configuration files 20 | HOMEPAGE_CONFIG="../configs/homepage/docker-configs" 21 | QBITTORRENT_CONFIG="../configs/qbittorrent/qbittorrent.conf" 22 | QBITTORRENT_CONF="$APPDATA/qbittorrent/qBittorrent/qBittorrent.conf" 23 | DOCKERGC_EXCLUDE="../configs/docker-gc/docker-gc-exclude" 24 | COMPOSE_FILES="../compose" 25 | 26 | # Bash configuration 27 | BASH_CONFIG="$SHARED/config/.bash_aliases" 28 | BASHRC="$HOME/.bashrc" 29 | BASH_ENV="$SHARED/config/bash_aliases.env" 30 | -------------------------------------------------------------------------------- /scripts/functions.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Source configuration file 4 | source ./config.env 5 | 6 | # Function to create typing effect 7 | typing_print() { 8 | local text="$1" 9 | local delay=0.0001 10 | 11 | # Print each character with delay 12 | for ((i=0; i<${#text}; i++)); do 13 | echo -n "${text:$i:1}" 14 | sleep "$delay" 15 | done 16 | echo "" 17 | } 18 | 19 | # Intro message with logo 20 | print_intro() { 21 | clear 22 | echo -e "\e[36m" 23 | typing_print "==============================================" 24 | typing_print " " 25 | typing_print " ██╗ ██╗██████╗ ███╗ ███╗███████╗ " 26 | typing_print " ██║ ██║██╔══██╗████╗ ████║██╔════╝ " 27 | typing_print " ██║ ██║██║ ██║██╔████╔██║███████╗ " 28 | typing_print " ██║ ██║██║ ██║██║╚██╔╝██║╚════██║ " 29 | typing_print " ╚██████╔╝██████╔╝██║ ╚═╝ ██║███████║ " 30 | typing_print " ╚═════╝ ╚═════╝ ╚═╝ ╚═╝╚══════╝ " 31 | typing_print " " 32 | typing_print "==============================================" 33 | typing_print " " 34 | typing_print "Welcome to UDMS (Ultimate Docker Media Server)" 35 | typing_print " " 36 | typing_print "==============================================" 37 | echo -e "\e[0m" 38 | } 39 | 40 | # Error handling 41 | error_exit() { 42 | message="$1" 43 | echo -e "$(printf "\e[31m$message\e[0m")" | tee -a "$LOGS/error.log" 1>&2 44 | exit 255 45 | } 46 | 47 | # Install Docker and Docker Compose 48 | install_docker() { 49 | echo -e "\e[36m" 50 | typing_print "================================================" 51 | typing_print " Step 1: Installing Docker and Docker Compose " 52 | typing_print "================================================" 53 | typing_print " ## . " 54 | typing_print " ## ## ## == " 55 | typing_print " ## ## ## ## === " 56 | typing_print " /""""""""""""""""\___/ === " 57 | typing_print " ~~~ {~~ ~~~~ ~~~ ~~~~ ~~ ~ / ===- ~~~ " 58 | typing_print " \______ o __/ " 59 | typing_print " \ \ __/ " 60 | typing_print " \____\______/ " 61 | typing_print "================================================" 62 | echo -e "\e[0m" 63 | 64 | # Check if curl is installed, if not, install it 65 | if ! command -v curl &> /dev/null; then 66 | echo "curl is not installed. Installing curl..." 67 | sudo apt-get update || error_exit "Failed to update package list." 68 | sudo apt-get install -y curl || error_exit "Failed to install curl." 69 | echo "curl installed successfully." 70 | fi 71 | 72 | # Check if docker is installed, if not, install it 73 | if ! command -v docker &> /dev/null; then 74 | curl -fsSL https://get.docker.com -o install-docker.sh || error_exit "Failed to download Docker installation script." 75 | sudo sh install-docker.sh || error_exit "Docker installation failed." 76 | typing_print "Docker and Docker Compose installed." 77 | else 78 | typing_print "Docker is already installed." 79 | fi 80 | } 81 | 82 | # Verify Docker installation 83 | verify_docker() { 84 | typing_print "Verifying Docker installation..." 85 | sudo docker --version || error_exit "Docker is not installed correctly." 86 | sudo docker compose version || error_exit "Docker Compose is not installed correctly." 87 | typing_print "Docker installation verified." 88 | } 89 | 90 | # Create .env file 91 | create_env_file() { 92 | typing_print "Creating .env file..." 93 | 94 | touch "$ENV_FILE" 95 | typing_print ".env file created at $ENV_FILE" 96 | 97 | PUID=$(id -u) 98 | PGID=$(id -g) 99 | 100 | read -p "Enter TZ [America/New_York]: " TZ 101 | read -p "Enter SERVER_IP: " SERVER_IP 102 | read -p "Enter PLEX_CLAIM (leave empty if not available): " PLEX_CLAIM 103 | 104 | [ -n "$PLEX_CLAIM" ] && echo "$PLEX_CLAIM" | sudo tee "$SECRETS/plex_claim" > /dev/null 105 | 106 | declare -A env_vars=( 107 | ["HOSTNAME"]="$HOSTNAME" 108 | ["USERDIR"]="$HOME" 109 | ["DOCKERDIR"]="$DOCKER_ROOT" 110 | ["SECRETSDIR"]="$SECRETS" 111 | ["SERVER_IP"]="$SERVER_IP" 112 | ["DATADIR"]="$DATADIR" 113 | ["TZ"]="$TZ" 114 | ["PUID"]="$PUID" 115 | ["PGID"]="$PGID" 116 | ["PLEX_CLAIM"]="$PLEX_CLAIM" 117 | ["LOCAL_IPS"]=127.0.0.1/32,10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 118 | ["HOMEPAGE_VAR_PLEX_URL"]="http://$SERVER_IP:32400/web" 119 | ["HOMEPAGE_VAR_PORTAINER_URL"]="http://$SERVER_IP:9000" 120 | ["HOMEPAGE_VAR_DOZZLE_URL"]="http://$SERVER_IP:8082" 121 | ["HOMEPAGE_VAR_JELLYFIN_URL"]="http://$SERVER_IP:8096" 122 | ["HOMEPAGE_VAR_QBITTORRENT_URL"]="http://$SERVER_IP:8081" 123 | ["HOMEPAGE_VAR_SONARR_URL"]="http://$SERVER_IP:8989" 124 | ["HOMEPAGE_VAR_RADARR_URL"]="http://$SERVER_IP:7878" 125 | ["HOMEPAGE_VAR_PROWLARR_URL"]="http://$SERVER_IP:9696" 126 | ["HOMEPAGE_VAR_BAZARR_URL"]="http://$SERVER_IP:6767" 127 | ) 128 | 129 | for key in "${!env_vars[@]}"; do 130 | echo "$key=${env_vars[$key]}" >> "$ENV_FILE" 131 | done 132 | 133 | echo 134 | typing_print ".env file has been populated with the necessary environment variables." 135 | } 136 | 137 | # Create necessary directories 138 | create_directories() { 139 | typing_print "Creating necessary directories..." 140 | mkdir -p "$APPDATA" "$COMPOSE" "$LOGS" "$SCRIPTS" "$SECRETS" "$SHARED" 141 | typing_print "Directories created:" 142 | typing_print " - $APPDATA" 143 | typing_print " - $COMPOSE" 144 | typing_print " - $LOGS" 145 | typing_print " - $SCRIPTS" 146 | typing_print " - $SECRETS" 147 | typing_print " - $SHARED" 148 | 149 | # Create .env file 150 | create_env_file 151 | } 152 | 153 | # Set permissions 154 | set_permissions() { 155 | typing_print "Setting permissions for secrets folder and .env file..." 156 | sudo chown root:root "$SECRETS" "$ENV_FILE" 157 | sudo chmod 600 "$SECRETS" "$ENV_FILE" 158 | typing_print "Permissions set for secrets folder, .env file and config file." 159 | 160 | typing_print "Setting permissions for Docker root folder..." 161 | sudo apt install -y acl || error_exit "Failed to install ACL." 162 | sudo chmod 775 "$DOCKER_ROOT" 163 | sudo setfacl -Rdm u:"$USER":rwx "$DOCKER_ROOT" 164 | sudo setfacl -Rm u:"$USER":rwx "$DOCKER_ROOT" 165 | sudo setfacl -Rdm g:docker:rwx "$DOCKER_ROOT" 166 | sudo setfacl -Rm g:docker:rwx "$DOCKER_ROOT" 167 | typing_print "Permissions set for Docker root folder: $DOCKER_ROOT" 168 | 169 | typing_print "Setting permissions for Jellyfin directory..." 170 | sudo chown -R "$USER":"$USER" "$DOCKER_ROOT/appdata/jellyfin" 171 | typing_print "Permissions set for Jellyfin directory: $DOCKER_ROOT/appdata/jellyfin" 172 | } 173 | 174 | # Create Docker Compose files 175 | create_compose_files() { 176 | typing_print "Creating master docker-compose file..." 177 | cp "$DOCKER_COMPOSE" "$MASTER_COMPOSE" 178 | typing_print "Master docker-compose file created: $MASTER_COMPOSE" 179 | 180 | local services=( 181 | "socket-proxy" 182 | "portainer" 183 | "dozzle" 184 | "homepage" 185 | "plex" 186 | "jellyfin" 187 | "qbittorrent" 188 | "sonarr" 189 | "radarr" 190 | "prowlarr" 191 | "bazarr" 192 | "docker-gc" 193 | ) 194 | 195 | typing_print "Creating compose files..." 196 | for service in "${services[@]}"; do 197 | cp "$COMPOSE_FILES/$service.yml" "$COMPOSE/$service.yml" 198 | typing_print "Created: $COMPOSE/$service.yml" 199 | done 200 | typing_print "Compose files created." 201 | } 202 | 203 | # Start Docker containers 204 | start_containers() { 205 | typing_print "Starting the containers..." 206 | sudo docker compose -f "$MASTER_COMPOSE" up -d || error_exit "Failed to start containers." 207 | } 208 | 209 | # Replace homepage configuration files 210 | create_homepage_config() { 211 | typing_print "Creating homepage configuration files..." 212 | 213 | # Ensure the destination directory exists 214 | mkdir -p "$APPDATA/homepage" 215 | 216 | local files=("bookmarks.yaml" "services.yaml" "settings.yaml" "widgets.yaml") 217 | 218 | # Copy the configuration files 219 | for file in bookmarks.yaml services.yaml settings.yaml widgets.yaml; do 220 | if cp "$HOMEPAGE_CONFIG/$file" "$APPDATA/homepage/$file"; then 221 | typing_print "Created $file" 222 | else 223 | echo "Failed to create $file" 224 | fi 225 | done 226 | 227 | typing_print "Homepage configuration files created." 228 | } 229 | 230 | # Replace qBittorrent configuration file 231 | create_qbittorrent_config() { 232 | typing_print "Creating qBittorrent configuration file..." 233 | 234 | # Ensure the destination directory exists 235 | mkdir -p "$(dirname "$QBITTORRENT_CONF")" 236 | 237 | # Copy the configuration file 238 | if cp "$QBITTORRENT_CONFIG" "$QBITTORRENT_CONF"; then 239 | typing_print "Created $QBITTORRENT_CONF." 240 | else 241 | echo "Failed to create qbittorrent.conf." 242 | fi 243 | } 244 | 245 | # Add Docker aliases to bash configuration 246 | add_docker_aliases() { 247 | typing_print "Adding Docker aliases..." 248 | 249 | # Copy bash_aliases.env.example to $BASH_ENV 250 | if [[ -f "./bash_aliases.env.example" ]]; then 251 | mkdir -p "$SHARED/config" 252 | cp "./bash_aliases.env.example" "$BASH_ENV" 253 | typing_print "Created $BASH_ENV." 254 | else 255 | error_exit "bash_aliases.env.example file not found in the current directory." 256 | fi 257 | 258 | # Add variables to bash_aliases.env file 259 | cat "./config.env" >> "$BASH_ENV" 260 | 261 | # Check if bash_aliases file exists in the same directory as the script 262 | if [[ -f "./bash_aliases" ]]; then 263 | # Append the contents of bash_aliases to the bash configuration 264 | cat "./bash_aliases" >> "$BASH_CONFIG" 265 | typing_print "Docker aliases added to $BASH_CONFIG." 266 | else 267 | error_exit "bash_aliases file not found in the current directory." 268 | fi 269 | 270 | # Ensure .bashrc sources .bash_aliases 271 | if ! grep -q "source $BASH_CONFIG" "$BASHRC"; then 272 | echo "source $BASH_CONFIG" >> "$BASHRC" 273 | typing_print "Added 'source $BASH_CONFIG' to $BASHRC to load .bash_aliases." 274 | else 275 | typing_print "$BASHRC already sources $BASH_CONFIG." 276 | fi 277 | 278 | # Source the .bashrc to apply changes immediately 279 | source "$BASHRC" 280 | } 281 | 282 | # Function to create docker-gc-exclude file 283 | create_docker_gc_exclude() { 284 | typing_print "Creating docker-gc-exclude file..." 285 | 286 | # Ensure the destination directory exists 287 | mkdir -p "$APPDATA/docker-gc" 288 | 289 | # Copy the docker-gc-exclude file from the local directory 290 | cp "$DOCKERGC_EXCLUDE" "$APPDATA/docker-gc/docker-gc-exclude" 291 | if [ $? -eq 0 ]; then 292 | typing_print "docker-gc-exclude file created successfully." 293 | else 294 | error_exit "Failed to create docker-gc-exclude file." 295 | fi 296 | } 297 | 298 | print_setup_complete() { 299 | echo -e "\e[32m" 300 | typing_print "██████╗ ██████╗ ███╗ ██╗███████╗" 301 | typing_print "██╔══██╗██╔═══██╗████╗ ██║██╔════╝" 302 | typing_print "██║ ██║██║ ██║██╔██╗ ██║█████╗ " 303 | typing_print "██║ ██║██║ ██║██║╚██╗██║██╔══╝ " 304 | typing_print "██████╔╝╚██████╔╝██║ ╚████║███████╗" 305 | typing_print "╚═════╝ ╚═════╝ ╚═╝ ╚═══╝╚══════╝" 306 | typing_print "Setup complete." 307 | echo -e "\e[0m" 308 | } -------------------------------------------------------------------------------- /scripts/os-prep.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Prompt for username and port number 4 | read -p "Enter the username to add: " USERNAME 5 | read -p "Enter the SSH port number to configure: " SSH_PORT 6 | 7 | # Add user and add to sudo group 8 | adduser "$USERNAME" 9 | adduser "$USERNAME" sudo 10 | 11 | # Update and upgrade the system 12 | apt update && apt upgrade -y 13 | 14 | # Install necessary packages 15 | echo "Installing basic Packages..." 16 | apt install -y ca-certificates curl gnupg lsb-release git htop zip unzip apt-transport-https net-tools ncdu apache2-utils 17 | echo 18 | 19 | # Configure SSH 20 | echo "Configuring SSH..." 21 | sed -i "s/#Port 22/Port $SSH_PORT/" /etc/ssh/sshd_config 22 | systemctl restart sshd 23 | echo 24 | 25 | # Configure system parameters 26 | echo "Configuring system parameters..." 27 | echo "vm.swappiness=10" >> /etc/sysctl.conf 28 | echo "vm.vfs_cache_pressure=50" >> /etc/sysctl.conf 29 | echo "fs.inotify.max_user_watches=262144" >> /etc/sysctl.conf 30 | sysctl -p 31 | 32 | # Configure UFW (Uncomplicated Firewall) 33 | echo "Configuring UFW..." 34 | ufw default deny incoming 35 | ufw default allow outgoing 36 | ufw allow from 192.168.100.0/24 37 | ufw enable 38 | ufw status 39 | 40 | echo "OS preparation completed successfully." -------------------------------------------------------------------------------- /scripts/udms.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # set -e 4 | 5 | # Source functions and configurations 6 | source ./functions.sh 7 | 8 | # Main function 9 | main() { 10 | print_intro 11 | echo 12 | create_directories 13 | echo 14 | install_docker 15 | echo 16 | verify_docker 17 | echo 18 | set_permissions 19 | echo 20 | create_compose_files 21 | echo 22 | create_qbittorrent_config 23 | echo 24 | create_homepage_config 25 | echo 26 | create_docker_gc_exclude 27 | echo 28 | add_docker_aliases 29 | echo 30 | start_containers 31 | echo 32 | print_setup_complete 33 | } 34 | 35 | main 36 | --------------------------------------------------------------------------------