├── .env.example ├── .env.template ├── .gitignore ├── .gitmodules ├── .vscode └── settings.json ├── README.md ├── backup.sh ├── docker-compose.template.yml ├── script.sh └── services ├── 2fauth ├── .env.example ├── README.md └── docker-compose.yml ├── adguard ├── .env.example └── docker-compose.yml ├── adminer ├── .env.example └── docker-compose.yml ├── agendav ├── .env.example ├── README.md └── docker-compose.yml ├── airflow ├── .env.example ├── .gitignore ├── README.md ├── airflow.example.cfg └── docker-compose.yml ├── airsonic ├── .env.example └── docker-compose.yml ├── archivebox ├── .env.example ├── README.md └── docker-compose.yml ├── arr-apps-vpn ├── .env.example ├── .gitignore ├── README.md └── docker-compose.yml ├── audiobookshelf └── docker-compose.yml ├── autoheal ├── README.md └── docker-compose.yml ├── baserow ├── .env.example └── docker-compose.yml ├── bazarr ├── .env.example ├── README.md └── docker-compose.yml ├── bevy ├── .env.example ├── README.md └── docker-compose.yml ├── bloben ├── .env.example ├── README.md └── docker-compose.yml ├── bookstack ├── .env.example └── docker-compose.yml ├── cadvisor └── docker-compose.yml ├── calibre ├── README.md └── docker-compose.yml ├── changedetection ├── .env.example └── docker-compose.yml ├── checkmk ├── .env.example ├── .gitignore └── docker-compose.yml ├── cloudflare-ddns ├── .gitignore ├── README.md └── docker-compose.yml ├── cloudflared ├── .env.example ├── README.md ├── docker-compose.yml └── public-hostname-page.png ├── code-server ├── .env.example ├── README.md └── docker-compose.yml ├── collabora ├── .env.example └── docker-compose.yml ├── commafeed ├── README.md └── docker-compose.yml ├── coolify ├── .env.example ├── README.md └── docker-compose.yml ├── cryptgeon ├── .env.example └── docker-compose.yml ├── cryptofolio ├── .env.example ├── README.md └── docker-compose.yml ├── cypht └── docker-compose.yml ├── dash ├── .env.example ├── README.md └── docker-compose.yml ├── ddclient ├── README.md └── docker-compose.yml ├── diun ├── .env.example └── docker-compose.yml ├── documize ├── .env.example ├── docker-compose.yml └── src │ └── Dockerfile ├── dolibarr ├── .env.example └── docker-compose.yml ├── dozzle ├── .env.example ├── README.md └── docker-compose.yml ├── drone ├── .env.example └── docker-compose.yml ├── duplicacy ├── .env.example └── docker-compose.yml ├── duplicati ├── .env.example └── docker-compose.yml ├── emulatorjs ├── config │ └── profile │ │ ├── default │ │ └── retroarch.cfg │ │ └── profile.json └── docker-compose.yml ├── erpnext ├── README.md └── docker-compose.yml ├── fileflows ├── .env.example ├── README.md └── docker-compose.yml ├── filestash ├── .env.example ├── README.md └── docker-compose.yml ├── fireflyiii ├── .env.example └── docker-compose.yml ├── fireshare ├── .env.example ├── README.md └── docker-compose.yml ├── fittrackee ├── README.md └── docker-compose.yml ├── flaresolverr ├── .env.example ├── README.md └── docker-compose.yml ├── flood ├── .env.example ├── README.md └── docker-compose.yml ├── frigate ├── .env.example ├── .gitignore ├── config.yml.example └── docker-compose.yml ├── ghost ├── .env.example └── docker-compose.yml ├── ghostfolio ├── .env.example ├── README.md └── docker-compose.yml ├── gitlab ├── .env.example ├── README.md ├── docker-compose.yml └── gitlab.example.rb ├── gluetun ├── .env.example ├── README.md └── docker-compose.yml ├── go-socks5-proxy ├── .env.example ├── README.md └── docker-compose.yml ├── gogs ├── .env.example └── docker-compose.yml ├── gotify ├── .env.example └── docker-compose.yml ├── grafana ├── .gitignore ├── docker-compose.yml └── grafana.ini.example ├── grist ├── .env.example └── docker-compose.yml ├── grocy ├── .env.example └── docker-compose.yml ├── guacamole ├── .env.example └── docker-compose.yml ├── hammond ├── README.md └── docker-compose.yml ├── headphones ├── .env.example ├── README.md └── docker-compose.yml ├── healthchecks ├── .env.example ├── README.md └── docker-compose.yml ├── heimdall ├── .env.example └── docker-compose.yml ├── hledger └── docker-compose.yml ├── homarr ├── .env.example ├── README.md └── docker-compose.yml ├── homeassistant ├── README.md └── docker-compose.yml ├── homepage ├── .env.example ├── .gitignore ├── README.md └── docker-compose.yml ├── i2p └── docker-compose.yaml ├── immich ├── .env.example ├── README.md └── docker-compose.yml ├── invidious ├── README.md ├── config │ ├── config.example.yml │ └── sql │ │ ├── annotations.sql │ │ ├── channel_videos.sql │ │ ├── channels.sql │ │ ├── nonces.sql │ │ ├── playlist_videos.sql │ │ ├── playlists.sql │ │ ├── session_ids.sql │ │ ├── users.sql │ │ └── videos.sql ├── docker-compose.yml └── docker │ └── init-invidious-db.sh ├── jackett ├── .env.example ├── README.md └── docker-compose.yml ├── jellyfin ├── .env.example └── docker-compose.yml ├── jellyseerr ├── .env.example ├── README.md ├── docker-compose.yml └── healthcheck.js ├── jupyterhub ├── .gitignore ├── Dockerfile ├── README.md ├── docker-compose.yml └── jupyterhub_config.py.example ├── jupyterlab ├── .env.example ├── .gitignore ├── docker-compose.yml └── jupyter_server_config.example.json ├── kasm ├── .env.example ├── .gitignore ├── README.md ├── docker-compose.yml └── nginx.conf.example ├── kavita └── docker-compose.yml ├── keeweb ├── .env.example ├── docker-compose.yml └── keeweb.conf ├── komga ├── .env.example └── docker-compose.yml ├── lazylibrarian ├── .env.example ├── README.md └── docker-compose.yml ├── ledgersmb ├── .env.example └── docker-compose.yml ├── lenpaste └── docker-compose.yml ├── librespeed ├── .env.example └── docker-compose.yml ├── lidarr ├── .env.example ├── README.md └── docker-compose.yml ├── linkace ├── README.md └── docker-compose.yml ├── matomo ├── .env.example ├── docker-compose.yml └── matomo.conf ├── mautic ├── README.md └── docker-compose.yml ├── mealie ├── .env.example ├── README.md └── docker-compose.yml ├── media-nginx ├── docker-compose.yml └── nginx.conf.template ├── memos ├── .env.example ├── README.md └── docker-compose.yml ├── metabase ├── .env.example ├── README.md └── docker-compose.yml ├── metube └── docker-compose.yml ├── minecraft └── docker-compose.yml ├── minetest ├── .env.example └── docker-compose.yml ├── miniflux ├── .env.example ├── README.md └── docker-compose.yml ├── motioneye ├── .env.example └── docker-compose.yml ├── mylar3 ├── .env.example ├── README.md └── docker-compose.yml ├── n8n ├── .env.example ├── README.md └── docker-compose.yml ├── netbox ├── .env.example ├── README.md └── docker-compose.yml ├── netdata ├── .env.example └── docker-compose.yml ├── nextcloud ├── .env.example ├── README.md ├── configure-onlyoffice.sh ├── docker-compose.yml └── nginx.conf.example ├── nginx-proxy-manager ├── .env.example ├── .gitignore ├── README.md └── docker-compose.yml ├── nocodb ├── .env.example └── docker-compose.yml ├── notifiarr ├── README.md └── docker-compose.yml ├── ntfy ├── .env.example ├── .gitignore ├── README.md ├── docker-compose.yml └── server.yml.example ├── ntopng ├── .env.example ├── README.md └── docker-compose.yml ├── odoo ├── .env.example └── docker-compose.yml ├── onlyoffice ├── .env.example └── docker-compose.yml ├── openproject ├── .env.example └── docker-compose.yml ├── openssh ├── .env.example └── docker-compose.yml ├── openvpn ├── .gitignore ├── README.md └── docker-compose.yml ├── organizr └── docker-compose.yml ├── own-my-money ├── README.md └── docker-compose.yml ├── photoprism ├── .env.example └── docker-compose.yml ├── pialert ├── .env.example ├── README.md └── docker-compose.yml ├── pihole ├── .env.example └── docker-compose.yml ├── planka ├── .env.example └── docker-compose.yml ├── portainer ├── .env.example └── docker-compose.yml ├── prometheus ├── .gitignore ├── docker-compose.yml └── prometheus.yml.example ├── prowlarr ├── .env.example ├── README.md └── docker-compose.yml ├── qbittorrent ├── .env.example ├── README.md └── docker-compose.yml ├── radarr ├── .env.example ├── README.md └── docker-compose.yml ├── rainloop ├── .env.example ├── README.md └── docker-compose.yml ├── rancher ├── README.md └── docker-compose.yml ├── readarr ├── .env.example ├── README.md └── docker-compose.yml ├── registry ├── .env.example └── docker-compose.yml ├── remark42 ├── .env.example ├── README.md └── docker-compose.yml ├── requestrr ├── .env.example ├── README.md └── docker-compose.yml ├── rotki ├── .env.example └── docker-compose.yml ├── roundcube └── docker-compose.yml ├── sablier └── docker-compose.yml ├── sabnzbd ├── .env.example ├── README.md └── docker-compose.yml ├── samba ├── .env.example └── docker-compose.yml ├── scrypted ├── README.md └── docker-compose.yml ├── seafile ├── .env.example ├── docker-compose.yml ├── seafile.nginx.conf └── seafile.nginx.conf.example ├── searxng ├── .env.example ├── .gitignore ├── README.md ├── docker-compose.yml └── settings.yml.example ├── selfoss ├── README.md └── docker-compose.yml ├── sftp ├── README.md └── docker-compose.yml ├── shlink ├── .env.example ├── README.md └── docker-compose.yml ├── snapdrop ├── .env.example └── docker-compose.yml ├── snipe-it └── docker-compose.yml ├── snowflake └── docker-compose.yml ├── sonarr ├── .env.example ├── README.md └── docker-compose.yml ├── speedtest-tracker ├── .env.example └── docker-compose.yml ├── stinger ├── README.md └── docker-compose.yml ├── superset ├── .gitignore ├── README.md ├── docker-compose.yml └── superset_config copy.example.py ├── syncthing ├── .env.example └── docker-compose.yml ├── tailscale ├── README.md └── docker-compose.yml ├── tfviewer ├── README.md └── docker-compose.yml ├── theme-park ├── .env.example ├── README.md └── docker-compose.yml ├── tor-hidden-service ├── .env.example └── docker-compose.yaml ├── torproxy └── docker-compose.yml ├── traefik-hub ├── .env.example └── docker-compose.yml ├── traefik ├── .env.example ├── README.md ├── authelia │ ├── .gitignore │ ├── configuration.yml.example │ └── users_database.yml.example ├── docker-compose.yml └── hook.sh ├── traggo ├── .env.example └── docker-compose.yml ├── transmission ├── .env.example ├── README.md └── docker-compose.yml ├── trillium ├── .env.example └── docker-compose.yml ├── tubearchivist ├── .env.example └── docker-compose.yml ├── umami ├── .env.example ├── README.md └── docker-compose.yml ├── unmanic ├── .env.example ├── README.md └── docker-compose.yml ├── upsnap ├── README.md └── docker-compose.yml ├── uptimekuma ├── .env.example └── docker-compose.yml ├── urbit ├── .env.example ├── README.md └── docker-compose.yml ├── vikunja └── docker-compose.yml ├── vpnchecker ├── .env.example ├── README.md └── docker-compose.yml ├── watchtower ├── .env.example ├── README.md └── docker-compose.yml ├── watchyourlan ├── .env.example ├── README.md └── docker-compose.yml ├── webmap ├── .env.example ├── .gitignore ├── README.md ├── data │ └── .gitignore └── docker-compose.yml ├── webnut ├── .env.example └── docker-compose.yml ├── webtop ├── .env.example └── docker-compose.yml ├── wger ├── .env.example ├── README.md └── docker-compose.yml ├── whatsupdocker ├── .env.example ├── README.md └── docker-compose.yml ├── where-the ├── README.md └── docker-compose.yml ├── whisparr ├── .env.example ├── README.md └── docker-compose.yml ├── whoogle ├── .env.example └── docker-compose.yml ├── wikijs ├── .env.example └── docker-compose.yml ├── wireguard ├── .env.example ├── README.md └── docker-compose.yml ├── wol ├── .env.example ├── .gitignore ├── config.csv.example └── docker-compose.yml ├── wordpress ├── .env.example └── docker-compose.yml ├── xbackbone ├── .env.example ├── README.md └── docker-compose.yml ├── yacht ├── .env.example └── docker-compose.yml └── youtube-dl ├── .env.example └── docker-compose.yml /.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | DOMAIN=example.com 3 | 4 | ACTIVE_SERVICES=traefik,watchtower,librespeed,gogs,nextcloud 5 | SAVE_BACKUP=gogs,nextcloud 6 | VPN_SERVICES=gluetun,transmission,lidarr,radarr,sonarr,prowlarr,jellyseerr 7 | 8 | BACKUP_DESTINATION=/mnt/backup 9 | BACKUP_DESTINATION_MOUNT=/mnt/backup 10 | BACKUP_SOURCE_MOUNT=/mnt/data 11 | WEBHOOK="https://uptimekuma.example.com/api/push/abc123?status=up&msg=OK&ping=" 12 | -------------------------------------------------------------------------------- /.env.template: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=funnyservice 3 | HOMEPAGE_GROUP=Media 4 | HOMEPAGE_NAME=funnyservice 5 | HOMEPAGE_ICON=funnyservice 6 | HOMEPAGE_DESCRIPTION=what does the funnyservice do 7 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | services/*/data/ 2 | services/*/repo/ 3 | fullchain.pem 4 | privkey.pem 5 | acme.json 6 | letsencrypt 7 | .env 8 | docker-compose.override.yml 9 | custom 10 | *.key 11 | *.crt 12 | backup-logs.txt 13 | nohup.out 14 | custom_services/* 15 | !custom_services/.gitignore 16 | nginx.conf 17 | TODO.md -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "services/crater/crater"] 2 | path = services/crater/crater 3 | url = https://github.com/crater-invoice/crater 4 | [submodule "services/fittrackee/docker-fittrackee"] 5 | path = services/fittrackee/docker-fittrackee 6 | url = https://github.com/SamR1/docker-fittrackee.git 7 | [submodule "services/feedbin/feedbin-docker"] 8 | path = services/feedbin/feedbin-docker 9 | url = https://github.com/angristan/feedbin-docker.git 10 | -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "search.exclude": { 3 | "**/*.config": true, 4 | "**/config": true, 5 | "**/data": true 6 | } 7 | } -------------------------------------------------------------------------------- /docker-compose.template.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3" 3 | 4 | services: 5 | funnyservice: 6 | image: nginx 7 | restart: unless-stopped 8 | security_opt: 9 | - no-new-privileges:true 10 | labels: 11 | my.zone: zone1 12 | traefik.enable: true 13 | traefik.http.routers.funnyservice.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 14 | traefik.http.routers.funnyservice.entrypoints: websecure 15 | traefik.http.services.funnyservice.loadbalancer.server.port: 80 16 | homepage.group: ${HOMEPAGE_GROUP} 17 | homepage.name: ${HOMEPAGE_NAME} 18 | homepage.icon: ${HOMEPAGE_ICON} 19 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 20 | homepage.description: ${HOMEPAGE_DESCRIPTION} 21 | 22 | networks: 23 | default: 24 | name: zone1 25 | external: true 26 | -------------------------------------------------------------------------------- /script.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | if [ -f .env ] 4 | then 5 | export $(cat .env | sed 's/#.*//g' | xargs) 6 | fi 7 | 8 | if [[ "$1" = "KASM" ]] 9 | then 10 | cd services/kasm 11 | sudo bash kasm_release/bin/$2 12 | cd ../.. 13 | exit 0 14 | fi 15 | 16 | servicesEnv="$(printenv "$1")" 17 | 18 | IFS=',' read -r -a services <<< "$servicesEnv" 19 | 20 | for service in ${services[*]} 21 | do 22 | cd services/$service 23 | docker compose $2 $3 $4 $5 24 | cd ../.. 25 | done 26 | -------------------------------------------------------------------------------- /services/2fauth/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=2fauth 3 | 4 | SITE_OWNER=me@example.com 5 | 6 | #openssl rand -base64 32 7 | APP_KEY= 8 | -------------------------------------------------------------------------------- /services/2fauth/README.md: -------------------------------------------------------------------------------- 1 | # 2fauth 2 | 3 | https://docs.2fauth.app/ 4 | https://github.com/Bubka/2FAuth 5 | -------------------------------------------------------------------------------- /services/adguard/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=adguard 3 | 4 | USERNAME=user 5 | PASSWORD=secret -------------------------------------------------------------------------------- /services/adminer/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=adminer -------------------------------------------------------------------------------- /services/adminer/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | adminer: 4 | image: adminer 5 | restart: unless-stopped 6 | security_opt: 7 | - no-new-privileges:true 8 | networks: 9 | - traefik 10 | labels: 11 | my.zone: zone1 12 | traefik.enable: true 13 | traefik.http.routers.adminer.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 14 | traefik.http.routers.adminer.entrypoints: websecure 15 | traefik.http.services.adminer.loadbalancer.server.port: 8080 16 | 17 | networks: 18 | traefik: 19 | name: zone1 20 | external: true 21 | -------------------------------------------------------------------------------- /services/agendav/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=agendav 3 | -------------------------------------------------------------------------------- /services/agendav/README.md: -------------------------------------------------------------------------------- 1 | # agendav 2 | 3 | https://github.com/agendav/agendav -------------------------------------------------------------------------------- /services/agendav/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2" 2 | 3 | services: 4 | agendav: 5 | image: ghcr.io/nagimov/agendav-docker:latest 6 | environment: 7 | - AGENDAV_SERVER_NAME=127.0.0.1 8 | - AGENDAV_TITLE=Welcome to Example Agendav Server 9 | - AGENDAV_FOOTER=Hosted by Example Company 10 | - AGENDAV_ENC_KEY=my_encrypt10n_k3y 11 | - AGENDAV_CALDAV_SERVER=https://baikal.example.com/cal.php 12 | - AGENDAV_CALDAV_PUBLIC_URL=https://baikal.example.com 13 | - AGENDAV_TIMEZONE=UTC 14 | - AGENDAV_LANG=en 15 | - AGENDAV_LOG_DIR=/tmp/ 16 | restart: unless-stopped 17 | security_opt: 18 | - no-new-privileges:true 19 | networks: 20 | - traefik 21 | labels: 22 | my.zone: zone1 23 | traefik.enable: true 24 | traefik.http.routers.agendav.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 25 | traefik.http.routers.agendav.entrypoints: websecure 26 | traefik.http.services.agendav.loadbalancer.server.port: 80 27 | homepage.group: Media 28 | homepage.name: agendav 29 | homepage.icon: agendav 30 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 31 | homepage.description: calendar UI 32 | 33 | networks: 34 | traefik: 35 | name: zone1 36 | external: true 37 | -------------------------------------------------------------------------------- /services/airflow/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=airflow 3 | SERVICE_PORT=8080 4 | HOMEPAGE_GROUP=Infrastructure 5 | HOMEPAGE_NAME=airflow 6 | HOMEPAGE_ICON=airflow 7 | HOMEPAGE_DESCRIPTION= A platform to programmatically author, schedule, and monitor workflows 8 | 9 | POSTGRES_USER=airflow 10 | POSTGRES_PASSWORD=password 11 | 12 | _AIRFLOW_WWW_USER_USERNAME=root 13 | _AIRFLOW_WWW_USER_PASSWORD=root 14 | -------------------------------------------------------------------------------- /services/airflow/.gitignore: -------------------------------------------------------------------------------- 1 | airflow.cfg 2 | -------------------------------------------------------------------------------- /services/airflow/README.md: -------------------------------------------------------------------------------- 1 | # airflow 2 | 3 | https://airflow.apache.org/ 4 | https://github.com/apache/airflow 5 | https://hub.docker.com/r/apache/airflow 6 | -------------------------------------------------------------------------------- /services/airsonic/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=airsonic -------------------------------------------------------------------------------- /services/airsonic/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | airsonic: 4 | image: lscr.io/linuxserver/airsonic-advanced 5 | environment: 6 | - JAVA_OPTS=-Dserver.use-forward-headers=true 7 | - PUID=1000 8 | - PGID=1000 9 | - TZ=${TZ} 10 | volumes: 11 | - ./data/config:/config 12 | - ./data/music:/music 13 | - ./data/playlists:/playlists 14 | - ./data/podcasts:/podcasts 15 | restart: unless-stopped 16 | security_opt: 17 | - no-new-privileges:true 18 | networks: 19 | - traefik 20 | labels: 21 | my.zone: zone1 22 | traefik.enable: true 23 | traefik.http.routers.airsonic.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 24 | traefik.http.routers.airsonic.entrypoints: websecure 25 | traefik.http.services.airsonic.loadbalancer.server.port: 4040 26 | 27 | networks: 28 | traefik: 29 | name: zone1 30 | external: true 31 | -------------------------------------------------------------------------------- /services/archivebox/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=archivebox -------------------------------------------------------------------------------- /services/archivebox/README.md: -------------------------------------------------------------------------------- 1 | # archivebox 2 | 3 | https://github.com/ArchiveBox/ArchiveBox 4 | https://archivebox.io 5 | 6 | ## initial setup 7 | 8 | ``` shell 9 | docker compose run archivebox init --setup 10 | ``` -------------------------------------------------------------------------------- /services/archivebox/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2.4" 2 | 3 | services: 4 | archivebox: 5 | image: archivebox/archivebox:master 6 | command: server --quick-init 0.0.0.0:8000 7 | environment: 8 | - ALLOWED_HOSTS=* # add any config options you want as env vars 9 | - MEDIA_MAX_SIZE=750m 10 | # - SEARCH_BACKEND_ENGINE=sonic # uncomment these if you enable sonic below 11 | # - SEARCH_BACKEND_HOST_NAME=sonic 12 | # - SEARCH_BACKEND_PASSWORD=SecretPassword 13 | volumes: 14 | - ./data:/data 15 | security_opt: 16 | - no-new-privileges:true 17 | networks: 18 | - traefik 19 | labels: 20 | my.zone: zone1 21 | traefik.enable: true 22 | traefik.http.routers.archivebox.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 23 | traefik.http.routers.archivebox.entrypoints: websecure 24 | traefik.http.services.archivebox.loadbalancer.server.port: 8000 25 | 26 | networks: 27 | traefik: 28 | name: zone1 29 | external: true 30 | -------------------------------------------------------------------------------- /services/arr-apps-vpn/.gitignore: -------------------------------------------------------------------------------- 1 | config -------------------------------------------------------------------------------- /services/arr-apps-vpn/README.md: -------------------------------------------------------------------------------- 1 | # DEPRECATED all services are now split into separate folder 2 | 3 | ## services 4 | 5 | https://github.com/diericx/bevy -------------------------------------------------------------------------------- /services/audiobookshelf/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.7" 2 | 3 | services: 4 | audiobookshelf: 5 | image: ghcr.io/advplyr/audiobookshelf 6 | volumes: 7 | - ./data/audiobooks:/audiobooks 8 | - ./data/metadata:/metadata 9 | - ./data/config:/config 10 | restart: unless-stopped 11 | security_opt: 12 | - no-new-privileges:true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.audiobookshelf.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.audiobookshelf.entrypoints: websecure 20 | traefik.http.services.audiobookshelf.loadbalancer.server.port: 80 21 | 22 | networks: 23 | traefik: 24 | name: zone1 25 | external: true 26 | -------------------------------------------------------------------------------- /services/autoheal/README.md: -------------------------------------------------------------------------------- 1 | # autoheal 2 | 3 | https://github.com/willfarrell/docker-autoheal 4 | -------------------------------------------------------------------------------- /services/autoheal/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.7' 2 | 3 | services: 4 | autoheal: 5 | image: willfarrell/autoheal 6 | volumes: 7 | - /var/run/docker.sock:/var/run/docker.sock 8 | restart: unless-stopped 9 | security_opt: 10 | - no-new-privileges:true 11 | environment: 12 | AUTOHEAL_CONTAINER_LABEL: all 13 | -------------------------------------------------------------------------------- /services/baserow/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=baserow 3 | -------------------------------------------------------------------------------- /services/baserow/docker-compose.yml: -------------------------------------------------------------------------------- 1 | # docker run \ 2 | # -d \ 3 | # --name baserow \ 4 | # -e BASEROW_PUBLIC_URL=https://www.yourdomain.com \ 5 | # -v baserow_data:/baserow/data \ 6 | # -p 80:80 \ 7 | # --restart unless-stopped \ 8 | # baserow/baserow:1.10.1 9 | 10 | version: "3.6" 11 | services: 12 | baserow: 13 | image: baserow/baserow 14 | environment: 15 | - BASEROW_PUBLIC_URL=https://${SUB_DOMAIN}.${SERVER_DOMAIN} 16 | volumes: 17 | - ./data:/baserow/data 18 | restart: unless-stopped 19 | security_opt: 20 | - no-new-privileges:true 21 | networks: 22 | - traefik 23 | labels: 24 | my.zone: zone1 25 | traefik.enable: true 26 | traefik.http.routers.baserow.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 27 | traefik.http.routers.baserow.entrypoints: websecure 28 | traefik.http.services.baserow.loadbalancer.server.port: 80 29 | 30 | networks: 31 | traefik: 32 | name: zone1 33 | external: true 34 | -------------------------------------------------------------------------------- /services/bazarr/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=bazarr 4 | 5 | API_KEY= 6 | -------------------------------------------------------------------------------- /services/bazarr/README.md: -------------------------------------------------------------------------------- 1 | # bazarr 2 | 3 | https://www.bazarr.media/ 4 | https://github.com/morpheus65535/bazarr 5 | https://hotio.dev/containers/bazarr/ 6 | -------------------------------------------------------------------------------- /services/bazarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | bazarr: 5 | image: cr.hotio.dev/hotio/bazarr 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | UMASK: 002 10 | TZ: 11 | volumes: 12 | - ./data/config:/config 13 | - ./data/data:/data 14 | restart: always 15 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 16 | labels: 17 | homepage.group: Arr 18 | homepage.name: Bazarr 19 | homepage.icon: bazarr 20 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 21 | homepage.description: Subtitles 22 | homepage.widget.type: bazarr 23 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 24 | homepage.widget.key: ${API_KEY} 25 | -------------------------------------------------------------------------------- /services/bevy/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=bevy 3 | -------------------------------------------------------------------------------- /services/bevy/README.md: -------------------------------------------------------------------------------- 1 | # bevy 2 | 3 | https://github.com/diericx/bevy 4 | -------------------------------------------------------------------------------- /services/bevy/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | bevy: 5 | image: zolland/bevy:latest 6 | user: 1000:1000 7 | restart: always 8 | environment: 9 | - CONFIG_FILE=/etc/bevy/config.toml 10 | volumes: 11 | - ./data/config/config.toml:/etc/bevy/config.toml 12 | - ./data/downloads:/downloads 13 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 14 | labels: 15 | homepage.group: Arr 16 | homepage.name: Bevy 17 | homepage.icon: bevy 18 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 19 | homepage.description: Torrent movie streaming 20 | -------------------------------------------------------------------------------- /services/bloben/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=bloben 3 | 4 | DB_HOST=databaseBloben # OR databaseBloben14 for docker-compose-pg14.yml file 5 | DB_PORT=5432 6 | DB_USERNAME=bloben 7 | DB_DATABASE=bloben_api 8 | DB_CONNECTION=postgres 9 | DB_SYNCHRONIZE=true 10 | DB_LOGGING=false 11 | DB_ENTITIES=usr/app/api/build/data/entity/*.js 12 | DB_ENTITIES_DIR=usr/app/api/build/data/entity 13 | DB_MIGRATIONS=usr/app/api/build/data/migrations/*.js 14 | 15 | ## Use same password for database for DB_PASSWORD and POSTGRES_PASSWORD 16 | DB_PASSWORD=CHANGE_ME 17 | POSTGRES_PASSWORD=CHANGE_ME 18 | 19 | SESSION_SECRET=CHANGE_ME 20 | OTP_SECRET=CHANGE_ME 21 | # your login password for admin account 22 | INITIAL_ADMIN_PASSWORD=CHANGE_ME 23 | 24 | REDIS_HOST=redisBloben 25 | REDIS_PORT=6379 26 | 27 | POSTGRES_DB=bloben_api 28 | POSTGRES_USER=bloben 29 | 30 | APP_DOMAIN=YOUR_DOMAIN 31 | 32 | SMTP_PORT= 33 | SMTP_HOST= 34 | SMTP_EMAIL= 35 | SMTP_USERNAME= 36 | SMTP_PASSWORD= 37 | -------------------------------------------------------------------------------- /services/bloben/README.md: -------------------------------------------------------------------------------- 1 | # bloben 2 | 3 | https://bloben.com/ -------------------------------------------------------------------------------- /services/bloben/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.7' 2 | 3 | services: 4 | bloben: 5 | image: 'bloben/app:latest' 6 | volumes: 7 | - ./data/logs:/logs 8 | env_file: 9 | - .env 10 | restart: always 11 | security_opt: 12 | - no-new-privileges:true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.bloben.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.bloben.entrypoints: websecure 20 | traefik.http.services.bloben.loadbalancer.server.port: 80 21 | homepage.group: Media 22 | homepage.name: bloben 23 | homepage.icon: bloben 24 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.description: calendar UI 26 | 27 | databaseBloben14: 28 | image: 'postgres:14.5-bullseye' 29 | env_file: 30 | - .env 31 | volumes: 32 | - ./data/db:/var/lib/postgresql/data 33 | restart: always 34 | networks: 35 | - traefik 36 | 37 | redisBloben: 38 | image: redis:7.0.5-bullseye 39 | volumes: 40 | - ./data/redis:/data 41 | restart: always 42 | networks: 43 | - traefik 44 | 45 | networks: 46 | traefik: 47 | name: zone1 48 | external: true 49 | -------------------------------------------------------------------------------- /services/bookstack/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=bookstack 4 | 5 | DB_DATABASE=database 6 | DB_USER=user 7 | DB_PASSWORD=password 8 | DB_ROOT_PASSWORD=rootPassword -------------------------------------------------------------------------------- /services/cadvisor/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | cadvisor: 4 | image: gcr.io/cadvisor/cadvisor 5 | volumes: 6 | - /:/rootfs:ro 7 | - /var/run:/var/run:ro 8 | - /sys:/sys:ro 9 | - /var/lib/docker/:/var/lib/docker:ro 10 | - /dev/disk/:/dev/disk:ro 11 | devices: 12 | - /dev/kmsg 13 | command: 14 | - '-housekeeping_interval=10s' 15 | - '-docker_only=true' 16 | restart: unless-stopped 17 | networks: 18 | - traefik 19 | labels: 20 | my.zone: zone1 21 | traefik.enable: true 22 | traefik.http.routers.cadvisor.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 23 | traefik.http.routers.cadvisor.entrypoints: websecure 24 | traefik.http.services.cadvisor.loadbalancer.server.port: 8080 25 | homepage.group: Infrastructure 26 | homepage.name: Cadvisor 27 | homepage.icon: cadvisor 28 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 29 | homepage.description: Collecting statistics from docker containers 30 | 31 | networks: 32 | traefik: 33 | name: zone1 34 | external: true 35 | -------------------------------------------------------------------------------- /services/calibre/README.md: -------------------------------------------------------------------------------- 1 | ## setup 2 | 3 | This image sets up the calibre desktop app and makes its interface available via Guacamole server in the browser. The interface is available at http://your-ip:8082. 4 | 5 | By default, there is no password set for the main gui. Optional environment variable PASSWORD will allow setting a password for the user abc. 6 | 7 | Port 8081 is reserved for Calibre's built-in webserver, which can be enabled within the desktop app settings, and the internal port must be set to 8081 although it will then be available at the host mapped port for external access. 8 | 9 | You can access advanced features of the Guacamole remote desktop using ctrl+alt+shift enabling you to use remote copy/paste and different languages. 10 | 11 | start calibre`s own web client: 12 | goto: http://your-ip:8082 -> Connect/share -> start content server 13 | 14 | enable uploads via calibre-web: 15 | goto: admin -> edit basic configuration -> feature configuration -> enable uploads 16 | 17 | enable reading inside browser: 18 | goto: admin -> edit users -> edit user -> Allow eBook Viewer 19 | 20 | ## docker image 21 | 22 | https://hub.docker.com/r/linuxserver/calibre -------------------------------------------------------------------------------- /services/changedetection/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=changedetection -------------------------------------------------------------------------------- /services/checkmk/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=checkmk 3 | -------------------------------------------------------------------------------- /services/checkmk/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SimonHaas/homeserver/24d8a09a68913948cf97f5227a52d7d1fb5a5213/services/checkmk/.gitignore -------------------------------------------------------------------------------- /services/checkmk/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.7' 2 | 3 | services: 4 | checkmk: 5 | image: checkmk/check-mk-raw 6 | volumes: 7 | - /etc/localtime:/etc/localtime:ro 8 | - ./data:/omd/sites 9 | ports: 10 | - 8000:8000 11 | restart: unless-stopped 12 | security_opt: 13 | - no-new-privileges:true 14 | networks: 15 | - traefik 16 | labels: 17 | my.zone: zone1 18 | traefik.enable: true 19 | traefik.http.routers.checkmk.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 20 | traefik.http.routers.checkmk.entrypoints: websecure 21 | traefik.http.services.checkmk.loadbalancer.server.port: 5000 22 | homepage.group: Infrastructure 23 | homepage.name: checkmk 24 | homepage.icon: checkmk 25 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 26 | homepage.description: Infrastructure Monitoring 27 | 28 | networks: 29 | traefik: 30 | name: zone1 31 | external: true 32 | -------------------------------------------------------------------------------- /services/cloudflare-ddns/.gitignore: -------------------------------------------------------------------------------- 1 | config.json -------------------------------------------------------------------------------- /services/cloudflare-ddns/README.md: -------------------------------------------------------------------------------- 1 | # cloudflare-ddns 2 | 3 | https://hub.docker.com/r/timothyjmiller/cloudflare-ddns -------------------------------------------------------------------------------- /services/cloudflare-ddns/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.9' 2 | services: 3 | cloudflare-ddns: 4 | image: timothyjmiller/cloudflare-ddns:latest 5 | security_opt: 6 | - no-new-privileges:true 7 | network_mode: 'host' 8 | environment: 9 | PUID: 1000 10 | PGID: 1000 11 | volumes: 12 | - ./config.json:/config.json 13 | restart: unless-stopped 14 | -------------------------------------------------------------------------------- /services/cloudflared/.env.example: -------------------------------------------------------------------------------- 1 | CLOUDFLARE_TUNNEL_TOKEN=1234 2 | -------------------------------------------------------------------------------- /services/cloudflared/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | 3 | services: 4 | cloudflared: 5 | image: cloudflare/cloudflared:latest 6 | restart: 'unless-stopped' 7 | environment: 8 | - TUNNEL_TOKEN=${CLOUDFLARE_TUNNEL_TOKEN} 9 | networks: 10 | - traefik 11 | command: tunnel --no-autoupdate run 12 | 13 | networks: 14 | traefik: 15 | name: zone1 16 | external: true 17 | version: "3.6" 18 | 19 | services: 20 | cloudflared: 21 | image: cloudflare/cloudflared:latest 22 | restart: 'unless-stopped' 23 | environment: 24 | - TUNNEL_TOKEN=${CLOUDFLARE_TUNNEL_TOKEN} 25 | networks: 26 | - traefik 27 | command: tunnel --no-autoupdate run 28 | 29 | networks: 30 | traefik: 31 | name: zone1 32 | -------------------------------------------------------------------------------- /services/cloudflared/public-hostname-page.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SimonHaas/homeserver/24d8a09a68913948cf97f5227a52d7d1fb5a5213/services/cloudflared/public-hostname-page.png -------------------------------------------------------------------------------- /services/code-server/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=code-server 4 | 5 | PASSWORD= 6 | SUDO_PASSWORD= 7 | -------------------------------------------------------------------------------- /services/code-server/README.md: -------------------------------------------------------------------------------- 1 | # code-server 2 | 3 | https://coder.com/docs/code-server/latest 4 | https://github.com/coder/code-server 5 | https://hub.docker.com/r/linuxserver/code-server 6 | -------------------------------------------------------------------------------- /services/code-server/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3" 3 | services: 4 | code-server: 5 | image: lscr.io/linuxserver/code-server:latest 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | TZ: 10 | PASSWORD: 11 | SUDO_PASSWORD: 12 | PROXY_DOMAIN: ${SUB_DOMAIN}.${SERVER_DOMAIN} 13 | DEFAULT_WORKSPACE: /config/workspace 14 | volumes: 15 | - ./data/config:/config 16 | restart: unless-stopped 17 | security_opt: 18 | - no-new-privileges:true 19 | networks: 20 | - traefik 21 | labels: 22 | my.zone: zone1 23 | traefik.enable: true 24 | traefik.http.routers.code-server.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 25 | traefik.http.routers.code-server.entrypoints: websecure 26 | traefik.http.services.code-server.loadbalancer.server.port: 8443 27 | homepage.group: Infrastructure 28 | homepage.name: code-server 29 | homepage.icon: code-server 30 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 31 | homepage.description: vs code in the browser 32 | 33 | networks: 34 | traefik: 35 | name: zone1 36 | external: true 37 | -------------------------------------------------------------------------------- /services/collabora/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=collabora 4 | -------------------------------------------------------------------------------- /services/collabora/docker-compose.yml: -------------------------------------------------------------------------------- 1 | # docker run -t -d -p 127.0.0.1:9980:9980 -e "domain=ihre\\.domain\\.de" --name=COLLABORAOFFICE --restart always --cap-add MKNOD collabora/code 2 | 3 | version: "3.6" 4 | services: 5 | collabora: 6 | image: collabora/code 7 | restart: unless-stopped 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.collabora.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.collabora.entrypoints: websecure 17 | traefik.http.services.collabora.loadbalancer.server.port: 9980 18 | 19 | networks: 20 | traefik: 21 | name: zone1 22 | external: true 23 | -------------------------------------------------------------------------------- /services/commafeed/README.md: -------------------------------------------------------------------------------- 1 | # commafeed 2 | 3 | https://github.com/Athou/commafeed 4 | https://hub.docker.com/r/athou/commafeed 5 | -------------------------------------------------------------------------------- /services/coolify/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=coolify 3 | 4 | COOLIFY_APP_ID= 5 | COOLIFY_SECRET_KEY= 6 | COOLIFY_DATABASE_URL=file:../db/prod.db 7 | COOLIFY_IS_ON=docker 8 | COOLIFY_WHITE_LABELED=false 9 | COOLIFY_WHITE_LABELED_ICON= 10 | COOLIFY_AUTO_UPDATE=false -------------------------------------------------------------------------------- /services/coolify/README.md: -------------------------------------------------------------------------------- 1 | # coolify 2 | 3 | https://github.com/coollabsio/coolify 4 | https://coolify.io/ -------------------------------------------------------------------------------- /services/cryptgeon/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=cryptgeon 3 | -------------------------------------------------------------------------------- /services/cryptgeon/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.7' 2 | 3 | services: 4 | memcached: 5 | image: memcached:1-alpine 6 | entrypoint: memcached -m 128M -I 4M # Limit to 128 MB Ram, 4M per entry, customize at free will. 7 | restart: unless-stopped 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | app: 13 | image: cupcakearmy/cryptgeon:latest 14 | depends_on: 15 | - memcached 16 | environment: 17 | SIZE_LIMIT: 4M 18 | restart: unless-stopped 19 | security_opt: 20 | - no-new-privileges:true 21 | networks: 22 | - traefik 23 | labels: 24 | my.zone: zone1 25 | traefik.enable: true 26 | traefik.http.routers.cryptgeon.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 27 | traefik.http.routers.cryptgeon.entrypoints: websecure 28 | traefik.http.services.cryptgeon.loadbalancer.server.port: 5000 29 | 30 | networks: 31 | traefik: 32 | name: zone1 33 | external: true 34 | -------------------------------------------------------------------------------- /services/cryptofolio/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=cryptofolio -------------------------------------------------------------------------------- /services/cryptofolio/README.md: -------------------------------------------------------------------------------- 1 | # cryptofolio 2 | 3 | https://github.com/Xtrendence/Cryptofolio 4 | https://xtrendence.github.io/Cryptofolio/ 5 | 6 | ## login 7 | 8 | - user: admin 9 | - password: admin 10 | -------------------------------------------------------------------------------- /services/cryptofolio/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.7' 2 | services: 3 | cryptofolio: 4 | image: xtrendence/cryptofolio:latest 5 | volumes: 6 | - ./data:/var/www/html/api/data 7 | restart: unless-stopped 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.cryptofolio.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.cryptofolio.entrypoints: websecure 17 | traefik.http.services.cryptofolio.loadbalancer.server.port: 80 18 | homepage.group: Media 19 | homepage.name: cryptofolio 20 | homepage.icon: cryptofolio 21 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 22 | homepage.description: Crypto Currency Tracker 23 | 24 | networks: 25 | traefik: 26 | name: zone1 27 | external: true 28 | -------------------------------------------------------------------------------- /services/dash/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=dash 3 | HOMEPAGE_GROUP=Infrastructure 4 | HOMEPAGE_NAME=dash 5 | HOMEPAGE_ICON=dash 6 | HOMEPAGE_DESCRIPTION=a modern server dashboard 7 | 8 | # Add more from https://getdashdot.com/docs/config 9 | -------------------------------------------------------------------------------- /services/dash/README.md: -------------------------------------------------------------------------------- 1 | # dash 2 | 3 | https://getdashdot.com/ 4 | https://github.com/MauriceNino/dashdot 5 | -------------------------------------------------------------------------------- /services/dash/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.5' 2 | 3 | services: 4 | dash: 5 | image: mauricenino/dashdot:latest 6 | privileged: true 7 | env_file: 8 | - .env 9 | volumes: 10 | - /:/mnt/host:ro 11 | restart: unless-stopped 12 | security_opt: 13 | - no-new-privileges:true 14 | labels: 15 | my.zone: zone1 16 | traefik.enable: true 17 | traefik.http.routers.dash.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 18 | traefik.http.routers.dash.entrypoints: websecure 19 | traefik.http.services.dash.loadbalancer.server.port: 3001 20 | traefik.http.routers.dash.middlewares: authelia@docker 21 | homepage.group: ${HOMEPAGE_GROUP} 22 | homepage.name: ${HOMEPAGE_NAME} 23 | homepage.icon: ${HOMEPAGE_ICON} 24 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.description: ${HOMEPAGE_DESCRIPTION} 26 | 27 | networks: 28 | default: 29 | name: zone1 30 | external: true 31 | -------------------------------------------------------------------------------- /services/ddclient/README.md: -------------------------------------------------------------------------------- 1 | # ddclient 2 | 3 | https://hub.docker.com/r/linuxserver/ddclient -------------------------------------------------------------------------------- /services/ddclient/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "2.1" 3 | services: 4 | ddclient: 5 | image: lscr.io/linuxserver/ddclient:latest 6 | environment: 7 | - PUID=1000 8 | - PGID=1000 9 | - TZ=${TZ} 10 | volumes: 11 | - ./data:/config 12 | restart: unless-stopped -------------------------------------------------------------------------------- /services/diun/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=diun 4 | 5 | DIUN_NOTIF_GOTIFY_TOKEN=1234 -------------------------------------------------------------------------------- /services/diun/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | 3 | services: 4 | diun: 5 | image: crazymax/diun:latest 6 | command: serve 7 | volumes: 8 | - "./data:/data" 9 | - "/var/run/docker.sock:/var/run/docker.sock" 10 | environment: 11 | - TZ=${TZ} 12 | - "LOG_LEVEL=info" 13 | - "LOG_JSON=false" 14 | - "DIUN_WATCH_WORKERS=20" 15 | - "DIUN_WATCH_SCHEDULE=0 */6 * * *" 16 | - "DIUN_PROVIDERS_DOCKER=true" 17 | - "DIUN_PROVIDERS_DOCKER_WATCHBYDEFAULT=true" 18 | - DIUN_NOTIF_GOTIFY_ENDPOINT=https://${SUB_DOMAIN}.${SERVER_DOMAIN} 19 | - DIUN_NOTIF_GOTIFY_TOKEN=${DIUN_NOTIF_GOTIFY_TOKEN} 20 | restart: unless-stopped 21 | security_opt: 22 | - no-new-privileges:true -------------------------------------------------------------------------------- /services/documize/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=documize 4 | 5 | MYSQL_ROOT_PASSWORD=password 6 | MYSQL_PASSWORD=mysql 7 | MYSQL_DATABASE=documize 8 | MYSQL_USER=documize -------------------------------------------------------------------------------- /services/documize/src/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian:latest 2 | RUN apt-get update 3 | RUN apt-get install -y wget 4 | RUN wget https://community-downloads.s3.us-east-2.amazonaws.com/documize-community-linux-amd64 5 | RUN chmod 777 ./documize-community-linux-amd64 6 | ENTRYPOINT [ "./documize-community-linux-amd64" ] -------------------------------------------------------------------------------- /services/dolibarr/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=dolibarr 4 | 5 | DB_DATABASE=database 6 | DB_USER=user 7 | DB_PASSWORD=password 8 | DB_ROOT_PASSWORD=rootPassword -------------------------------------------------------------------------------- /services/dolibarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | dolibarr-mariadb: 4 | image: mariadb 5 | hostname: dolibarr-mariadb 6 | networks: 7 | - traefik 8 | volumes: 9 | - ./data/mariadb:/var/lib/mysql 10 | restart: always 11 | environment: 12 | - MYSQL_ROOT_PASSWORD=${DB_ROOT_PASSWORD} 13 | - MYSQL_PASSWORD=${DB_PASSWORD} 14 | - MYSQL_DATABASE=${DB_DATABASE} 15 | - MYSQL_USER=${DB_USER} 16 | 17 | dolibarr: 18 | image: monogramm/docker-dolibarr 19 | volumes: 20 | - ./data/html:/var/www/html 21 | - ./data/docs:/var/www/documents 22 | environment: 23 | - DOLI_AUTO_CONFIGURE='' 24 | restart: unless-stopped 25 | security_opt: 26 | - no-new-privileges:true 27 | networks: 28 | - traefik 29 | labels: 30 | my.zone: zone1 31 | traefik.enable: true 32 | traefik.http.routers.dolibarr.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 33 | traefik.http.routers.dolibarr.entrypoints: websecure 34 | traefik.http.services.dolibarr.loadbalancer.server.port: 80 35 | 36 | networks: 37 | traefik: 38 | name: zone1 39 | external: true 40 | -------------------------------------------------------------------------------- /services/dozzle/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=dozzle 4 | -------------------------------------------------------------------------------- /services/dozzle/README.md: -------------------------------------------------------------------------------- 1 | # dozzle 2 | 3 | https://dozzle.dev/ 4 | https://github.com/amir20/dozzle 5 | -------------------------------------------------------------------------------- /services/dozzle/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | dozzle: 4 | image: amir20/dozzle:latest 5 | volumes: 6 | - /var/run/docker.sock:/var/run/docker.sock 7 | restart: unless-stopped 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.dozzle.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.dozzle.entrypoints: websecure 17 | traefik.http.services.dozzle.loadbalancer.server.port: 8080 18 | traefik.http.routers.dozzle.middlewares: authelia@docker 19 | homepage.group: Infrastructure 20 | homepage.name: Dozzle 21 | homepage.icon: dozzle 22 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 23 | homepage.description: Container logs 24 | 25 | networks: 26 | traefik: 27 | name: zone1 28 | external: true 29 | -------------------------------------------------------------------------------- /services/drone/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=drone 4 | 5 | DRONE_RPC_SECRET=1234 6 | GOGS_DOMAIN=gogs.example.com 7 | -------------------------------------------------------------------------------- /services/duplicacy/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=duplicacy 4 | -------------------------------------------------------------------------------- /services/duplicacy/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.7" 2 | 3 | services: 4 | duplicacy: 5 | hostname: duplicacy 6 | image: cr.hotio.dev/hotio/duplicacy 7 | environment: 8 | - PUID=1000 9 | - PGID=1000 10 | - UMASK=002 11 | - TZ=${TZ} 12 | volumes: 13 | - ./data/config:/config 14 | - ./data/cache:/cache 15 | - ./data/logs:/logs 16 | restart: unless-stopped 17 | security_opt: 18 | - no-new-privileges:true 19 | networks: 20 | - traefik 21 | labels: 22 | my.zone: zone1 23 | traefik.enable: true 24 | traefik.http.routers.duplicacy.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 25 | traefik.http.routers.duplicacy.entrypoints: websecure 26 | traefik.http.services.duplicacy.loadbalancer.server.port: 3875 27 | 28 | networks: 29 | traefik: 30 | name: zone1 31 | external: true 32 | -------------------------------------------------------------------------------- /services/duplicati/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=duplicati 4 | -------------------------------------------------------------------------------- /services/duplicati/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2.1" 2 | services: 3 | duplicati: 4 | image: lscr.io/linuxserver/duplicati:latest 5 | environment: 6 | - PUID=1000 7 | - PGID=1000 8 | - TZ=Europe/London 9 | - CLI_ARGS= #optional 10 | volumes: 11 | - ./data/config:/config 12 | - ./data/backups:/backups 13 | - ./data/source:/source 14 | restart: unless-stopped 15 | security_opt: 16 | - no-new-privileges:true 17 | networks: 18 | - traefik 19 | labels: 20 | my.zone: zone1 21 | traefik.enable: true 22 | traefik.http.routers.duplicati.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 23 | traefik.http.routers.duplicati.entrypoints: websecure 24 | traefik.http.services.duplicati.loadbalancer.server.port: 8200 25 | 26 | networks: 27 | traefik: 28 | name: zone1 29 | external: true 30 | -------------------------------------------------------------------------------- /services/emulatorjs/config/profile/default/retroarch.cfg: -------------------------------------------------------------------------------- 1 | input_menu_toggle_gamepad_combo = 3 2 | system_directory = /home/web_user/retroarch/system/ 3 | -------------------------------------------------------------------------------- /services/emulatorjs/config/profile/profile.json: -------------------------------------------------------------------------------- 1 | {} 2 | -------------------------------------------------------------------------------- /services/emulatorjs/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2.1" 2 | services: 3 | emulatorjs: 4 | image: lscr.io/linuxserver/emulatorjs:latest 5 | environment: 6 | - PUID=1000 7 | - PGID=1000 8 | - TZ=${TZ} 9 | volumes: 10 | - ./config:/config 11 | - ./data:/data 12 | ports: 13 | - 3000:3000 14 | - 3008:80 15 | restart: unless-stopped 16 | security_opt: 17 | - no-new-privileges:true 18 | networks: 19 | - traefik 20 | labels: 21 | my.zone: zone1 22 | traefik.enable: true 23 | traefik.http.routers.emulatorjs-admin.rule: Host(`${SUB_DOMAIN_ADMIN}.${SERVER_DOMAIN}`) 24 | traefik.http.routers.emulatorjs-admin.entrypoints: websecure 25 | traefik.http.services.emulatorjs-admin.loadbalancer.server.port: 3000 26 | 27 | traefik.http.routers.emulatorjs.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 28 | traefik.http.routers.emulatorjs.entrypoints: websecure 29 | traefik.http.services.emulatorjs.loadbalancer.server.port: 80 30 | 31 | networks: 32 | traefik: 33 | name: zone1 34 | external: true 35 | -------------------------------------------------------------------------------- /services/erpnext/README.md: -------------------------------------------------------------------------------- 1 | # erpnext 2 | 3 | https://erpnext.com/ 4 | https://github.com/frappe/erpnext 5 | https://github.com/frappe/frappe_docker/blob/main/pwd.yml 6 | 7 | ## login: 8 | username: Administrator 9 | password: admin -------------------------------------------------------------------------------- /services/fileflows/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=fileflows 4 | HOMEPAGE_GROUP=Infrastructure 5 | HOMEPAGE_NAME=fileflows 6 | HOMEPAGE_ICON=fileflows 7 | HOMEPAGE_DESCRIPTION=FileFlows is a file processing application that can execute actions against a file in a tree flow structure. 8 | 9 | TempPathHost=/path/to/tmp 10 | -------------------------------------------------------------------------------- /services/fileflows/README.md: -------------------------------------------------------------------------------- 1 | # fileflows 2 | 3 | https://github.com/revenz/FileFlows 4 | https://fileflows.com/ 5 | -------------------------------------------------------------------------------- /services/fileflows/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.7' 2 | services: 3 | fileflows: 4 | image: revenz/fileflows 5 | environment: 6 | TZ: 7 | TempPathHost: 8 | volumes: 9 | - /var/run/docker.sock:/var/run/docker.sock:ro 10 | - ./data/data:/app/Data 11 | - ./data/logs:/app/Logs 12 | - ./data/temp:/temp 13 | - ./data/media:/media 14 | restart: unless-stopped 15 | security_opt: 16 | - no-new-privileges:true 17 | labels: 18 | my.zone: zone1 19 | traefik.enable: true 20 | traefik.http.routers.fileflows.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 21 | traefik.http.routers.fileflows.entrypoints: websecure 22 | traefik.http.services.fileflows.loadbalancer.server.port: 5000 23 | homepage.group: ${HOMEPAGE_GROUP} 24 | homepage.name: ${HOMEPAGE_NAME} 25 | homepage.icon: ${HOMEPAGE_ICON} 26 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 27 | homepage.description: ${HOMEPAGE_DESCRIPTION} 28 | 29 | networks: 30 | default: 31 | name: zone1 32 | external: true 33 | -------------------------------------------------------------------------------- /services/filestash/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=filestash -------------------------------------------------------------------------------- /services/filestash/README.md: -------------------------------------------------------------------------------- 1 | # filestash 2 | 3 | https://www.filestash.app/ -------------------------------------------------------------------------------- /services/filestash/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2" 2 | services: 3 | app: 4 | image: machines/filestash 5 | environment: 6 | - APPLICATION_URL=https://${SUB_DOMAIN}.${SERVER_DOMAIN} 7 | # - GDRIVE_CLIENT_ID= 8 | # - GDRIVE_CLIENT_SECRET= 9 | # - DROPBOX_CLIENT_ID= 10 | - ONLYOFFICE_URL=http://onlyoffice 11 | restart: unless-stopped 12 | security_opt: 13 | - no-new-privileges:true 14 | networks: 15 | - traefik 16 | labels: 17 | my.zone: zone1 18 | traefik.enable: true 19 | traefik.http.routers.filestash.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 20 | traefik.http.routers.filestash.entrypoints: websecure 21 | traefik.http.services.filestash.loadbalancer.server.port: 8334 22 | homepage.group: Infrastructure 23 | homepage.name: filestash 24 | homepage.icon: filestash 25 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 26 | homepage.description: unified interface for cloud storage 27 | 28 | onlyoffice: 29 | image: onlyoffice/documentserver 30 | restart: always 31 | security_opt: 32 | - seccomp:unconfined 33 | networks: 34 | - traefik 35 | 36 | networks: 37 | traefik: 38 | name: zone1 39 | external: true 40 | -------------------------------------------------------------------------------- /services/fireshare/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | 3 | ADMIN_USERNAME=admin 4 | ADMIN_PASSWORD=admin 5 | SECRET_KEY=topsecret -------------------------------------------------------------------------------- /services/fireshare/README.md: -------------------------------------------------------------------------------- 1 | # Fireshare 2 | 3 | https://github.com/ShaneIsrael/fireshare -------------------------------------------------------------------------------- /services/fireshare/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | fireshare: 4 | image: shaneisrael/fireshare:latest 5 | volumes: 6 | - ./data/data:/data 7 | - ./data/processed:/processed 8 | - ./data/videos:/videos 9 | environment: 10 | - ADMIN_USERNAME=${ADMIN_USERNAME} 11 | - ADMIN_PASSWORD=${ADMIN_PASSWORD} 12 | - SECRET_KEY=${SECRET_KEY} 13 | - MINUTES_BETWEEN_VIDEO_SCANS=5 14 | - PUID=1000 15 | - PGID=1000 16 | security_opt: 17 | - no-new-privileges:true 18 | networks: 19 | - traefik 20 | labels: 21 | my.zone: zone1 22 | traefik.enable: true 23 | traefik.http.routers.fireshare.rule: Host(`fireshare.${SERVER_DOMAIN}`) 24 | traefik.http.routers.fireshare.entrypoints: websecure 25 | traefik.http.services.fireshare.loadbalancer.server.port: 80 26 | 27 | networks: 28 | traefik: 29 | name: zone1 30 | external: true 31 | -------------------------------------------------------------------------------- /services/fittrackee/README.md: -------------------------------------------------------------------------------- 1 | # FitTrackee 2 | https://github.com/SamR1/FitTrackee 3 | https://samr1.github.io/FitTrackee/ 4 | 5 | cp ./docker-fittrackee/.env.example ./docker-fittrackee/.env 6 | set FITTRACKEE_LOG_DIR=/logs 7 | docker compose up -d 8 | docker compose exec fittrackee scripts/migrate.sh 9 | docker compose restart fittrackee 10 | register new account 11 | docker-compose exec fittrackee scripts/set-admin.sh $(USERNAME) -------------------------------------------------------------------------------- /services/flaresolverr/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | -------------------------------------------------------------------------------- /services/flaresolverr/README.md: -------------------------------------------------------------------------------- 1 | # flaresolverr 2 | 3 | https://github.com/FlareSolverr/FlareSolverr 4 | -------------------------------------------------------------------------------- /services/flaresolverr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | flaresolverr: 5 | image: ghcr.io/flaresolverr/flaresolverr:latest 6 | environment: 7 | LOG_LEVEL: ${LOG_LEVEL:-info} 8 | LOG_HTML: ${LOG_HTML:-false} 9 | CAPTCHA_SOLVER: ${CAPTCHA_SOLVER:-none} 10 | TZ: 11 | restart: always 12 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 13 | security_opt: 14 | - no-new-privileges:true 15 | # curl -L -X POST 'http://192.168.1.2:8191/v1' -H 'Content-Type: application/json' --data-raw '{"cmd": "request.get","url":"http://www.google.com/","maxTimeout": 60000}' 16 | -------------------------------------------------------------------------------- /services/flood/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=flood 4 | HOMEPAGE_GROUP=Arr 5 | HOMEPAGE_NAME=flood 6 | HOMEPAGE_ICON=flood 7 | HOMEPAGE_DESCRIPTION=A beautiful web UI for various torrent clients. 8 | -------------------------------------------------------------------------------- /services/flood/README.md: -------------------------------------------------------------------------------- 1 | # flood 2 | 3 | https://flood.js.org/ 4 | https://github.com/jesec/flood 5 | https://hotio.dev/containers/rflood/ 6 | -------------------------------------------------------------------------------- /services/flood/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | flood: 5 | image: ghcr.io/hotio/rflood 6 | restart: always 7 | environment: 8 | PUID: 1000 9 | PGID: 1000 10 | UMASK: 002 11 | TZ: 12 | FLOOD_AUTH: true 13 | volumes: 14 | - ./data/config:/config 15 | - ./data/data:/data 16 | labels: 17 | my.zone: zone1 18 | traefik.enable: true 19 | traefik.http.routers.flood.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 20 | traefik.http.routers.flood.entrypoints: websecure 21 | traefik.http.routers.flood.service: flood 22 | traefik.http.services.flood.loadbalancer.server.port: 3000 23 | homepage.group: ${HOMEPAGE_GROUP} 24 | homepage.name: ${HOMEPAGE_NAME} 25 | homepage.icon: ${HOMEPAGE_ICON} 26 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 27 | homepage.description: ${HOMEPAGE_DESCRIPTION} 28 | 29 | networks: 30 | default: 31 | name: zone1 32 | external: true 33 | -------------------------------------------------------------------------------- /services/frigate/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=frigate 3 | -------------------------------------------------------------------------------- /services/frigate/.gitignore: -------------------------------------------------------------------------------- 1 | config.yml 2 | -------------------------------------------------------------------------------- /services/ghost/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=ghost 4 | MYSQL_ROOT_PASSWORD=example -------------------------------------------------------------------------------- /services/ghost/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | db: 4 | image: mysql 5 | restart: always 6 | environment: 7 | MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} 8 | volumes: 9 | - ./data/db:/var/lib/mysql 10 | networks: 11 | - traefik 12 | 13 | ghost: 14 | image: ghost 15 | restart: always 16 | environment: 17 | # see https://ghost.org/docs/config/#configuration-options 18 | database__client: mysql 19 | database__connection__host: db 20 | database__connection__user: root 21 | database__connection__password: example 22 | database__connection__database: ghost 23 | url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 24 | security_opt: 25 | - no-new-privileges:true 26 | networks: 27 | - traefik 28 | labels: 29 | my.zone: zone1 30 | traefik.enable: true 31 | traefik.http.routers.ghost.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 32 | traefik.http.routers.ghost.entrypoints: websecure 33 | 34 | networks: 35 | traefik: 36 | name: zone1 37 | external: true 38 | -------------------------------------------------------------------------------- /services/ghostfolio/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=ghostfolio 3 | SERVICE_PORT=3333 4 | HOMEPAGE_GROUP=Media 5 | HOMEPAGE_NAME=ghostfolio 6 | HOMEPAGE_ICON=ghostfolio 7 | HOMEPAGE_DESCRIPTION=Wealth Management 8 | 9 | # https://gethomepage.dev/v0.7.4/widgets/services/ghostfolio/ 10 | API_KEY=key 11 | 12 | ACCESS_TOKEN_SALT=test 13 | JWT_SECRET_KEY=test 14 | 15 | POSTGRES_USER=root 16 | POSTGRES_PASSWORD=root 17 | POSTGRES_DB=ghostfolio 18 | 19 | REDIS_HOST=localhost 20 | REDIS_PORT=6379 21 | REDIS_PASSWORD=root 22 | -------------------------------------------------------------------------------- /services/ghostfolio/README.md: -------------------------------------------------------------------------------- 1 | # ghostfolio 2 | 3 | https://github.com/ghostfolio/ghostfolio 4 | https://ghostfol.io 5 | https://hub.docker.com/r/ghostfolio/ghostfolio 6 | -------------------------------------------------------------------------------- /services/gitlab/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=gitlab 3 | REGISTRY_SUB_DOMAIN=gitlab-registry 4 | PAGES_SUB_DOMAIN=gitlab-pages 5 | IP_RESTRICTION=0.0.0.0: 6 | -------------------------------------------------------------------------------- /services/gitlab/README.md: -------------------------------------------------------------------------------- 1 | # gitlab 2 | 3 | [https://about.gitlab.com/](https://about.gitlab.com/) 4 | 5 | ## setup 6 | 7 | docker exec -it gitlab gitlab-rake "gitlab:password:reset[root]" 8 | mkdir -p ./data/config && cp gitlab.example.rb "$_"/gitlab.rb 9 | -------------------------------------------------------------------------------- /services/gluetun/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | 3 | # See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup 4 | VPN_SERVICE_PROVIDER=nordvpn 5 | VPN_TYPE=wireguard 6 | # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list 7 | UPDATER_PERIOD=24h 8 | 9 | ### NORDVPN 10 | USER= 11 | PASS= 12 | 13 | # docker run --rm --cap-add=NET_ADMIN --env-file=.env bubuntux/nordvpn:get_private_key 14 | WIREGUARD_PRIVATE_KEY= 15 | SERVER_COUNTRIES=Netherlands 16 | ###\NORDVPN 17 | 18 | EXTRA_SUBNETS=192.168.1.0/24 19 | DOT=off 20 | HEALTH_SERVER_ADDRESS=0.0.0.0:9999 21 | 22 | SERVER_DOMAIN=example.com 23 | SUB_DOMAIN_HEALTHCHECKER=gluetun-healthchecker 24 | SUB_DOMAIN_VPNCHECKER=vpnchecker-vpn 25 | SUB_DOMAIN_QBITTORRENT=qbittorrent 26 | SUB_DOMAIN_TRANSMISSION=transmission 27 | SUB_DOMAIN_LIDARR=lidarr 28 | SUB_DOMAIN_SONARR=sonarr 29 | SUB_DOMAIN_RADARR=radarr 30 | SUB_DOMAIN_JELLYSEERR=jellyseerr 31 | SUB_DOMAIN_HEADPHONES=headphones 32 | SUB_DOMAIN_WHISPARR=whisparr 33 | SUB_DOMAIN_MYLAR=mylar 34 | SUB_DOMAIN_LAZYLIBRARIAN=lazylibrarian 35 | SUB_DOMAIN_BEVY=bevy 36 | SUB_DOMAIN_JACKETT=jackett 37 | SUB_DOMAIN_READARR=readarr 38 | SUB_DOMAIN_PROWLARR=prowlarr 39 | SUB_DOMAIN_BAZARR=bazarr 40 | SUB_SABNZBD_DOMAIN=sabnzbd 41 | -------------------------------------------------------------------------------- /services/gluetun/README.md: -------------------------------------------------------------------------------- 1 | # gluetun 2 | 3 | https://github.com/qdm12/gluetun 4 | -------------------------------------------------------------------------------- /services/go-socks5-proxy/.env.example: -------------------------------------------------------------------------------- 1 | PROXY_USER=test 2 | PROXY_PASSWORD=secret 3 | -------------------------------------------------------------------------------- /services/go-socks5-proxy/README.md: -------------------------------------------------------------------------------- 1 | # go-socks5-proxy 2 | 3 | https://hub.docker.com/r/serjs/go-socks5-proxy/ 4 | -------------------------------------------------------------------------------- /services/go-socks5-proxy/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | 3 | services: 4 | php: 5 | image: serjs/go-socks5-proxy 6 | restart: unless-stopped 7 | security_opt: 8 | - no-new-privileges:true 9 | ports: 10 | - 1080:1080 11 | environment: 12 | PROXY_USER: 13 | PROXY_PASSWORD: 14 | -------------------------------------------------------------------------------- /services/gogs/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=gogs -------------------------------------------------------------------------------- /services/gogs/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | gogs: 4 | restart: always 5 | image: gogs/gogs:0.12.10 6 | ports: 7 | - "10022:22" 8 | environment: 9 | - PUID=1000 10 | - PGID=1000 11 | volumes: 12 | - ./data:/data 13 | security_opt: 14 | - no-new-privileges:true 15 | networks: 16 | - traefik 17 | labels: 18 | my.zone: zone1 19 | traefik.enable: true 20 | traefik.http.routers.gogs.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 21 | traefik.http.routers.gogs.entrypoints: websecure 22 | traefik.http.services.gogs.loadbalancer.server.port: 3000 23 | homepage.group: Media 24 | homepage.name: Gogs 25 | homepage.icon: gogs 26 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 27 | homepage.description: Git server 28 | 29 | networks: 30 | traefik: 31 | name: zone1 32 | external: true 33 | -------------------------------------------------------------------------------- /services/gotify/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=gotify -------------------------------------------------------------------------------- /services/gotify/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | gotify: 4 | image: gotify/server 5 | volumes: 6 | - ./data:/app/data 7 | environment: 8 | - GOTIFY_SERVER_SSL_LETSENCRYPT_HOSTS=- ${SUB_DOMAIN}.${SERVER_DOMAIN} 9 | restart: unless-stopped 10 | security_opt: 11 | - no-new-privileges:true 12 | networks: 13 | - traefik 14 | labels: 15 | my.zone: zone1 16 | traefik.enable: true 17 | traefik.http.routers.gotify.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 18 | traefik.http.routers.gotify.entrypoints: websecure 19 | traefik.http.services.gotify.loadbalancer.server.port: 80 20 | 21 | networks: 22 | traefik: 23 | name: zone1 24 | external: true 25 | -------------------------------------------------------------------------------- /services/grafana/.gitignore: -------------------------------------------------------------------------------- 1 | grafana.ini -------------------------------------------------------------------------------- /services/grafana/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | grafana: 4 | image: grafana/grafana 5 | volumes: 6 | - ./data:/var/lib/grafana 7 | - ./grafana.ini:/etc/grafana/grafana.ini 8 | user: "1000" 9 | restart: unless-stopped 10 | security_opt: 11 | - no-new-privileges:true 12 | networks: 13 | - traefik 14 | labels: 15 | my.zone: zone1 16 | traefik.enable: true 17 | traefik.http.routers.grafana.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 18 | traefik.http.routers.grafana.entrypoints: websecure 19 | traefik.http.services.grafana.loadbalancer.server.port: 3000 20 | homepage.group: Infrastructure 21 | homepage.name: Grafana 22 | homepage.icon: grafana 23 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 24 | homepage.description: Beautiful dashboards 25 | 26 | networks: 27 | traefik: 28 | name: zone1 29 | external: true 30 | -------------------------------------------------------------------------------- /services/grist/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=grist -------------------------------------------------------------------------------- /services/grist/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | grist: 4 | image: gristlabs/grist 5 | volumes: 6 | - ./data:/persist 7 | environment: 8 | APP_HOME_URL: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 9 | restart: unless-stopped 10 | security_opt: 11 | - no-new-privileges:true 12 | networks: 13 | - traefik 14 | labels: 15 | my.zone: zone1 16 | traefik.enable: true 17 | traefik.http.routers.grist.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 18 | traefik.http.routers.grist.entrypoints: websecure 19 | traefik.http.services.grist.loadbalancer.server.port: 8484 20 | 21 | networks: 22 | traefik: 23 | name: zone1 24 | external: true 25 | -------------------------------------------------------------------------------- /services/grocy/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=grocy -------------------------------------------------------------------------------- /services/grocy/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | grocy: 4 | image: ghcr.io/linuxserver/grocy 5 | environment: 6 | - PUID=1000 7 | - PGID=1000 8 | - TZ=${TZ} 9 | volumes: 10 | - ./data/config:/config 11 | restart: unless-stopped 12 | security_opt: 13 | - no-new-privileges:true 14 | networks: 15 | - traefik 16 | labels: 17 | my.zone: zone1 18 | traefik.enable: true 19 | traefik.http.routers.grocy.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 20 | traefik.http.routers.grocy.entrypoints: websecure 21 | traefik.http.services.grocy.loadbalancer.server.port: 80 22 | 23 | networks: 24 | traefik: 25 | name: zone1 26 | external: true 27 | -------------------------------------------------------------------------------- /services/guacamole/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=guacamole -------------------------------------------------------------------------------- /services/guacamole/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | guacamole: 4 | image: oznu/guacamole 5 | volumes: 6 | - ./data/config:/config 7 | restart: always 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.guacamole.rule: Host(`guacamole.${SERVER_DOMAIN}`) 16 | traefik.http.routers.guacamole.entrypoints: websecure 17 | traefik.http.services.guacamole.loadbalancer.server.port: 8080 # guacadmin/guacadmin 18 | homepage.group: Infrastructure 19 | homepage.name: Guacamole 20 | homepage.icon: guacamole 21 | homepage.href: https://guacamole.${SERVER_DOMAIN} 22 | homepage.description: Remote Desktop Client 23 | 24 | networks: 25 | traefik: 26 | name: zone1 27 | external: true 28 | -------------------------------------------------------------------------------- /services/hammond/README.md: -------------------------------------------------------------------------------- 1 | # hammond 2 | 3 | https://github.com/akhilrex/hammond 4 | 5 | ## setup 6 | https://${SUB_DOMAIN}.${SERVER_DOMAIN}/initialize -------------------------------------------------------------------------------- /services/hammond/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2.1" 2 | services: 3 | hammond: 4 | image: akhilrex/hammond 5 | environment: 6 | - JWT_SECRET=${JWT_SECRET} 7 | volumes: 8 | - ./data/config:/config 9 | - ./data/assets:/assets 10 | restart: unless-stopped 11 | security_opt: 12 | - no-new-privileges:true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.hammond.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.hammond.entrypoints: websecure 20 | traefik.http.services.hammond.loadbalancer.server.port: 3000 21 | homepage.group: Media 22 | homepage.name: Hammond 23 | homepage.icon: hammond 24 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.description: vehicle and expense management system 26 | 27 | networks: 28 | traefik: 29 | name: zone1 30 | external: true 31 | -------------------------------------------------------------------------------- /services/headphones/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=headphones 4 | -------------------------------------------------------------------------------- /services/headphones/README.md: -------------------------------------------------------------------------------- 1 | # headphones 2 | 3 | https://github.com/rembo10/headphones 4 | https://docs.linuxserver.io/images/docker-headphones 5 | -------------------------------------------------------------------------------- /services/headphones/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | headphones: 5 | image: lscr.io/linuxserver/headphones:latest 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | TZ: 10 | volumes: 11 | - ./data/config/headphones:/config 12 | - ./data/config:/data 13 | restart: always 14 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 15 | labels: 16 | homepage.group: Arr 17 | homepage.name: Headphones 18 | homepage.icon: headphones 19 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 20 | -------------------------------------------------------------------------------- /services/healthchecks/.env.example: -------------------------------------------------------------------------------- 1 | SUB_DOMAIN=healthchecks 2 | SERVER_DOMAIN=example.com 3 | 4 | SITE_NAME="my healthchecks" 5 | DEFAULT_FROM_EMAIL=test@example.com 6 | EMAIL_HOST=smtp.example.com 7 | EMAIL_PORT=465 8 | EMAIL_HOST_USER=test@example.com 9 | EMAIL_HOST_PASSWORD=secret-email-password 10 | EMAIL_USE_TLS=True 11 | SUPERUSER_EMAIL=email-for-webinterface-login 12 | SUPERUSER_PASSWORD=password 13 | 14 | REGENERATE_SETTINGS=True 15 | SITE_LOGO_URL=https://github.com/walkxcode/dashboard-icons/blob/main/png/healthchecks.png 16 | APPRISE_ENABLED=False 17 | -------------------------------------------------------------------------------- /services/healthchecks/README.md: -------------------------------------------------------------------------------- 1 | # Healthchecks 2 | 3 | https://github.com/healthchecks/healthchecks 4 | https://healthchecks.io/ 5 | https://hub.docker.com/r/linuxserver/healthchecks -------------------------------------------------------------------------------- /services/heimdall/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=guacamole -------------------------------------------------------------------------------- /services/heimdall/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | heimdall: 4 | image: lscr.io/linuxserver/heimdall 5 | environment: 6 | - PUID=1000 7 | - PGID=1000 8 | - TZ=${TZ} 9 | volumes: 10 | - ./data/config:/config 11 | restart: unless-stopped 12 | security_opt: 13 | - no-new-privileges:true 14 | networks: 15 | - traefik 16 | labels: 17 | my.zone: zone1 18 | traefik.enable: true 19 | traefik.http.routers.heimdall.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 20 | traefik.http.routers.heimdall.entrypoints: websecure 21 | traefik.http.services.heimdall.loadbalancer.server.port: 80 22 | 23 | networks: 24 | traefik: 25 | name: zone1 26 | external: true 27 | -------------------------------------------------------------------------------- /services/hledger/docker-compose.yml: -------------------------------------------------------------------------------- 1 | # docker run --rm -d -e HLEDGER_JOURNAL_FILE=/data/all.journal -v "$HOME/journals:/data" -p 5000:5000 --user $(id --user) dastapov/hledger 2 | 3 | version: "3.6" 4 | services: 5 | hledger: 6 | image: dastapov/hledger 7 | user: "1000" 8 | environment: 9 | - HLEDGER_JOURNAL_FILE=/data/all.journal 10 | - HLEDGER_BASE_URL=https://hledger.${SERVER_DOMAIN}/ 11 | volumes: 12 | - ./data:/data 13 | restart: unless-stopped 14 | security_opt: 15 | - no-new-privileges:true 16 | networks: 17 | - traefik 18 | labels: 19 | my.zone: zone1 20 | traefik.enable: true 21 | traefik.http.routers.hledger.rule: Host(`hledger.${SERVER_DOMAIN}`) 22 | traefik.http.routers.hledger.entrypoints: websecure 23 | traefik.http.routers.hledger.middlewares: authelia@docker 24 | traefik.http.services.hledger.loadbalancer.server.port: 5000 25 | 26 | networks: 27 | traefik: 28 | name: zone1 29 | external: true 30 | -------------------------------------------------------------------------------- /services/homarr/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=homarr 4 | HOMEPAGE_GROUP=Media 5 | HOMEPAGE_NAME=homarr 6 | HOMEPAGE_ICON=homarr 7 | HOMEPAGE_DESCRIPTION=A simple, yet powerful dashboard for your server. 8 | 9 | PASSWORD=password 10 | -------------------------------------------------------------------------------- /services/homarr/README.md: -------------------------------------------------------------------------------- 1 | # homarr 2 | 3 | https://homarr.dev/ 4 | https://github.com/ajnart/homarr 5 | -------------------------------------------------------------------------------- /services/homarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | homarr: 5 | image: ghcr.io/ajnart/homarr:latest 6 | environment: 7 | BASE_URL: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 8 | PASSWORD: 9 | TZ: 10 | volumes: 11 | - ./data/configs:/app/data/configs 12 | - ./data/icons:/app/public/icons 13 | restart: unless-stopped 14 | security_opt: 15 | - no-new-privileges:true 16 | labels: 17 | my.zone: zone1 18 | traefik.enable: true 19 | traefik.http.routers.funnyservice.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 20 | traefik.http.routers.funnyservice.entrypoints: websecure 21 | traefik.http.services.funnyservice.loadbalancer.server.port: 7575 22 | homepage.group: ${HOMEPAGE_GROUP} 23 | homepage.name: ${HOMEPAGE_NAME} 24 | homepage.icon: ${HOMEPAGE_ICON} 25 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 26 | homepage.description: ${HOMEPAGE_DESCRIPTION} 27 | 28 | networks: 29 | default: 30 | name: zone1 31 | external: true 32 | -------------------------------------------------------------------------------- /services/homeassistant/README.md: -------------------------------------------------------------------------------- 1 | # home assistant 2 | 3 | https://www.home-assistant.io/ 4 | https://github.com/home-assistant/core -------------------------------------------------------------------------------- /services/homeassistant/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | services: 3 | homeassistant: 4 | image: "ghcr.io/home-assistant/home-assistant:stable" 5 | volumes: 6 | - ./data:/config 7 | - /etc/localtime:/etc/localtime:ro 8 | restart: unless-stopped 9 | privileged: true 10 | network_mode: host -------------------------------------------------------------------------------- /services/homepage/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=homepage -------------------------------------------------------------------------------- /services/homepage/.gitignore: -------------------------------------------------------------------------------- 1 | config/* -------------------------------------------------------------------------------- /services/homepage/README.md: -------------------------------------------------------------------------------- 1 | # Homepage 2 | 3 | https://github.com/gethomepage/homepage 4 | https://gethomepage.dev 5 | -------------------------------------------------------------------------------- /services/homepage/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.3" 2 | services: 3 | homepage: 4 | image: ghcr.io/gethomepage/homepage:latest 5 | user: 1000:1000 # Optional, change to your user and group IDs for permissions 6 | volumes: 7 | - ./config:/app/config # Make sure your local config directory exists before first start 8 | environment: 9 | - DOCKER_HOST=dockerproxy 10 | restart: unless-stopped 11 | security_opt: 12 | - no-new-privileges:true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.homepage.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.homepage.entrypoints: websecure 20 | traefik.http.services.homepage.loadbalancer.server.port: 3000 21 | traefik.http.routers.homepage.middlewares: authelia@docker 22 | 23 | dockerproxy: 24 | image: ghcr.io/tecnativa/docker-socket-proxy:latest 25 | volumes: 26 | - /var/run/docker.sock:/var/run/docker.sock:ro 27 | environment: 28 | - CONTAINERS=1 29 | - POST=0 30 | - IMAGES=1 31 | networks: 32 | - traefik 33 | restart: unless-stopped 34 | 35 | networks: 36 | traefik: 37 | name: zone1 38 | external: true 39 | -------------------------------------------------------------------------------- /services/immich/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=immich 3 | 4 | # You can find documentation for all the supported env variables at https://immich.app/docs/install/environment-variables 5 | 6 | # The Immich version to use. You can pin this to a specific version like "v1.71.0" 7 | IMMICH_VERSION=release 8 | 9 | # Connection secrets for postgres and typesense. You should change these to random passwords 10 | TYPESENSE_API_KEY=some-random-text 11 | DB_PASSWORD=postgres 12 | 13 | # The values below this line do not need to be changed 14 | ################################################################################### 15 | DB_HOSTNAME=database 16 | DB_USERNAME=postgres 17 | DB_DATABASE_NAME=immich 18 | 19 | REDIS_HOSTNAME=redis 20 | -------------------------------------------------------------------------------- /services/immich/README.md: -------------------------------------------------------------------------------- 1 | # immich 2 | 3 | https://immich.app/ 4 | https://github.com/immich-app/immich 5 | -------------------------------------------------------------------------------- /services/invidious/README.md: -------------------------------------------------------------------------------- 1 | # invidious 2 | 3 | https://invidious.io/ 4 | https://github.com/iv-org/invidious 5 | -------------------------------------------------------------------------------- /services/invidious/config/sql/annotations.sql: -------------------------------------------------------------------------------- 1 | -- Table: public.annotations 2 | 3 | -- DROP TABLE public.annotations; 4 | 5 | CREATE TABLE IF NOT EXISTS public.annotations 6 | ( 7 | id text NOT NULL, 8 | annotations xml, 9 | CONSTRAINT annotations_id_key UNIQUE (id) 10 | ); 11 | 12 | GRANT ALL ON TABLE public.annotations TO current_user; 13 | -------------------------------------------------------------------------------- /services/invidious/config/sql/channel_videos.sql: -------------------------------------------------------------------------------- 1 | -- Table: public.channel_videos 2 | 3 | -- DROP TABLE public.channel_videos; 4 | 5 | CREATE TABLE IF NOT EXISTS public.channel_videos 6 | ( 7 | id text NOT NULL, 8 | title text, 9 | published timestamp with time zone, 10 | updated timestamp with time zone, 11 | ucid text, 12 | author text, 13 | length_seconds integer, 14 | live_now boolean, 15 | premiere_timestamp timestamp with time zone, 16 | views bigint, 17 | CONSTRAINT channel_videos_id_key UNIQUE (id) 18 | ); 19 | 20 | GRANT ALL ON TABLE public.channel_videos TO current_user; 21 | 22 | -- Index: public.channel_videos_ucid_idx 23 | 24 | -- DROP INDEX public.channel_videos_ucid_idx; 25 | 26 | CREATE INDEX IF NOT EXISTS channel_videos_ucid_idx 27 | ON public.channel_videos 28 | USING btree 29 | (ucid COLLATE pg_catalog."default"); 30 | 31 | -------------------------------------------------------------------------------- /services/invidious/config/sql/channels.sql: -------------------------------------------------------------------------------- 1 | -- Table: public.channels 2 | 3 | -- DROP TABLE public.channels; 4 | 5 | CREATE TABLE IF NOT EXISTS public.channels 6 | ( 7 | id text NOT NULL, 8 | author text, 9 | updated timestamp with time zone, 10 | deleted boolean, 11 | subscribed timestamp with time zone, 12 | CONSTRAINT channels_id_key UNIQUE (id) 13 | ); 14 | 15 | GRANT ALL ON TABLE public.channels TO current_user; 16 | 17 | -- Index: public.channels_id_idx 18 | 19 | -- DROP INDEX public.channels_id_idx; 20 | 21 | CREATE INDEX IF NOT EXISTS channels_id_idx 22 | ON public.channels 23 | USING btree 24 | (id COLLATE pg_catalog."default"); 25 | 26 | -------------------------------------------------------------------------------- /services/invidious/config/sql/nonces.sql: -------------------------------------------------------------------------------- 1 | -- Table: public.nonces 2 | 3 | -- DROP TABLE public.nonces; 4 | 5 | CREATE TABLE IF NOT EXISTS public.nonces 6 | ( 7 | nonce text, 8 | expire timestamp with time zone, 9 | CONSTRAINT nonces_id_key UNIQUE (nonce) 10 | ); 11 | 12 | GRANT ALL ON TABLE public.nonces TO current_user; 13 | 14 | -- Index: public.nonces_nonce_idx 15 | 16 | -- DROP INDEX public.nonces_nonce_idx; 17 | 18 | CREATE INDEX IF NOT EXISTS nonces_nonce_idx 19 | ON public.nonces 20 | USING btree 21 | (nonce COLLATE pg_catalog."default"); 22 | 23 | -------------------------------------------------------------------------------- /services/invidious/config/sql/playlist_videos.sql: -------------------------------------------------------------------------------- 1 | -- Table: public.playlist_videos 2 | 3 | -- DROP TABLE public.playlist_videos; 4 | 5 | CREATE TABLE IF NOT EXISTS public.playlist_videos 6 | ( 7 | title text, 8 | id text, 9 | author text, 10 | ucid text, 11 | length_seconds integer, 12 | published timestamptz, 13 | plid text references playlists(id), 14 | index int8, 15 | live_now boolean, 16 | PRIMARY KEY (index,plid) 17 | ); 18 | 19 | GRANT ALL ON TABLE public.playlist_videos TO current_user; 20 | -------------------------------------------------------------------------------- /services/invidious/config/sql/playlists.sql: -------------------------------------------------------------------------------- 1 | -- Type: public.privacy 2 | 3 | -- DROP TYPE public.privacy; 4 | 5 | CREATE TYPE public.privacy AS ENUM 6 | ( 7 | 'Public', 8 | 'Unlisted', 9 | 'Private' 10 | ); 11 | 12 | -- Table: public.playlists 13 | 14 | -- DROP TABLE public.playlists; 15 | 16 | CREATE TABLE IF NOT EXISTS public.playlists 17 | ( 18 | title text, 19 | id text primary key, 20 | author text, 21 | description text, 22 | video_count integer, 23 | created timestamptz, 24 | updated timestamptz, 25 | privacy privacy, 26 | index int8[] 27 | ); 28 | 29 | GRANT ALL ON public.playlists TO current_user; 30 | -------------------------------------------------------------------------------- /services/invidious/config/sql/session_ids.sql: -------------------------------------------------------------------------------- 1 | -- Table: public.session_ids 2 | 3 | -- DROP TABLE public.session_ids; 4 | 5 | CREATE TABLE IF NOT EXISTS public.session_ids 6 | ( 7 | id text NOT NULL, 8 | email text, 9 | issued timestamp with time zone, 10 | CONSTRAINT session_ids_pkey PRIMARY KEY (id) 11 | ); 12 | 13 | GRANT ALL ON TABLE public.session_ids TO current_user; 14 | 15 | -- Index: public.session_ids_id_idx 16 | 17 | -- DROP INDEX public.session_ids_id_idx; 18 | 19 | CREATE INDEX IF NOT EXISTS session_ids_id_idx 20 | ON public.session_ids 21 | USING btree 22 | (id COLLATE pg_catalog."default"); 23 | 24 | -------------------------------------------------------------------------------- /services/invidious/config/sql/users.sql: -------------------------------------------------------------------------------- 1 | -- Table: public.users 2 | 3 | -- DROP TABLE public.users; 4 | 5 | CREATE TABLE IF NOT EXISTS public.users 6 | ( 7 | updated timestamp with time zone, 8 | notifications text[], 9 | subscriptions text[], 10 | email text NOT NULL, 11 | preferences text, 12 | password text, 13 | token text, 14 | watched text[], 15 | feed_needs_update boolean, 16 | CONSTRAINT users_email_key UNIQUE (email) 17 | ); 18 | 19 | GRANT ALL ON TABLE public.users TO current_user; 20 | 21 | -- Index: public.email_unique_idx 22 | 23 | -- DROP INDEX public.email_unique_idx; 24 | 25 | CREATE UNIQUE INDEX IF NOT EXISTS email_unique_idx 26 | ON public.users 27 | USING btree 28 | (lower(email) COLLATE pg_catalog."default"); 29 | 30 | -------------------------------------------------------------------------------- /services/invidious/config/sql/videos.sql: -------------------------------------------------------------------------------- 1 | -- Table: public.videos 2 | 3 | -- DROP TABLE public.videos; 4 | 5 | CREATE UNLOGGED TABLE IF NOT EXISTS public.videos 6 | ( 7 | id text NOT NULL, 8 | info text, 9 | updated timestamp with time zone, 10 | CONSTRAINT videos_pkey PRIMARY KEY (id) 11 | ); 12 | 13 | GRANT ALL ON TABLE public.videos TO current_user; 14 | 15 | -- Index: public.id_idx 16 | 17 | -- DROP INDEX public.id_idx; 18 | 19 | CREATE UNIQUE INDEX IF NOT EXISTS id_idx 20 | ON public.videos 21 | USING btree 22 | (id COLLATE pg_catalog."default"); 23 | 24 | -------------------------------------------------------------------------------- /services/invidious/docker/init-invidious-db.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -eou pipefail 3 | 4 | psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/channels.sql 5 | psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/videos.sql 6 | psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/channel_videos.sql 7 | psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/users.sql 8 | psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/session_ids.sql 9 | psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/nonces.sql 10 | psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/annotations.sql 11 | psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/playlists.sql 12 | psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < config/sql/playlist_videos.sql 13 | -------------------------------------------------------------------------------- /services/jackett/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=jackett 4 | -------------------------------------------------------------------------------- /services/jackett/README.md: -------------------------------------------------------------------------------- 1 | # jackett 2 | 3 | https://github.com/Jackett/Jackett 4 | https://docs.linuxserver.io/images/docker-jackett 5 | -------------------------------------------------------------------------------- /services/jackett/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | # TODO https://youtu.be/5rtGBwBuzQE?t=827 4 | jackett: 5 | image: lscr.io/linuxserver/jackett 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | TZ: 10 | AUTO_UPDATE: true 11 | volumes: 12 | - ./data/config:/config 13 | - ./data/data:/data 14 | restart: always 15 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 16 | security_opt: 17 | - no-new-privileges:true 18 | labels: 19 | homepage.group: Arr 20 | homepage.name: Jackett 21 | homepage.icon: jackett 22 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 23 | homepage.description: Indexer 24 | -------------------------------------------------------------------------------- /services/jellyfin/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=jellyfin 4 | SERVICE_PORT=8096 5 | HOMEPAGE_GROUP=Media 6 | HOMEPAGE_NAME=jellyfin 7 | HOMEPAGE_ICON=jellyfin 8 | HOMEPAGE_DESCRIPTION=Media streaming 9 | API_KEY=abc123 10 | -------------------------------------------------------------------------------- /services/jellyseerr/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=simon-haas.eu 3 | SUB_DOMAIN=jellyseerr 4 | 5 | API_KEY= 6 | -------------------------------------------------------------------------------- /services/jellyseerr/README.md: -------------------------------------------------------------------------------- 1 | # jellyseer 2 | 3 | https://github.com/Fallenbagel/jellyseerr 4 | https://hub.docker.com/r/fallenbagel/jellyseerr 5 | -------------------------------------------------------------------------------- /services/jellyseerr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | jellyseerr: 5 | image: fallenbagel/jellyseerr:latest 6 | environment: 7 | TZ: 8 | volumes: 9 | - ./data/config:/app/config 10 | - ./healthcheck.js:/healthcheck.js 11 | restart: always 12 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 13 | labels: 14 | homepage.group: Arr 15 | homepage.name: Jellyseerr 16 | homepage.icon: jellyseerr 17 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 18 | homepage.description: Media discovery 19 | homepage.widget.type: jellyseerr 20 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 21 | homepage.widget.key: ${API_KEY} 22 | healthcheck: 23 | test: "node /healthcheck.js" 24 | interval: 1m 25 | timeout: 10s 26 | retries: 1 27 | -------------------------------------------------------------------------------- /services/jellyseerr/healthcheck.js: -------------------------------------------------------------------------------- 1 | var http = require("http"); 2 | 3 | var options = { 4 | host : "example.com", 5 | timeout : 2000 6 | }; 7 | 8 | var request = http.request(options, (res) => { 9 | console.log(`STATUS: ${res.statusCode}`); 10 | if (res.statusCode == 200) { 11 | process.exit(0); 12 | } 13 | else { 14 | process.exit(1); 15 | } 16 | }); 17 | 18 | request.on('error', function(err) { 19 | console.log('ERROR from healthcheck.js', err); 20 | process.exit(1); 21 | }); 22 | 23 | request.end(); 24 | -------------------------------------------------------------------------------- /services/jupyterhub/.gitignore: -------------------------------------------------------------------------------- 1 | jupyterhub_config.py -------------------------------------------------------------------------------- /services/jupyterhub/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM jupyterhub/jupyterhub:3 2 | 3 | RUN python3 -m pip install --no-cache-dir \ 4 | dockerspawner \ 5 | jupyterhub-nativeauthenticator 6 | 7 | CMD ["jupyterhub", "-f", "/srv/jupyterhub/jupyterhub_config.py"] 8 | -------------------------------------------------------------------------------- /services/jupyterhub/README.md: -------------------------------------------------------------------------------- 1 | # jupyterhub 2 | 3 | https://jupyter.org/hub 4 | https://github.com/jupyterhub/jupyterhub-deploy-docker/tree/main 5 | -------------------------------------------------------------------------------- /services/jupyterlab/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=jupyterlab 3 | SERVICE_PORT=8888 4 | HOMEPAGE_GROUP=Media 5 | HOMEPAGE_NAME=jupyterlab 6 | HOMEPAGE_ICON=jupyterlab 7 | HOMEPAGE_DESCRIPTION=Interactive Python notebooks 8 | IMAGE=jupyter/datascience-notebook:hub-3.1.1 9 | -------------------------------------------------------------------------------- /services/jupyterlab/.gitignore: -------------------------------------------------------------------------------- 1 | jupyter_server_config.json 2 | -------------------------------------------------------------------------------- /services/jupyterlab/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | jupyterlab: 5 | image: ${IMAGE} 6 | restart: unless-stopped 7 | volumes: 8 | - ./data/work:/home/jovyan/work 9 | - ./data/.jupyter:/home/jovyan/.jupyter 10 | - ./data/.ssh:/home/jovyan/.ssh 11 | - ./jupyter_server_config.json:/home/jovyan/.jupyter/jupyter_server_config.json 12 | environment: 13 | - GRANT_SUDO=yes 14 | security_opt: 15 | - no-new-privileges:true 16 | labels: 17 | my.zone: zone1 18 | traefik.enable: true 19 | traefik.http.routers.jupyterlab.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 20 | traefik.http.routers.jupyterlab.entrypoints: websecure 21 | traefik.http.services.jupyterlab.loadbalancer.server.port: ${SERVICE_PORT} 22 | homepage.group: ${HOMEPAGE_GROUP} 23 | homepage.name: ${HOMEPAGE_NAME} 24 | homepage.icon: ${HOMEPAGE_ICON} 25 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 26 | homepage.description: ${HOMEPAGE_DESCRIPTION} 27 | 28 | networks: 29 | default: 30 | name: zone1 31 | external: true 32 | -------------------------------------------------------------------------------- /services/jupyterlab/jupyter_server_config.example.json: -------------------------------------------------------------------------------- 1 | # login with password "root" (remove this line, comments are not allowed in json) 2 | { 3 | "IdentityProvider": { 4 | "hashed_password": "argon2:$argon2id$v=19$m=10240,t=10,p=8$e2KyYUvStT5AeGDEVKkTfA$S7RMEmCgJOIqOECLRd3aMnlnxwY2i84zx3RQbfW+tWk" 5 | } 6 | } 7 | -------------------------------------------------------------------------------- /services/kasm/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=kasm -------------------------------------------------------------------------------- /services/kasm/.gitignore: -------------------------------------------------------------------------------- 1 | kasm_release* 2 | kasm_install_* -------------------------------------------------------------------------------- /services/kasm/README.md: -------------------------------------------------------------------------------- 1 | # kasm 2 | 3 | ## installation 4 | 5 | ``` shell 6 | curl -O https://kasm-static-content.s3.amazonaws.com/kasm_release_1.13.1.421524.tar.gz 7 | tar -xf kasm_release*.tar.gz 8 | sudo bash kasm_release/install.sh -L 8443 9 | 10 | docker exec -it kasm_db psql -U kasmapp -d kasm 11 | update users set 12 | pw_hash = 'fe519184b60a4ef9b93664a831502578499554338fd4500926996ca78fc7f522', 13 | salt = '83d0947a-bf55-4bec-893b-63aed487a05e', 14 | secret=NULL, set_two_factor=False, locked=False, 15 | disabled=False, failed_pw_attempts = 0 where username ='admin@kasm.local'; 16 | \q 17 | ``` 18 | 19 | Login: 20 | admin@kasm.local 21 | password 22 | 23 | ## to make kasm work behind traefik 24 | 1. go to ADMIN -> ZONES -> edit the default zone 25 | 2. set "Upstream Auth Address" to kasm.example.com 26 | 3. set "Proxy Port" to 443 27 | 28 | ## usage with ./script.sh 29 | 30 | ``` shell 31 | ./script.sh KASM start 32 | ./script.sh KASM stop 33 | ``` 34 | -------------------------------------------------------------------------------- /services/kasm/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | kasm: 4 | image: nginx 5 | restart: always 6 | security_opt: 7 | - no-new-privileges:true 8 | networks: 9 | - traefik 10 | labels: 11 | my.zone: zone1 12 | traefik.enable: true 13 | traefik.http.routers.kasm.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 14 | traefik.http.routers.kasm.entrypoints: websecure 15 | traefik.http.services.kasm.loadbalancer.server.port: 443 16 | homepage.group: Infrastructure 17 | homepage.name: Kasm 18 | homepage.icon: kasm 19 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 20 | homepage.description: Kasm container streaming 21 | volumes: 22 | - ./nginx.conf:/etc/nginx/templates/nginx.conf.template:ro 23 | 24 | networks: 25 | traefik: 26 | name: zone1 27 | external: true 28 | -------------------------------------------------------------------------------- /services/kasm/nginx.conf.example: -------------------------------------------------------------------------------- 1 | server { 2 | listen 443; 3 | 4 | location / { 5 | # The following configurations must be configured when proxying to Kasm Workspaces 6 | 7 | # WebSocket Support 8 | proxy_set_header Upgrade $http_upgrade; 9 | proxy_set_header Connection "upgrade"; 10 | 11 | # Host and X headers 12 | proxy_set_header Host $host; 13 | proxy_set_header X-Real-IP $remote_addr; 14 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 15 | proxy_set_header X-Forwarded-Proto $scheme; 16 | 17 | # Connectivity Options 18 | proxy_http_version 1.1; 19 | proxy_read_timeout 1800s; 20 | proxy_send_timeout 1800s; 21 | proxy_connect_timeout 1800s; 22 | proxy_buffering off; 23 | 24 | # Allow large requests to support file uploads to sessions 25 | client_max_body_size 10M; 26 | 27 | # Proxy to Kasm Workspaces running locally on 8443 using ssl 28 | proxy_pass https://192.168.1.2:8443 ; 29 | proxy_ssl_verify off; 30 | } 31 | } -------------------------------------------------------------------------------- /services/kavita/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | kavita: 4 | image: kizaing/kavita:latest 5 | volumes: 6 | - ./data/manga:/manga 7 | - ./data/config:/kavita/config 8 | restart: unless-stopped 9 | security_opt: 10 | - no-new-privileges:true 11 | networks: 12 | - traefik 13 | labels: 14 | my.zone: zone1 15 | traefik.enable: true 16 | traefik.http.routers.kavita.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 17 | traefik.http.routers.kavita.entrypoints: websecure 18 | traefik.http.services.kavita.loadbalancer.server.port: 5000 19 | homepage.group: Media 20 | homepage.name: Kavita 21 | homepage.icon: kavita 22 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 23 | homepage.description: Reading 24 | 25 | networks: 26 | traefik: 27 | name: zone1 28 | external: true 29 | -------------------------------------------------------------------------------- /services/keeweb/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=keeweb -------------------------------------------------------------------------------- /services/keeweb/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.3' 2 | services: 3 | keeweb: 4 | image: antelle/keeweb 5 | volumes: 6 | - ./keeweb.conf:/etc/nginx/conf.d/keeweb.conf 7 | restart: unless-stopped 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.keeweb.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.keeweb.entrypoints: websecure 17 | traefik.http.services.keeweb.loadbalancer.server.port: 80 18 | homepage.group: Media 19 | homepage.name: Keeweb 20 | homepage.icon: keeweb 21 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 22 | homepage.description: Open Keepass Files in your Browser 23 | 24 | networks: 25 | traefik: 26 | name: zone1 27 | external: true 28 | -------------------------------------------------------------------------------- /services/keeweb/keeweb.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80 default_server; 3 | listen [::]:80 default_server; 4 | root /keeweb; 5 | index index.html; 6 | server_name localhost; 7 | 8 | server_tokens off; 9 | add_header X-Content-Type-Options nosniff; 10 | 11 | add_header Strict-Transport-Security "max-age=31536000; includeSubdomains"; 12 | 13 | location / { 14 | try_files $uri $uri/ =404; 15 | } 16 | location ~ /\. { 17 | deny all; 18 | } 19 | } -------------------------------------------------------------------------------- /services/komga/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=komga -------------------------------------------------------------------------------- /services/komga/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.3' 2 | services: 3 | komga: 4 | image: gotson/komga 5 | volumes: 6 | - ./data/config:/config 7 | - ./data/data:/data 8 | - /etc/timezone:/etc/timezone:ro 9 | user: "1000:1000" 10 | restart: unless-stopped 11 | security_opt: 12 | - no-new-privileges:true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.komga.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.komga.entrypoints: websecure 20 | traefik.http.services.komga.loadbalancer.server.port: 8080 21 | homepage.group: Media 22 | homepage.name: Komga 23 | homepage.icon: komga 24 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.description: Comics 26 | 27 | networks: 28 | traefik: 29 | name: zone1 30 | external: true 31 | -------------------------------------------------------------------------------- /services/lazylibrarian/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=lazylibrarian 4 | -------------------------------------------------------------------------------- /services/lazylibrarian/README.md: -------------------------------------------------------------------------------- 1 | # lazylibrarian 2 | 3 | https://lazylibrarian.gitlab.io/ 4 | https://docs.linuxserver.io/images/docker-lazylibrarian 5 | -------------------------------------------------------------------------------- /services/lazylibrarian/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | lazylibrarian: 5 | image: lscr.io/linuxserver/lazylibrarian:latest 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | TZ: 10 | DOCKER_MODS: linuxserver/calibre-web:calibre|linuxserver/mods:lazylibrarian-ffmpeg #optional 11 | volumes: 12 | - ./data/config:/config 13 | - ./data/data:/data 14 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 15 | restart: always 16 | labels: 17 | homepage.group: Arr 18 | homepage.name: Lazylibrarian 19 | homepage.icon: lazylibrarian 20 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 21 | homepage.description: Books 22 | -------------------------------------------------------------------------------- /services/ledgersmb/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=ledgersmb 3 | -------------------------------------------------------------------------------- /services/ledgersmb/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | postgres: 4 | image: postgres:12-alpine 5 | environment: 6 | POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-abc} 7 | PGDATA: /var/lib/postgresql/data/pgdata 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | volumes: 13 | - ./data/pgdata:/var/lib/postgresql/data 14 | 15 | ledgersmb: 16 | depends_on: 17 | - postgres 18 | image: ghcr.io/ledgersmb/ledgersmb:1.9 19 | environment: 20 | LSMB_WORKERS: ${LSMB_WORKERS:-5} 21 | security_opt: 22 | - no-new-privileges:true 23 | networks: 24 | - traefik 25 | labels: 26 | my.zone: zone1 27 | traefik.enable: true 28 | traefik.http.routers.ledgersmb.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 29 | traefik.http.routers.ledgersmb.entrypoints: websecure 30 | traefik.http.services.ledgersmb.loadbalancer.server.port: 5762 31 | 32 | networks: 33 | traefik: 34 | name: zone1 35 | external: true 36 | -------------------------------------------------------------------------------- /services/librespeed/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=librespeed 4 | -------------------------------------------------------------------------------- /services/librespeed/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | librespeed: 4 | image: adolfintel/speedtest 5 | restart: always 6 | security_opt: 7 | - no-new-privileges:true 8 | networks: 9 | - traefik 10 | labels: 11 | my.zone: zone1 12 | traefik.enable: true 13 | traefik.http.routers.librespeed.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 14 | traefik.http.routers.librespeed.entrypoints: websecure 15 | homepage.group: Infrastructure 16 | homepage.name: Librespeed 17 | homepage.icon: librespeed 18 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 19 | homepage.description: Speedtest 20 | 21 | networks: 22 | traefik: 23 | name: zone1 24 | external: true 25 | -------------------------------------------------------------------------------- /services/lidarr/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=lidarr 4 | 5 | API_KEY= 6 | -------------------------------------------------------------------------------- /services/lidarr/README.md: -------------------------------------------------------------------------------- 1 | # lidarr 2 | 3 | https://lidarr.audio/ 4 | https://github.com/Lidarr/Lidarr 5 | https://docs.linuxserver.io/images/docker-lidarr 6 | -------------------------------------------------------------------------------- /services/lidarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | lidarr: 4 | image: lscr.io/linuxserver/lidarr 5 | container_name: lidarr 6 | environment: 7 | - PUID=1000 8 | - PGID=1000 9 | - TZ=${TZ} 10 | volumes: 11 | - ./data/config:/config 12 | - ./data/data:/data 13 | restart: always 14 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 15 | security_opt: 16 | - no-new-privileges:true 17 | labels: 18 | homepage.group: Arr 19 | homepage.name: Lidarr 20 | homepage.icon: lidarr 21 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 22 | homepage.description: Music 23 | homepage.widget.type: lidarr 24 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.widget.key: ${API_KEY} 26 | healthcheck: # https://github.com/qdm12/gluetun/issues/641#issuecomment-933856220 27 | test: "curl -sf https://example.com || exit 1" 28 | interval: 1m 29 | timeout: 10s 30 | retries: 1 31 | -------------------------------------------------------------------------------- /services/linkace/README.md: -------------------------------------------------------------------------------- 1 | # linkace 2 | 3 | https://www.linkace.org/ 4 | https://github.com/Kovah/LinkAce 5 | https://www.linkace.org/docs/v1/setup/setup-with-docker/simple/ 6 | 7 | sudo chmod 777 .env 8 | -------------------------------------------------------------------------------- /services/matomo/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=matomo 3 | 4 | MYSQL_PASSWORD= 5 | MYSQL_DATABASE=matomo 6 | MYSQL_USER=matomo 7 | MYSQL_ROOT_PASSWORD=geheim 8 | MATOMO_DATABASE_ADAPTER=mysql 9 | MATOMO_DATABASE_TABLES_PREFIX=matomo_ 10 | MATOMO_DATABASE_USERNAME=matomo 11 | MATOMO_DATABASE_PASSWORD= 12 | MATOMO_DATABASE_DBNAME=matomo -------------------------------------------------------------------------------- /services/mautic/README.md: -------------------------------------------------------------------------------- 1 | # mautic 2 | 3 | the World's Largest Open-Source Marketing Automation Project 4 | 5 | https://www.mautic.org/ 6 | https://github.com/mautic/mautic -------------------------------------------------------------------------------- /services/mealie/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=mealie 4 | -------------------------------------------------------------------------------- /services/mealie/README.md: -------------------------------------------------------------------------------- 1 | # mealie 2 | 3 | https://mealie.io/ 4 | https://nightly.mealie.io/ 5 | https://github.com/mealie-recipes/mealie 6 | -------------------------------------------------------------------------------- /services/mealie/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3.7" 3 | 4 | services: 5 | mealie: 6 | image: ghcr.io/mealie-recipes/mealie:nightly 7 | volumes: 8 | - ./data:/app/data/ 9 | environment: 10 | ALLOW_SIGNUP: true 11 | PUID: 1000 12 | PGID: 1000 13 | TZ: 14 | MAX_WORKERS: 1 15 | WEB_CONCURRENCY: 1 16 | BASE_URL: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 17 | restart: always 18 | security_opt: 19 | - no-new-privileges:true 20 | networks: 21 | - traefik 22 | labels: 23 | my.zone: zone1 24 | traefik.enable: true 25 | traefik.http.routers.mealie.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 26 | traefik.http.routers.mealie.entrypoints: websecure 27 | traefik.http.services.mealie.loadbalancer.server.port: 9000 28 | homepage.group: Media 29 | homepage.name: mealie 30 | homepage.icon: mealie 31 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 32 | homepage.description: recipe manager and meal planner 33 | 34 | networks: 35 | traefik: 36 | name: zone1 37 | external: true 38 | -------------------------------------------------------------------------------- /services/media-nginx/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | web: 4 | image: nginx 5 | volumes: 6 | - ./nginx.conf:/etc/nginx/templates/nginx.conf.template:ro 7 | - ./data:/data/www:ro 8 | environment: 9 | - NGINX_HOST=media-nginx.${SERVER_DOMAIN} 10 | security_opt: 11 | - no-new-privileges:true 12 | networks: 13 | - traefik 14 | labels: 15 | my.zone: zone1 16 | traefik.enable: true 17 | traefik.http.routers.media-nginx.rule: Host(`media-nginx.${SERVER_DOMAIN}`) 18 | traefik.http.routers.media-nginx.entrypoints: websecure 19 | traefik.http.routers.media-nginx.service: media-nginx 20 | traefik.http.services.media-nginx.loadbalancer.server.port: 443 21 | 22 | networks: 23 | traefik: 24 | name: zone1 25 | external: true 26 | -------------------------------------------------------------------------------- /services/media-nginx/nginx.conf.template: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80 default_server; 3 | rewrite ^(.*) https://$host$1 permanent; 4 | } 5 | 6 | server { 7 | listen 443; 8 | server_name _; 9 | proxy_redirect off; 10 | location / { 11 | autoindex on; 12 | try_files $uri $uri/ =404; 13 | root /data/www; 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /services/memos/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=memos 3 | -------------------------------------------------------------------------------- /services/memos/README.md: -------------------------------------------------------------------------------- 1 | # memos 2 | 3 | https://usememos.com/ 4 | https://github.com/usememos/memos 5 | -------------------------------------------------------------------------------- /services/memos/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.0" 2 | services: 3 | memos: 4 | image: neosmemo/memos:latest 5 | volumes: 6 | - ./data:/var/opt/memos 7 | restart: always 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.memos.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.memos.entrypoints: websecure 17 | traefik.http.services.memos.loadbalancer.server.port: 5230 18 | homepage.group: Media 19 | homepage.name: memos 20 | homepage.icon: memos 21 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 22 | homepage.description: note taking 23 | 24 | networks: 25 | traefik: 26 | name: zone1 27 | external: true 28 | -------------------------------------------------------------------------------- /services/metabase/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=metabase 3 | SERVICE_PORT=3000 4 | HOMEPAGE_GROUP=Infrastructure 5 | HOMEPAGE_NAME=metabase 6 | HOMEPAGE_ICON=metabase 7 | HOMEPAGE_DESCRIPTION=Charts and Dashboards 8 | 9 | POSTGRES_USER=metabase 10 | POSTGRES_PASSWORD=password 11 | -------------------------------------------------------------------------------- /services/metabase/README.md: -------------------------------------------------------------------------------- 1 | # metabase 2 | 3 | https://www.metabase.com/ 4 | https://github.com/metabase/metabase 5 | https://hub.docker.com/r/metabase/metabase 6 | -------------------------------------------------------------------------------- /services/metube/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | metube: 4 | image: alexta69/metube 5 | restart: unless-stopped 6 | volumes: 7 | - ./data/downloads:/downloads 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.metube.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.metube.entrypoints: websecure 17 | traefik.http.services.metube.loadbalancer.server.port: 8081 18 | traefik.http.routers.metube.middlewares: authelia@docker 19 | homepage.group: Media 20 | homepage.name: Metube 21 | homepage.icon: metube 22 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 23 | homepage.description: Youtube Downloader 24 | 25 | networks: 26 | traefik: 27 | name: zone1 28 | external: true 29 | -------------------------------------------------------------------------------- /services/minecraft/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | minecraft: 4 | restart: always 5 | security_opt: 6 | - no-new-privileges:true 7 | image: itzg/minecraft-server 8 | ports: 9 | - "25565:25565" 10 | environment: 11 | EULA: "TRUE" 12 | volumes: 13 | - "./data:/data" 14 | -------------------------------------------------------------------------------- /services/minetest/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin -------------------------------------------------------------------------------- /services/minetest/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | minetest: 4 | image: linuxserver/minetest 5 | environment: 6 | - PUID=1000 7 | - PGID=1000 8 | - TZ=${TZ} 9 | - CLI_ARGS="--server --worldname MyWorld --gameid minetest" #optional 10 | volumes: 11 | - ./data:/config/.minetest 12 | ports: 13 | - 30000:30000/udp 14 | restart: always 15 | security_opt: 16 | - no-new-privileges:true 17 | -------------------------------------------------------------------------------- /services/miniflux/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=miniflux 3 | 4 | ADMIN_USERNAME=simon.haas 5 | ADMIN_PASSWORD=password 6 | 7 | POSTGRES_USER=miniflux 8 | POSTGRES_PASSWORD=password 9 | -------------------------------------------------------------------------------- /services/miniflux/README.md: -------------------------------------------------------------------------------- 1 | # miniflux 2 | 3 | https://miniflux.app/index.html 4 | https://github.com/miniflux/v2 5 | -------------------------------------------------------------------------------- /services/miniflux/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | miniflux: 5 | image: miniflux/miniflux:latest 6 | depends_on: 7 | db: 8 | condition: service_healthy 9 | environment: 10 | DATABASE_URL: postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db/miniflux?sslmode=disable 11 | RUN_MIGRATIONS: 1 12 | CREATE_ADMIN: 1 13 | ADMIN_USERNAME: 14 | ADMIN_PASSWORD: 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.miniflux.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.miniflux.entrypoints: websecure 20 | traefik.http.services.miniflux.loadbalancer.server.port: 8080 21 | homepage.group: Media 22 | homepage.name: miniflux 23 | homepage.icon: miniflux 24 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.description: RSS reader 26 | 27 | db: 28 | image: postgres:15 29 | environment: 30 | POSTGRES_USER: 31 | POSTGRES_PASSWORD: 32 | volumes: 33 | - ./data/db:/var/lib/postgresql/data 34 | healthcheck: 35 | test: ["CMD", "pg_isready", "-U", "miniflux"] 36 | interval: 10s 37 | start_period: 30s 38 | 39 | networks: 40 | default: 41 | name: zone1 42 | external: true 43 | -------------------------------------------------------------------------------- /services/motioneye/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=motioneye 3 | -------------------------------------------------------------------------------- /services/motioneye/docker-compose.yml: -------------------------------------------------------------------------------- 1 | # username: admin 2 | # password: (blank) 3 | 4 | version: "3.6" 5 | services: 6 | motioneye: 7 | image: ccrisan/motioneye:master-amd64 8 | volumes: 9 | - ./data/var_lib_motioneye:/var/lib/motioneye 10 | restart: unless-stopped 11 | security_opt: 12 | - no-new-privileges:true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.motioneye.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.motioneye.entrypoints: websecure 20 | traefik.http.services.motioneye.loadbalancer.server.port: 8765 21 | 22 | networks: 23 | traefik: 24 | name: zone1 25 | external: true 26 | -------------------------------------------------------------------------------- /services/mylar3/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=mylar3 3 | -------------------------------------------------------------------------------- /services/mylar3/README.md: -------------------------------------------------------------------------------- 1 | # mylar3 2 | 3 | https://github.com/mylar3/mylar3 4 | https://docs.linuxserver.io/images/docker-mylar3 5 | -------------------------------------------------------------------------------- /services/mylar3/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | mylar3: 5 | image: lscr.io/linuxserver/mylar3:latest 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | volumes: 10 | - ./data/config:/config 11 | - ./data/data:/data 12 | restart: always 13 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 14 | labels: 15 | homepage.group: Arr 16 | homepage.name: Mylar 17 | homepage.icon: mylar 18 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 19 | homepage.description: Comics 20 | -------------------------------------------------------------------------------- /services/n8n/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=n8n 3 | 4 | # Folder where data should be saved 5 | DATA_FOLDER=/root/n8n/ 6 | 7 | # The top level domain to serve from 8 | DOMAIN_NAME=example.com 9 | 10 | # The subdomain to serve from 11 | SUBDOMAIN=n8n 12 | 13 | # DOMAIN_NAME and SUBDOMAIN combined decide where n8n will be reachable from 14 | # above example would result in: https://n8n.example.com 15 | 16 | # The user name to use for authentication - IMPORTANT ALWAYS CHANGE! 17 | N8N_BASIC_AUTH_USER=user 18 | 19 | # The password to use for authentication - IMPORTANT ALWAYS CHANGE! 20 | N8N_BASIC_AUTH_PASSWORD=password 21 | 22 | # Optional timezone to set which gets used by Cron-Node by default 23 | # If not set New York time will be used 24 | GENERIC_TIMEZONE=Europe/Berlin 25 | 26 | # The email address to use for the SSL certificate creation 27 | SSL_EMAIL=user@example.com 28 | -------------------------------------------------------------------------------- /services/n8n/README.md: -------------------------------------------------------------------------------- 1 | # n8n 2 | 3 | https://n8n.io/ -------------------------------------------------------------------------------- /services/n8n/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | n8n: 4 | image: n8nio/n8n 5 | environment: 6 | - N8N_BASIC_AUTH_ACTIVE=true 7 | - N8N_BASIC_AUTH_USER 8 | - N8N_BASIC_AUTH_PASSWORD 9 | - N8N_HOST=${SUBDOMAIN}.${DOMAIN_NAME} 10 | - N8N_PORT=5678 11 | - N8N_PROTOCOL=https 12 | - NODE_ENV=production 13 | - WEBHOOK_URL=https://${SUBDOMAIN}.${DOMAIN_NAME}/ 14 | - GENERIC_TIMEZONE=${GENERIC_TIMEZONE} 15 | volumes: 16 | - ./data:/home/node/.n8n 17 | restart: unless-stopped 18 | security_opt: 19 | - no-new-privileges:true 20 | networks: 21 | - traefik 22 | labels: 23 | my.zone: zone1 24 | traefik.enable: true 25 | traefik.http.routers.n8n.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 26 | traefik.http.routers.n8n.entrypoints: websecure 27 | traefik.http.services.n8n.loadbalancer.server.port: 5678 28 | homepage.group: Infrastructure 29 | homepage.name: n8n 30 | homepage.icon: n8n 31 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 32 | homepage.description: workflow automation tool 33 | 34 | networks: 35 | traefik: 36 | name: zone1 37 | external: true 38 | -------------------------------------------------------------------------------- /services/netbox/README.md: -------------------------------------------------------------------------------- 1 | # netbox 2 | 3 | https://github.com/netbox-community/netbox-docker 4 | https://shownotes.opensourceisawesome.com/netbox/ -------------------------------------------------------------------------------- /services/netdata/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=netdata 4 | -------------------------------------------------------------------------------- /services/netdata/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | services: 3 | netdata: 4 | image: netdata/netdata 5 | hostname: ${SUB_DOMAIN}.${SERVER_DOMAIN} 6 | restart: unless-stopped 7 | cap_add: 8 | - SYS_PTRACE 9 | security_opt: 10 | - apparmor:unconfined 11 | volumes: 12 | - netdataconfig:/etc/netdata 13 | - netdatalib:/var/lib/netdata 14 | - netdatacache:/var/cache/netdata 15 | #- ./data/config:/etc/netdata 16 | #- ./data/lib:/var/lib/netdata 17 | #- ./data/cache:/var/cache/netdata 18 | - /etc/passwd:/host/etc/passwd:ro 19 | - /etc/group:/host/etc/group:ro 20 | - /proc:/host/proc:ro 21 | - /sys:/host/sys:ro 22 | - /etc/os-release:/host/etc/os-release:ro 23 | networks: 24 | - traefik 25 | labels: 26 | my.zone: zone1 27 | traefik.enable: true 28 | traefik.http.routers.netdata.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 29 | traefik.http.routers.netdata.entrypoints: websecure 30 | traefik.http.services.netdata.loadbalancer.server.port: 19999 31 | 32 | networks: 33 | traefik: 34 | name: zone1 35 | external: true 36 | 37 | volumes: 38 | netdataconfig: 39 | netdatalib: 40 | netdatacache: -------------------------------------------------------------------------------- /services/nextcloud/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=nextcloud 4 | HOMEPAGE_USERNAME= 5 | HOMEPAGE_PASSWORD= 6 | 7 | MYSQL_ROOT_PASSWORD=password 8 | MYSQL_PASSWORD=mysql 9 | MYSQL_DATABASE=nextcloud 10 | MYSQL_USER=nextcloud -------------------------------------------------------------------------------- /services/nextcloud/README.md: -------------------------------------------------------------------------------- 1 | # Nextcloud 2 | 3 | https://nextcloud.com/ 4 | 5 | ## cron jobs - using host 6 | 7 | crontab -e 8 | */5 * * * * cd /mnt/data/homeserver/services/nextcloud/ && docker compose exec -it -u www-data nextcloud php /var/www/html/cron.php -------------------------------------------------------------------------------- /services/nextcloud/configure-onlyoffice.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -x 4 | 5 | docker exec -u www-data nextcloud php occ --no-warnings config:system:get trusted_domains >> trusted_domain.tmp 6 | 7 | if ! grep -q "nextcloud-web" trusted_domain.tmp; then 8 | TRUSTED_INDEX=$(cat trusted_domain.tmp | wc -l); 9 | docker exec -u www-data nextcloud php occ --no-warnings config:system:set trusted_domains $TRUSTED_INDEX --value="nextcloud-web" 10 | fi 11 | 12 | rm trusted_domain.tmp 13 | 14 | docker exec -u www-data nextcloud php occ --no-warnings app:install onlyoffice 15 | 16 | docker exec -u www-data nextcloud php occ --no-warnings config:system:set onlyoffice DocumentServerUrl --value="/ds-vpath/" 17 | docker exec -u www-data nextcloud php occ --no-warnings config:system:set onlyoffice DocumentServerInternalUrl --value="http://onlyoffice/" 18 | docker exec -u www-data nextcloud php occ --no-warnings config:system:set onlyoffice StorageUrl --value="http://nextcloud-web/" 19 | 20 | docker exec -u www-data nextcloud php occ --no-warnings config:system:set allow_local_remote_servers --value=true -------------------------------------------------------------------------------- /services/nginx-proxy-manager/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=nginx 3 | -------------------------------------------------------------------------------- /services/nginx-proxy-manager/.gitignore: -------------------------------------------------------------------------------- 1 | proxy.conf -------------------------------------------------------------------------------- /services/nginx-proxy-manager/README.md: -------------------------------------------------------------------------------- 1 | # nginx proxy manager 2 | 3 | https://nginxproxymanager.com/ 4 | https://github.com/NginxProxyManager/nginx-proxy-manager 5 | 6 | Nginx Proxy Manager is a popular reverse proxy. 7 | It is often compared to and regardes as an alternative to traefik. 8 | Here they both work hand in hand. 9 | Traefik forwards all requests it does not know what to do with to nginx proxy manager. 10 | By creating 'Proxy Hosts' via the UI of nginx proxy manager you can easily integrate webservices into this homeserver setup which can not be proxied via traefik. 11 | This can be docker services requiring host-networking or services running on totally different servers. -------------------------------------------------------------------------------- /services/nocodb/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=nocodb -------------------------------------------------------------------------------- /services/notifiarr/README.md: -------------------------------------------------------------------------------- 1 | # notifiarr 2 | 3 | https://notifiarr.com/ 4 | https://github.com/Notifiarr/notifiarr 5 | -------------------------------------------------------------------------------- /services/notifiarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3" 3 | 4 | services: 5 | notifiarr: 6 | image: golift/notifiarr 7 | volumes: 8 | - ./data:/config 9 | - /var/run/utmp:/var/run/utmp 10 | - /etc/machine-id:/etc/machine-id 11 | restart: unless-stopped 12 | security_opt: 13 | - no-new-privileges:true 14 | labels: 15 | my.zone: zone1 16 | traefik.enable: true 17 | traefik.http.routers.notifiarr.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 18 | traefik.http.routers.notifiarr.entrypoints: websecure 19 | traefik.http.services.notifiarr.loadbalancer.server.port: 5454 20 | homepage.group: ${HOMEPAGE_GROUP} 21 | homepage.name: ${HOMEPAGE_NAME} 22 | homepage.icon: ${HOMEPAGE_ICON} 23 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 24 | homepage.description: ${HOMEPAGE_DESCRIPTION} 25 | 26 | networks: 27 | default: 28 | name: zone1 29 | external: true 30 | -------------------------------------------------------------------------------- /services/ntfy/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=ntfy 3 | -------------------------------------------------------------------------------- /services/ntfy/.gitignore: -------------------------------------------------------------------------------- 1 | server.yml -------------------------------------------------------------------------------- /services/ntfy/README.md: -------------------------------------------------------------------------------- 1 | # ntfy 2 | 3 | https://ntfy.sh/ 4 | https://github.com/binwiederhier/ntfy 5 | -------------------------------------------------------------------------------- /services/ntfy/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2.3" 2 | 3 | services: 4 | ntfy: 5 | image: binwiederhier/ntfy 6 | command: 7 | - serve 8 | environment: 9 | TZ: 10 | volumes: 11 | - ./data:/var/cache/ntfy 12 | - ./server.yml:/etc/ntfy/server.yml 13 | healthcheck: # optional: remember to adapt the host:port to your environment 14 | test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:80/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"] 15 | interval: 60s 16 | timeout: 10s 17 | retries: 3 18 | start_period: 40s 19 | restart: unless-stopped 20 | security_opt: 21 | - no-new-privileges:true 22 | networks: 23 | - traefik 24 | labels: 25 | my.zone: zone1 26 | traefik.enable: true 27 | traefik.http.routers.ntfy.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 28 | traefik.http.routers.ntfy.entrypoints: websecure 29 | traefik.http.services.ntfy.loadbalancer.server.port: 80 30 | homepage.group: Infrastructure 31 | homepage.name: ntfy 32 | homepage.icon: ntfy 33 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 34 | homepage.description: Notification Server 35 | 36 | networks: 37 | traefik: 38 | name: zone1 39 | external: true 40 | -------------------------------------------------------------------------------- /services/ntopng/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=ntopng 3 | 4 | NIC=ens18 5 | PORT=21800 6 | IP=192.168.31.238 -------------------------------------------------------------------------------- /services/ntopng/README.md: -------------------------------------------------------------------------------- 1 | # ntopng 2 | 3 | https://github.com/ntop/ntopng -------------------------------------------------------------------------------- /services/odoo/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=odoo -------------------------------------------------------------------------------- /services/odoo/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.6' 2 | services: 3 | web: 4 | image: odoo:15.0 5 | depends_on: 6 | - mydb 7 | environment: 8 | - HOST=mydb 9 | - USER=odoo 10 | - PASSWORD=myodoo 11 | security_opt: 12 | - no-new-privileges:true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.odoo.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.odoo.entrypoints: websecure 20 | traefik.http.services.odoo.loadbalancer.server.port: 8069 21 | homepage.group: Media 22 | homepage.name: Odoo 23 | homepage.icon: odoo 24 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.description: Odoo ERP und CRM 26 | 27 | mydb: 28 | image: postgres:13 29 | environment: 30 | - POSTGRES_DB=postgres 31 | - POSTGRES_PASSWORD=myodoo 32 | - POSTGRES_USER=odoo 33 | volumes: 34 | - ./data/db:/var/lib/postgresql/data 35 | security_opt: 36 | - no-new-privileges:true 37 | networks: 38 | - traefik 39 | 40 | networks: 41 | traefik: 42 | name: zone1 43 | external: true 44 | -------------------------------------------------------------------------------- /services/onlyoffice/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=onlyoffice -------------------------------------------------------------------------------- /services/openproject/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=openproject 3 | 4 | SECRET_KEY_BASE=123456 -------------------------------------------------------------------------------- /services/openproject/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | openproject: 4 | image: openproject/community:12 5 | volumes: 6 | - ./data/pgdata:/var/openproject/pgdata 7 | - ./data/assets:/var/openproject/assets 8 | environment: 9 | - SECRET_KEY_BASE=${SECRET_KEY_BASE} 10 | - SERVER_HOSTNAME=${SUB_DOMAIN}.${SERVER_DOMAIN} 11 | restart: unless-stopped 12 | security_opt: 13 | - no-new-privileges:true 14 | networks: 15 | - traefik 16 | labels: 17 | my.zone: zone1 18 | traefik.enable: true 19 | traefik.http.routers.openproject.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 20 | traefik.http.routers.openproject.entrypoints: websecure 21 | traefik.http.services.openproject.loadbalancer.server.port: 80 22 | 23 | networks: 24 | traefik: 25 | name: zone1 26 | external: true 27 | -------------------------------------------------------------------------------- /services/openssh/.env.example: -------------------------------------------------------------------------------- 1 | USER_NAME=user 2 | USER_PASSWORD=password -------------------------------------------------------------------------------- /services/openssh/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "2.1" 3 | services: 4 | openssh-server: 5 | image: lscr.io/linuxserver/openssh-server:latest 6 | hostname: openssh-server #optional 7 | environment: 8 | - PUID=1000 9 | - PGID=1000 10 | - TZ=Europe/Berlin 11 | - SUDO_ACCESS=false #optional 12 | - PASSWORD_ACCESS=true #optional 13 | - USER_PASSWORD=${USER_PASSWORD} #optional 14 | - USER_NAME=${USER_NAME} #optional 15 | volumes: 16 | - ./data/config:/config 17 | ports: 18 | - 2223:2222 19 | restart: unless-stopped -------------------------------------------------------------------------------- /services/openvpn/.gitignore: -------------------------------------------------------------------------------- 1 | conf/ 2 | *.ovpn -------------------------------------------------------------------------------- /services/openvpn/README.md: -------------------------------------------------------------------------------- 1 | # openvpn 2 | 3 | https://hub.docker.com/r/kylemanna/openvpn/ 4 | 5 | ## setup 6 | 7 | https://github.com/kylemanna/docker-openvpn/blob/master/docs/docker-compose.md 8 | 9 | docker compose run --rm openvpn ovpn_genconfig -u udp://vpn.example.com 10 | docker compose run --rm openvpn ovpn_initpki 11 | docker compose up -d 12 | 13 | export CLIENTNAME="your_client_name" 14 | # with a passphrase (recommended) 15 | docker compose run --rm openvpn easyrsa build-client-full $CLIENTNAME 16 | # without a passphrase (not recommended) 17 | docker compose run --rm openvpn easyrsa build-client-full $CLIENTNAME nopass 18 | 19 | docker compose run --rm openvpn ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn 20 | -------------------------------------------------------------------------------- /services/openvpn/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '2' 2 | services: 3 | openvpn: 4 | cap_add: 5 | - NET_ADMIN 6 | image: kylemanna/openvpn 7 | ports: 8 | - "1194:1194/udp" 9 | restart: always 10 | volumes: 11 | - ./conf:/etc/openvpn 12 | -------------------------------------------------------------------------------- /services/organizr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | organizr: 5 | image: organizr/organizr 6 | volumes: 7 | #- ./data/config:/config 8 | - config:/config 9 | environment: 10 | PGID: 11 | PUID: 12 | restart: unless-stopped 13 | security_opt: 14 | - no-new-privileges:true 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.organizr.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.organizr.entrypoints: websecure 20 | traefik.http.services.organizr.loadbalancer.server.port: ${SERVICE_PORT} 21 | homepage.group: ${HOMEPAGE_GROUP} 22 | homepage.name: ${HOMEPAGE_NAME} 23 | homepage.icon: ${HOMEPAGE_ICON} 24 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.description: ${HOMEPAGE_DESCRIPTION} 26 | 27 | db: 28 | image: mariadb 29 | restart: unless-stopped 30 | volumes: 31 | - ./data/db:/var/lib/mysql 32 | environment: 33 | MARIADB_ROOT_PASSWORD: example 34 | 35 | networks: 36 | default: 37 | name: zone1 38 | external: true 39 | 40 | volumes: 41 | config: 42 | -------------------------------------------------------------------------------- /services/own-my-money/README.md: -------------------------------------------------------------------------------- 1 | # own-my-money 2 | 3 | https://github.com/nioc/own-my-money 4 | 5 | ## setup 6 | 7 | https://${SUB_DOMAIN}.${SERVER_DOMAIN}/#/setup -------------------------------------------------------------------------------- /services/photoprism/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=photoprism 4 | 5 | PHOTOPRISM_ADMIN_PASSWORD=secret 6 | 7 | MARIADB_PASSWORD=secret 8 | MARIADB_ROOT_PASSWORD=secret -------------------------------------------------------------------------------- /services/pialert/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | HOST_USER_ID=1000 3 | HOST_USER_GID=1000 4 | PORT=20211 5 | -------------------------------------------------------------------------------- /services/pialert/README.md: -------------------------------------------------------------------------------- 1 | # Pi-Alert 2 | 3 | https://github.com/pucherot/Pi.Alert 4 | https://registry.hub.docker.com/r/jokobsk/pi.alert -------------------------------------------------------------------------------- /services/pialert/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | pialert: 4 | image: "jokobsk/pi.alert:latest" 5 | network_mode: "host" 6 | restart: unless-stopped 7 | volumes: 8 | - ./data/config:/home/pi/pialert/config 9 | - ./data/db/pialert.db:/home/pi/pialert/db/pialert.db 10 | # (optional) map an empty file with the name 'setting_darkmode' if you want to force the dark mode on container rebuilt 11 | - ./data/db/setting_darkmode:/home/pi/pialert/db/setting_darkmode 12 | # (optional) useful for debugging if you have issues setting up the container 13 | - ./data/logs:/home/pi/pialert/front/log 14 | environment: 15 | - TZ=${TZ} 16 | - PORT=${PORT} 17 | - HOST_USER_ID=${HOST_USER_ID} 18 | - HOST_USER_GID=${HOST_USER_GID} 19 | labels: 20 | homepage.group: Infrastructure 21 | homepage.name: pialert 22 | homepage.icon: pialaert 23 | homepage.href: http://${IP}:${PORT} 24 | homepage.description: network device monitoring -------------------------------------------------------------------------------- /services/pihole/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=pihole 4 | 5 | WEBPASSWORD=topsecret -------------------------------------------------------------------------------- /services/planka/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=planka 3 | 4 | SECRET_KEY=verysecret 5 | -------------------------------------------------------------------------------- /services/portainer/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=portainer -------------------------------------------------------------------------------- /services/portainer/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | portainer: 4 | image: portainer/portainer-ce 5 | volumes: 6 | - /var/run/docker.sock:/var/run/docker.sock 7 | - ./data:/data 8 | restart: unless-stopped 9 | security_opt: 10 | - no-new-privileges:true 11 | networks: 12 | - traefik 13 | labels: 14 | my.zone: zone1 15 | traefik.enable: true 16 | traefik.http.routers.portainer.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 17 | traefik.http.routers.portainer.entrypoints: websecure 18 | traefik.http.services.portainer.loadbalancer.server.port: 9000 19 | homepage.group: Infrastructure 20 | homepage.name: Portainer 21 | homepage.icon: portainer 22 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 23 | homepage.description: Container management 24 | homepage.widget.type: portainer 25 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 26 | homepage.widget.env: ${WIDGET_ENV} 27 | homepage.widget.key: ${WIDGET_KEY} 28 | 29 | networks: 30 | traefik: 31 | name: zone1 32 | external: true 33 | -------------------------------------------------------------------------------- /services/prometheus/.gitignore: -------------------------------------------------------------------------------- 1 | prometheus.yml -------------------------------------------------------------------------------- /services/prometheus/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | prometheus: 4 | image: prom/prometheus 5 | volumes: 6 | - ./prometheus.yml:/etc/prometheus/prometheus.yml 7 | - ./data:/prometheus 8 | restart: unless-stopped 9 | security_opt: 10 | - no-new-privileges:true 11 | networks: 12 | - traefik 13 | labels: 14 | my.zone: zone1 15 | traefik.enable: true 16 | traefik.http.routers.prometheus.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 17 | traefik.http.routers.prometheus.entrypoints: websecure 18 | traefik.http.services.prometheus.loadbalancer.server.port: 9090 19 | homepage.group: Infrastructure 20 | homepage.name: Prometheus 21 | homepage.icon: prometheus 22 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 23 | homepage.description: Collecting statistics 24 | 25 | node_exporter: 26 | image: quay.io/prometheus/node-exporter:latest 27 | command: 28 | - '--path.rootfs=/host' 29 | pid: host 30 | restart: unless-stopped 31 | volumes: 32 | - '/:/host:ro,rslave' 33 | networks: 34 | - traefik 35 | 36 | networks: 37 | traefik: 38 | name: zone1 39 | external: true 40 | -------------------------------------------------------------------------------- /services/prometheus/prometheus.yml.example: -------------------------------------------------------------------------------- 1 | global: 2 | scrape_interval: 15s # By default, scrape targets every 15 seconds. 3 | 4 | # Attach these labels to any time series or alerts when communicating with 5 | # external systems (federation, remote storage, Alertmanager). 6 | external_labels: 7 | monitor: 'codelab-monitor' 8 | 9 | # A scrape configuration containing exactly one endpoint to scrape: 10 | # Here it's Prometheus itself. 11 | scrape_configs: 12 | # The job name is added as a label `job=` to any timeseries scraped from this config. 13 | - job_name: 'prometheus' 14 | 15 | # Override the global default and scrape targets from this job every 5 seconds. 16 | scrape_interval: 5s 17 | 18 | static_configs: 19 | - targets: ['localhost:9090'] -------------------------------------------------------------------------------- /services/prowlarr/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=prowlarr 4 | -------------------------------------------------------------------------------- /services/prowlarr/README.md: -------------------------------------------------------------------------------- 1 | # prowlarr 2 | 3 | https://prowlarr.com/ 4 | https://github.com/Prowlarr/Prowlarr 5 | https://docs.linuxserver.io/images/docker-prowlarr 6 | -------------------------------------------------------------------------------- /services/prowlarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | prowlarr: 5 | image: lscr.io/linuxserver/prowlarr:develop 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | UMASK_SET: 022 10 | TZ: 11 | volumes: 12 | - ./data/config:/config 13 | - ./data/data:/data 14 | restart: always 15 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 16 | labels: 17 | homepage.group: Arr 18 | homepage.name: Prowlarr 19 | homepage.icon: prowlarr 20 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 21 | homepage.description: Indexer 22 | homepage.widget.type: prowlarr 23 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 24 | homepage.widget.key: ${API_KEY} 25 | healthcheck: # https://github.com/qdm12/gluetun/issues/641#issuecomment-933856220 26 | test: "curl -sf https://example.com || exit 1" 27 | interval: 1m 28 | timeout: 10s 29 | retries: 1 30 | -------------------------------------------------------------------------------- /services/qbittorrent/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=qbittorrent 4 | -------------------------------------------------------------------------------- /services/qbittorrent/README.md: -------------------------------------------------------------------------------- 1 | # qbittorrent 2 | 3 | https://www.qbittorrent.org/ 4 | https://github.com/qbittorrent/qBittorrent 5 | https://docs.linuxserver.io/images/docker-qbittorrent 6 | -------------------------------------------------------------------------------- /services/qbittorrent/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | qbittorrent: 4 | image: ghcr.io/linuxserver/qbittorrent 5 | environment: 6 | PUID: 1000 7 | PGID: 1000 8 | TZ: ${TZ} 9 | WEBUI_PORT: 8080 # admin/adminadmin 10 | volumes: 11 | - ./data/qbittorrent/config:/config 12 | - ./data/qbittorrent/downloads:/downloads 13 | restart: unless-stopped 14 | security_opt: 15 | - no-new-privileges:true 16 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 17 | -------------------------------------------------------------------------------- /services/radarr/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=sonarr 4 | 5 | API_KEY= 6 | -------------------------------------------------------------------------------- /services/radarr/README.md: -------------------------------------------------------------------------------- 1 | # radarr 2 | 3 | https://radarr.video/ 4 | https://github.com/Radarr/Radarr 5 | https://docs.linuxserver.io/images/docker-radarr 6 | -------------------------------------------------------------------------------- /services/radarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | radarr: 5 | image: lscr.io/linuxserver/radarr 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | TZ: 10 | volumes: 11 | - ./data/config:/config 12 | - ./data/data:/data 13 | restart: always 14 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 15 | security_opt: 16 | - no-new-privileges:true 17 | labels: 18 | homepage.group: Arr 19 | homepage.name: Radarr 20 | homepage.icon: radarr 21 | homepage.href: https://radarr.${SERVER_DOMAIN} 22 | homepage.description: Movies 23 | homepage.widget.type: radarr 24 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.widget.key: ${API_KEY} 26 | healthcheck: # https://github.com/qdm12/gluetun/issues/641#issuecomment-933856220 27 | test: "curl -sf https://example.com || exit 1" 28 | interval: 1m 29 | timeout: 10s 30 | retries: 1 31 | -------------------------------------------------------------------------------- /services/rainloop/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=rainloop -------------------------------------------------------------------------------- /services/rainloop/README.md: -------------------------------------------------------------------------------- 1 | # rainloop 2 | 3 | ## initial setup 4 | 5 | goto: http://webmail.domain.com/?admin 6 | username: admin 7 | password: 12345 8 | 9 | ## docs 10 | 11 | https://www.rainloop.net/docs/configuration/ -------------------------------------------------------------------------------- /services/rainloop/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | rainloop: 4 | image: hardware/rainloop 5 | restart: unless-stopped 6 | volumes: 7 | - ./data:/rainloop/data 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.rainloop.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.rainloop.entrypoints: websecure 17 | traefik.http.services.rainloop.loadbalancer.server.port: 8888 18 | homepage.group: Media 19 | homepage.name: Rainloop 20 | homepage.icon: rainloop 21 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 22 | homepage.description: Email client 23 | 24 | networks: 25 | traefik: 26 | name: zone1 27 | external: true 28 | -------------------------------------------------------------------------------- /services/rancher/README.md: -------------------------------------------------------------------------------- 1 | # Rancher 2 | 3 | https://www.rancher.com/ 4 | https://docs.technotim.live/posts/docker-rancher-kubernetes/ -------------------------------------------------------------------------------- /services/rancher/docker-compose.yml: -------------------------------------------------------------------------------- 1 | # docker run -d --restart=unless-stopped -p 9090:80 -p 9091:443 --privileged -v /opt/rancher:/var/lib/rancher --name=rancher_docker_server rancher/rancher:latest 2 | 3 | version: "3.6" 4 | services: 5 | rancher: 6 | image: rancher/rancher:latest 7 | restart: unless-stopped 8 | volumes: 9 | - /opt/rancher:/var/lib/rancher 10 | security_opt: 11 | - no-new-privileges:true 12 | privileged: true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.rancher.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.rancher.entrypoints: websecure 20 | traefik.http.services.rancher.loadbalancer.server.port: 80 21 | homepage.group: Infrastructure 22 | homepage.name: Rancher 23 | homepage.icon: rancher 24 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.description: Kubernetes-Manager 26 | 27 | networks: 28 | traefik: 29 | name: zone1 30 | external: true 31 | -------------------------------------------------------------------------------- /services/readarr/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=readarr 4 | 5 | API_KEY= 6 | -------------------------------------------------------------------------------- /services/readarr/README.md: -------------------------------------------------------------------------------- 1 | # readarr 2 | 3 | https://readarr.com/ 4 | https://github.com/Readarr/Readarr 5 | https://github.com/linuxserver/docker-readarr 6 | -------------------------------------------------------------------------------- /services/readarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | readarr: 5 | image: lscr.io/linuxserver/readarr:develop 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | UMASK_SET: 022 10 | TZ: 11 | volumes: 12 | - ./data/config:/config 13 | - ./data/data:/data 14 | restart: always 15 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 16 | labels: 17 | homepage.group: Arr 18 | homepage.name: Readarr 19 | homepage.icon: readarr 20 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 21 | homepage.description: Books 22 | homepage.widget.type: readarr 23 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 24 | homepage.widget.key: ${API_KEY} 25 | -------------------------------------------------------------------------------- /services/registry/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=registry 4 | -------------------------------------------------------------------------------- /services/remark42/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=remark 3 | 4 | # https://remark42.com/docs/configuration/parameters/ 5 | REMARK_URL=https://${SUB_DOMAIN}.${SERVER_DOMAIN} 6 | SECRET= 7 | DEBUG=false 8 | AUTH_GOOGLE_CID= 9 | AUTH_GOOGLE_CSEC= 10 | AUTH_GITHUB_CID= 11 | AUTH_GITHUB_CSEC= 12 | AUTH_FACEBOOK_CID= 13 | AUTH_FACEBOOK_CSEC= 14 | AUTH_DISQUS_CID= 15 | AUTH_DISQUS_CSEC= 16 | 17 | # Enable it only for the initial comment import or for manual backups. 18 | # Do not leave the server running with the ADMIN_PASSWD set if you don't have an intention 19 | # to keep creating backups manually! 20 | ADMIN_PASSWD= -------------------------------------------------------------------------------- /services/remark42/README.md: -------------------------------------------------------------------------------- 1 | # remark42 2 | 3 | https://remark42.com/ 4 | https://github.com/umputun/remark42 -------------------------------------------------------------------------------- /services/remark42/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2" 2 | 3 | services: 4 | remark: 5 | image: umputun/remark42:latest 6 | hostname: "remark42" 7 | restart: always 8 | logging: 9 | driver: json-file 10 | options: 11 | max-size: "10m" 12 | max-file: "5" 13 | env_file: 14 | - .env 15 | volumes: 16 | - ./data:/srv/var 17 | security_opt: 18 | - no-new-privileges:true 19 | networks: 20 | - traefik 21 | labels: 22 | my.zone: zone1 23 | traefik.enable: true 24 | traefik.http.routers.remark.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 25 | traefik.http.routers.remark.entrypoints: websecure 26 | traefik.http.services.remark.loadbalancer.server.port: 8080 27 | homepage.group: Infrastructure 28 | homepage.name: remark42 29 | homepage.icon: reamrk 30 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 31 | homepage.description: Comments for static sites 32 | 33 | networks: 34 | traefik: 35 | name: zone1 36 | external: true 37 | -------------------------------------------------------------------------------- /services/requestrr/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=requestrr 3 | HOMEPAGE_GROUP=Arr 4 | HOMEPAGE_NAME=requestrr 5 | HOMEPAGE_ICON=requestrr 6 | HOMEPAGE_DESCRIPTION=Requestrr is a chatbot used to simplify using services like Sonarr/Radarr/Ombi via the use of chat. 7 | -------------------------------------------------------------------------------- /services/requestrr/README.md: -------------------------------------------------------------------------------- 1 | # requestrr 2 | 3 | https://github.com/darkalfx/requestrr 4 | -------------------------------------------------------------------------------- /services/requestrr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3" 3 | 4 | services: 5 | requestrr: 6 | image: darkalfx/requestrr 7 | volumes: 8 | - ./data:/root/config 9 | restart: unless-stopped 10 | security_opt: 11 | - no-new-privileges:true 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.requestrr.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.requestrr.entrypoints: websecure 17 | traefik.http.services.requestrr.loadbalancer.server.port: 4545 18 | homepage.group: ${HOMEPAGE_GROUP} 19 | homepage.name: ${HOMEPAGE_NAME} 20 | homepage.icon: ${HOMEPAGE_ICON} 21 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 22 | homepage.description: ${HOMEPAGE_DESCRIPTION} 23 | 24 | networks: 25 | default: 26 | name: zone1 27 | external: true 28 | -------------------------------------------------------------------------------- /services/rotki/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=rotki -------------------------------------------------------------------------------- /services/rotki/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.7' 2 | services: 3 | rotki: 4 | environment: 5 | - TZ=${TZ} 6 | image: rotki/rotki:latest 7 | volumes: 8 | - ./data/data:/data 9 | - ./data/logs:/logs 10 | restart: unless-stopped 11 | security_opt: 12 | - no-new-privileges:true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.rotki.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.rotki.entrypoints: websecure 20 | traefik.http.services.rotki.loadbalancer.server.port: 80 21 | 22 | networks: 23 | traefik: 24 | name: zone1 25 | external: true 26 | -------------------------------------------------------------------------------- /services/roundcube/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '2' 2 | 3 | services: 4 | roundcubemail: 5 | image: roundcube/roundcubemail:latest 6 | restart: unless-stopped 7 | volumes: 8 | - ./data/www:/var/www/html 9 | - ./data/db/sqlite:/var/roundcube/db 10 | environment: 11 | - ROUNDCUBEMAIL_DB_TYPE=sqlite 12 | - ROUNDCUBEMAIL_SKIN=elastic 13 | - ROUNDCUBEMAIL_DEFAULT_HOST=tls://${ROUNDCUBEMAIL_DEFAULT_HOST} # imap server 14 | - ROUNDCUBEMAIL_SMTP_SERVER=tls://${ROUNDCUBEMAIL_SMTP_SERVER} # smtp server 15 | security_opt: 16 | - no-new-privileges:true 17 | networks: 18 | - traefik 19 | labels: 20 | my.zone: zone1 21 | traefik.enable: true 22 | traefik.http.routers.roundcube.rule: Host(`roundcube.${SERVER_DOMAIN}`) 23 | traefik.http.routers.roundcube.entrypoints: websecure 24 | traefik.http.services.roundcube.loadbalancer.server.port: 80 25 | 26 | networks: 27 | traefik: 28 | name: zone1 29 | external: true 30 | -------------------------------------------------------------------------------- /services/sablier/docker-compose.yml: -------------------------------------------------------------------------------- 1 | # docker run -d --name nginx nginx 2 | # docker stop nginx 3 | # docker run -v /var/run/docker.sock:/var/run/docker.sock -p 10000:10000 ghcr.io/acouvreur/sablier:latest --swarmode=false 4 | # curl 'http://localhost:10000/?name=nginx&timeout=1m' 5 | 6 | version: "3" 7 | 8 | services: 9 | sablier: 10 | image: ghcr.io/acouvreur/sablier:latest 11 | restart: always 12 | volumes: 13 | - /var/run/docker.sock:/var/run/docker.sock 14 | ports: 15 | - 10000:10000 16 | command: 17 | - --swarmMode=false 18 | 19 | nginx: 20 | image: nginx 21 | ports: 22 | - 8088:80 -------------------------------------------------------------------------------- /services/sabnzbd/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=sabnzbd 3 | HOMEPAGE_GROUP=Arr 4 | HOMEPAGE_NAME=sabnzbd 5 | HOMEPAGE_ICON=sabnzbd 6 | HOMEPAGE_DESCRIPTION=The automated Usenet download tool 7 | -------------------------------------------------------------------------------- /services/sabnzbd/README.md: -------------------------------------------------------------------------------- 1 | # sabnzbd 2 | 3 | https://sabnzbd.org/ 4 | https://github.com/sabnzbd/sabnzbd 5 | https://hub.docker.com/r/linuxserver/sabnzbd 6 | 7 | ## setup 8 | 9 | Add your hostname (i.e. sabnzbd.example.com) to the field "host_whitelist" in the file ./data/config/sabnzbd.ini 10 | -------------------------------------------------------------------------------- /services/sabnzbd/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "2.1" 3 | services: 4 | sabnzbd: 5 | image: lscr.io/linuxserver/sabnzbd:latest 6 | environment: 7 | PUID: 8 | PGID: 9 | TZ: 10 | volumes: 11 | - ./data/config:/config 12 | - ./data/downloads:/downloads #optional 13 | - ./data/downloads:/incomplete-downloads #optional 14 | restart: unless-stopped 15 | security_opt: 16 | - no-new-privileges:true 17 | labels: 18 | homepage.group: ${HOMEPAGE_GROUP} 19 | homepage.name: ${HOMEPAGE_NAME} 20 | homepage.icon: ${HOMEPAGE_ICON} 21 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 22 | homepage.description: ${HOMEPAGE_DESCRIPTION} 23 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 24 | healthcheck: # https://github.com/qdm12/gluetun/issues/641#issuecomment-933856220 25 | test: "curl -sf https://example.com || exit 1" 26 | interval: 1m 27 | timeout: 10s 28 | retries: 1 29 | -------------------------------------------------------------------------------- /services/samba/.env.example: -------------------------------------------------------------------------------- 1 | USERNAME=user 2 | PASSWORD=password -------------------------------------------------------------------------------- /services/samba/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | 3 | services: 4 | samba: 5 | command: '-s "media;/media/media;yes;no;no" -p' 6 | environment: 7 | - "NMBD=True" 8 | - "RECYCLE=False" 9 | - "USER=${USERNAME};${PASSWORD}" 10 | hostname: homeserver 11 | image: dperson/samba 12 | network_mode: host 13 | restart: unless-stopped 14 | security_opt: 15 | - no-new-privileges:true 16 | ports: 17 | - "137:137/udp" 18 | - "138:138/udp" 19 | - "139:139/tcp" 20 | - "445:445/tcp" 21 | volumes: 22 | - "./data/media:/media/media" 23 | -------------------------------------------------------------------------------- /services/scrypted/README.md: -------------------------------------------------------------------------------- 1 | # scrypted 2 | 3 | https://hub.docker.com/r/koush/ 4 | https://www.scrypted.app/ 5 | https://github.com/koush/scrypted 6 | -------------------------------------------------------------------------------- /services/scrypted/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.5" 2 | services: 3 | scrypted: 4 | image: koush/scrypted 5 | restart: unless-stopped 6 | network_mode: host 7 | volumes: 8 | - ./data:/server/volume 9 | -------------------------------------------------------------------------------- /services/seafile/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=secret 4 | 5 | MYSQL_ROOT_PASSWORD=secret 6 | MYSQL_LOG_CONSOLE=true 7 | 8 | SEAFILE_ADMIN_EMAIL=example@example.com 9 | SEAFILE_ADMIN_PASSWORD=secret -------------------------------------------------------------------------------- /services/searxng/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=searxng 3 | 4 | # openssl rand -hex 32 5 | SEARXNG_SECRET=top-secret 6 | -------------------------------------------------------------------------------- /services/searxng/.gitignore: -------------------------------------------------------------------------------- 1 | settings.yml -------------------------------------------------------------------------------- /services/searxng/README.md: -------------------------------------------------------------------------------- 1 | # searxng 2 | 3 | https://docs.searxng.org/ 4 | https://github.com/searxng/searxng 5 | -------------------------------------------------------------------------------- /services/selfoss/README.md: -------------------------------------------------------------------------------- 1 | # selfoss 2 | 3 | https://github.com/fossar/selfoss 4 | https://selfoss.aditu.de/ 5 | https://hub.docker.com/r/rsprta/selfoss 6 | -------------------------------------------------------------------------------- /services/selfoss/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | selfoss: 5 | image: rsprta/selfoss 6 | restart: unless-stopped 7 | volumes: 8 | - ./data:/selfoss/data 9 | labels: 10 | my.zone: zone1 11 | traefik.enable: true 12 | traefik.http.routers.selfoss.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 13 | traefik.http.routers.selfoss.entrypoints: websecure 14 | traefik.http.services.selfoss.loadbalancer.server.port: 8888 15 | traefik.http.routers.selfoss.middlewares: authelia@docker 16 | homepage.group: Media 17 | homepage.name: selfoss 18 | homepage.icon: selfoss 19 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 20 | homepage.description: RSS reader 21 | 22 | networks: 23 | default: 24 | name: zone1 25 | external: true 26 | -------------------------------------------------------------------------------- /services/sftp/README.md: -------------------------------------------------------------------------------- 1 | # sftp 2 | 3 | https://hub.docker.com/r/atmoz/sftp 4 | -------------------------------------------------------------------------------- /services/sftp/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.6' 2 | services: 3 | sftp: 4 | image: atmoz/sftp 5 | volumes: 6 | - ./data:/home/admin/data 7 | ports: 8 | - ${PORT}:22 9 | command: ${COMMAND} -------------------------------------------------------------------------------- /services/shlink/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=shlink 4 | SUB_DOMAIN_UI=shlink-ui 5 | 6 | MARIADB_ROOT_PASSWORD=root-password 7 | DB_PASSWORD=password -------------------------------------------------------------------------------- /services/shlink/README.md: -------------------------------------------------------------------------------- 1 | # shlink 2 | 3 | https://shlink.io/ 4 | 5 | ## Setup 6 | 7 | Generate API key for setup in the UI. 8 | 9 | ``` shell 10 | docker compose exec shlink shlink api-key:generate 11 | ``` -------------------------------------------------------------------------------- /services/snapdrop/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=snapdrop 4 | -------------------------------------------------------------------------------- /services/snapdrop/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | snapdrop: 4 | image: lscr.io/linuxserver/snapdrop 5 | environment: 6 | - PUID=1000 7 | - PGID=1000 8 | - TZ=${TZ} 9 | restart: unless-stopped 10 | security_opt: 11 | - no-new-privileges:true 12 | networks: 13 | - traefik 14 | labels: 15 | my.zone: zone1 16 | traefik.enable: true 17 | traefik.http.routers.snapdrop.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 18 | traefik.http.routers.snapdrop.entrypoints: websecure 19 | 20 | networks: 21 | traefik: 22 | name: zone1 23 | external: true 24 | -------------------------------------------------------------------------------- /services/snipe-it/docker-compose.yml: -------------------------------------------------------------------------------- 1 | TODO 2 | version: '3' 3 | 4 | services: 5 | db: 6 | image: mariadb:10 7 | command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci 8 | environment: 9 | MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} 10 | MYSQL_USER: snipeit 11 | MYSQL_PASSWORD: ${MYSQL_PASSWORD} 12 | MYSQL_DATABASE: snipeit 13 | volumes: 14 | - ./data/db:/var/lib/mysql 15 | restart: unless-stopped 16 | security_opt: 17 | - no-new-privileges:true 18 | networks: 19 | - traefik 20 | 21 | snipeit: 22 | image: snipe/snipe-it 23 | restart: unless-stopped 24 | security_opt: 25 | - no-new-privileges:true 26 | networks: 27 | - traefik 28 | labels: 29 | my.zone: zone1 30 | traefik.enable: true 31 | traefik.http.routers.snipeit.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 32 | traefik.http.routers.snipeit.entrypoints: websecure 33 | traefik.http.services.snipeit.loadbalancer.server.port: 80 34 | homepage.group: Media 35 | homepage.name: Snipe-it 36 | homepage.icon: snipe-it 37 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 38 | homepage.description: Asset Management 39 | 40 | networks: 41 | traefik: 42 | name: zone1 43 | external: true 44 | -------------------------------------------------------------------------------- /services/snowflake/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.8" 2 | 3 | services: 4 | snowflake-proxy: 5 | network_mode: host 6 | image: thetorproject/snowflake-proxy:latest 7 | restart: unless-stopped -------------------------------------------------------------------------------- /services/sonarr/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=sonarr 4 | 5 | API_KEY= 6 | -------------------------------------------------------------------------------- /services/sonarr/README.md: -------------------------------------------------------------------------------- 1 | # sonarr 2 | 3 | https://sonarr.tv/ 4 | https://github.com/Sonarr/Sonarr 5 | https://docs.linuxserver.io/images/docker-sonarr 6 | -------------------------------------------------------------------------------- /services/sonarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | sonarr: 5 | image: lscr.io/linuxserver/sonarr 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | TZ: 10 | volumes: 11 | - ./data/config:/config 12 | - ./data/data:/data 13 | restart: always 14 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 15 | security_opt: 16 | - no-new-privileges:true 17 | labels: 18 | homepage.group: Arr 19 | homepage.name: Sonarr 20 | homepage.icon: sonarr 21 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 22 | homepage.description: Series 23 | homepage.widget.type: sonarr 24 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.widget.key: ${API_KEY} 26 | healthcheck: # https://github.com/qdm12/gluetun/issues/641#issuecomment-933856220 27 | test: "curl -sf https://example.com || exit 1" 28 | interval: 1m 29 | timeout: 10s 30 | retries: 1 31 | -------------------------------------------------------------------------------- /services/speedtest-tracker/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=speedtest-tracker 4 | -------------------------------------------------------------------------------- /services/speedtest-tracker/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.3" 2 | services: 3 | speedtest: 4 | image: henrywhitaker3/speedtest-tracker 5 | ports: 6 | - 8765:80 7 | volumes: 8 | - ./data:/config 9 | environment: 10 | - TZ= 11 | - PGID=1000 12 | - PUID=1000 13 | - OOKLA_EULA_GDPR=true 14 | logging: 15 | driver: "json-file" 16 | options: 17 | max-file: "10" 18 | max-size: "200k" 19 | restart: unless-stopped 20 | security_opt: 21 | - no-new-privileges:true 22 | networks: 23 | - traefik 24 | labels: 25 | my.zone: zone1 26 | traefik.enable: true 27 | traefik.http.routers.speedtest-tracker.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 28 | traefik.http.routers.speedtest-tracker.entrypoints: websecure 29 | homepage.group: Infrastructure 30 | homepage.name: Speedtest-tracker 31 | homepage.icon: speedtest-tracker 32 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 33 | homepage.description: Speedtest-tracker 34 | homepage.widget.type: speedtest 35 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN}/ 36 | 37 | networks: 38 | traefik: 39 | name: zone1 40 | external: true 41 | -------------------------------------------------------------------------------- /services/stinger/README.md: -------------------------------------------------------------------------------- 1 | # Stinger 2 | 3 | https://github.com/stringer-rss/stringer 4 | https://hub.docker.com/r/stringerrss/stringer 5 | -------------------------------------------------------------------------------- /services/superset/.gitignore: -------------------------------------------------------------------------------- 1 | superset_config.py 2 | -------------------------------------------------------------------------------- /services/superset/README.md: -------------------------------------------------------------------------------- 1 | # superset 2 | 3 | https://superset.apache.org/ 4 | https://github.com/apache/superset 5 | https://hub.docker.com/r/apache/superset 6 | 7 | ## setup 8 | 9 | ``` bash 10 | docker compose exec superset superset db upgrade 11 | docker compose exec superset superset fab create-admin --username root --firstname Firstname --lastname Lastname --password root --email superset@example.com 12 | docker compose exec superset superset init 13 | ``` 14 | -------------------------------------------------------------------------------- /services/superset/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | superset: 5 | image: apache/superset 6 | restart: unless-stopped 7 | volumes: 8 | - ./superset_config.py:/app/pythonpath/superset_config.py 9 | security_opt: 10 | - no-new-privileges:true 11 | labels: 12 | my.zone: zone1 13 | traefik.enable: true 14 | traefik.http.routers.funnyservice.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 15 | traefik.http.routers.funnyservice.entrypoints: websecure 16 | traefik.http.services.funnyservice.loadbalancer.server.port: ${SERVICE_PORT} 17 | homepage.group: ${HOMEPAGE_GROUP} 18 | homepage.name: ${HOMEPAGE_NAME} 19 | homepage.icon: ${HOMEPAGE_ICON} 20 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 21 | homepage.description: ${HOMEPAGE_DESCRIPTION} 22 | 23 | db: 24 | image: mariadb 25 | environment: 26 | MARIADB_ROOT_PASSWORD: 27 | MARIADB_DATABASE: superset 28 | volumes: 29 | - ./data/db:/var/lib/mysql 30 | restart: unless-stopped 31 | security_opt: 32 | - no-new-privileges:true 33 | 34 | networks: 35 | default: 36 | name: zone1 37 | external: true 38 | -------------------------------------------------------------------------------- /services/superset/superset_config copy.example.py: -------------------------------------------------------------------------------- 1 | ENABLE_PROXY_FIX = True 2 | 3 | # openssl rand -base64 42 4 | SECRET_KEY = 'zbeLjToOiMkz09qNonioiLs+MspZpPoJlt+Xp5UV5yWafhNX9jzcnDVs' 5 | 6 | SQLALCHEMY_DATABASE_URI = 'mysql://password:username@db/superset_metadata' 7 | 8 | # Die Datenbank für die Beispieldaten muss 'main' heißen. Die wird aber nur gebraucht wenn auch Beispieldaten gewünscht sind. 9 | SQLALCHEMY_EXAMPLES_URI = 'mysql://password:username@db/main' 10 | 11 | LANGUAGES = { 12 | 'en': {'flag': 'us', 'name': 'English'}, 13 | 'de': {'flag': 'de', 'name': 'Deutsch'}, 14 | } 15 | 16 | FEATURE_FLAGS = { 17 | 'EMBEDDABLE_CHARTS': True, 18 | 'EMBEDDED_SUPERSET': True, 19 | 'THUMBNAILS': True, 20 | 'ENABLE_TEMPLATE_PROCESSING': True, 21 | } 22 | -------------------------------------------------------------------------------- /services/syncthing/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=syncthing -------------------------------------------------------------------------------- /services/syncthing/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | syncthing: 4 | image: ghcr.io/linuxserver/syncthing 5 | hostname: syncthing 6 | environment: 7 | - PUID=1000 8 | - PGID=1000 9 | - TZ=${TZ} 10 | volumes: 11 | - ./data/appdata/config:/config 12 | - ./data/data:/data 13 | ports: 14 | - 22000:22000 15 | - 21027:21027/udp 16 | restart: unless-stopped 17 | security_opt: 18 | - no-new-privileges:true 19 | networks: 20 | - traefik 21 | labels: 22 | my.zone: zone1 23 | traefik.enable: true 24 | traefik.http.routers.syncthing.rule: Host(`syncthing.${SERVER_DOMAIN}`) 25 | traefik.http.routers.syncthing.entrypoints: websecure 26 | traefik.http.services.syncthing.loadbalancer.server.port: 8384 27 | homepage.group: Infrastructure 28 | homepage.name: Syncthing 29 | homepage.icon: syncthing 30 | homepage.href: https://syncthing.${SERVER_DOMAIN} 31 | homepage.description: File syncing 32 | 33 | networks: 34 | traefik: 35 | name: zone1 36 | external: true 37 | -------------------------------------------------------------------------------- /services/tailscale/README.md: -------------------------------------------------------------------------------- 1 | # tailscale 2 | https://tailscale.com/ 3 | https://docs.ibracorp.io/tailscale/tailscale/docker-compose 4 | 5 | ## setup 6 | 7 | echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf 8 | echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf 9 | sudo sysctl -p /etc/sysctl.conf 10 | docker compose up -d 11 | docker exec tailscale tailscale login 12 | docker exec tailscale tailscale up --advertise-routes=192.168.31.0/24 -------------------------------------------------------------------------------- /services/tailscale/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2.4" 2 | services: 3 | tailscale: 4 | privileged: true 5 | hostname: tailscale-homeserver 6 | network_mode: "host" 7 | image: tailscale/tailscale:latest 8 | volumes: 9 | - "/opt/appdata/tailscale/var_lib:/var/lib" 10 | - "/dev/net/tun:/dev/net/tun" 11 | cap_add: 12 | - net_admin 13 | - sys_module 14 | restart: unless-stopped 15 | environment: 16 | TS_AUTH_KEY: 17 | TS_ROUTES: 18 | -------------------------------------------------------------------------------- /services/tfviewer/README.md: -------------------------------------------------------------------------------- 1 | # tf-viewer 2 | https://github.com/danielalvsaaker/tf-viewer -------------------------------------------------------------------------------- /services/tfviewer/docker-compose.yml: -------------------------------------------------------------------------------- 1 | # docker run -d -e TZ= -v :/data -p 8080:8080 danielalvsaaker/tf-viewer 2 | version: "3.6" 3 | services: 4 | tfviewer: 5 | image: danielalvsaaker/tf-viewer 6 | environment: 7 | - TZ=${TZ} 8 | volumes: 9 | - ./data:/data 10 | restart: unless-stopped 11 | security_opt: 12 | - no-new-privileges:true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.tfviewer.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.tfviewer.entrypoints: websecure 20 | traefik.http.services.tfviewer.loadbalancer.server.port: 8080 21 | homepage.group: Media 22 | homepage.name: tfviewer 23 | homepage.icon: tfviewer 24 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.description: tf-viewer 26 | 27 | networks: 28 | traefik: 29 | name: zone1 30 | external: true 31 | -------------------------------------------------------------------------------- /services/theme-park/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=theme-park 4 | PUID=1000 5 | PGID=1000 6 | -------------------------------------------------------------------------------- /services/theme-park/README.md: -------------------------------------------------------------------------------- 1 | # theme-park 2 | 3 | https://github.com/themepark-dev/theme.park 4 | https://theme-park.dev/ 5 | 6 | You can customize various apps with thems by using a traefik-plugin https://docs.theme-park.dev/setup/#traefik 7 | -------------------------------------------------------------------------------- /services/theme-park/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2.1" 2 | services: 3 | theme-park: 4 | image: ghcr.io/themepark-dev/theme.park 5 | environment: 6 | PUID: 7 | PGID: 8 | TZ: 9 | volumes: 10 | - ./data:/config 11 | restart: unless-stopped 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.theme-park.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.theme-park.entrypoints: websecure 17 | traefik.http.services.theme-park.loadbalancer.server.port: 80 18 | 19 | networks: 20 | default: 21 | name: zone1 22 | external: true 23 | -------------------------------------------------------------------------------- /services/tor-hidden-service/.env.example: -------------------------------------------------------------------------------- 1 | NPM_TOR_SERVICE_KEY= 2 | -------------------------------------------------------------------------------- /services/tor-hidden-service/docker-compose.yaml: -------------------------------------------------------------------------------- 1 | services: 2 | tor: 3 | image: goldy/tor-hidden-service 4 | links: 5 | - npm 6 | container_name: tor 7 | restart: unless-stopped 8 | environment: 9 | NPM_TOR_SERVICE_HOSTS: 80:npm:80 10 | NPM_TOR_SERVICE_VERSION: '3' 11 | NPM_TOR_SERVICE_KEY: 12 | 13 | npm: 14 | image: jc21/nginx-proxy-manager 15 | container_name: npm 16 | restart: unless-stopped 17 | ports: 18 | - 127.0.0.1:82:81 19 | - 100.107.87.40:82:81 20 | volumes: 21 | - ./data:/data 22 | - ./letsencrypt:/etc/letsencrypt 23 | 24 | blog: 25 | image: ghcr.io/simonhaas/blog:main 26 | container_name: blog 27 | restart: unless-stopped 28 | 29 | nginx: 30 | image: nginx 31 | container_name: nginx 32 | restart: unless-stopped 33 | configs: 34 | - source: nginx 35 | target: /usr/share/nginx/html/index.html 36 | 37 | configs: 38 | nginx: 39 | content: | 40 | 41 | 42 | simonhaas 43 | 44 | 45 | Blog 46 | 47 | 48 | -------------------------------------------------------------------------------- /services/torproxy/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.8" 2 | 3 | services: 4 | torproxy: 5 | image: dperson/torproxy 6 | restart: unless-stopped 7 | ports: 8 | - 8118:8118 # http proxy 9 | - 9050:9050 # socks proxy 10 | security_opt: 11 | - no-new-privileges:true 12 | -------------------------------------------------------------------------------- /services/traefik-hub/.env.example: -------------------------------------------------------------------------------- 1 | AGENT_TOKEN=1234 2 | -------------------------------------------------------------------------------- /services/traefik-hub/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | hub-agent: 5 | image: ghcr.io/traefik/hub-agent-traefik:v1.0.0 6 | pull_policy: always 7 | restart: "on-failure" 8 | command: 9 | - run 10 | - --hub.token=${AGENT_TOKEN} 11 | - --auth-server.advertise-url=http://hub-agent 12 | - --traefik.host=traefik 13 | - --traefik.tls.insecure=true 14 | volumes: 15 | - /var/run/docker.sock:/var/run/docker.sock 16 | depends_on: 17 | - traefik 18 | networks: 19 | - traefik-hub 20 | 21 | traefik: 22 | image: traefik:v2.8 23 | command: 24 | # Enable Hub communication (open the port 9900 and 9901 by default) 25 | - --experimental.hub=true 26 | - --hub.tls.insecure=true 27 | - --metrics.prometheus.addrouterslabels=true 28 | networks: 29 | - traefik-hub 30 | 31 | networks: 32 | traefik-hub: 33 | name: zone2 -------------------------------------------------------------------------------- /services/traefik/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=traefik 4 | HOMEPAGE_USERNAME=admin 5 | HOMEPAGE_PASSWORD=password 6 | GITLAB_PAGES_SUB_DOMAIN=gitlab-pages 7 | 8 | IP_RESTRICTION=0.0.0.0: 9 | 10 | UID=1000 11 | GID=1000 12 | 13 | ACME_EMAIL=test@example.com 14 | 15 | # DNS_CHALLENGE_PROVIDER=digitalocean 16 | # Get your DO_AUTH_TOKEN here: https://cloud.digitalocean.com/account/api/tokens 17 | # DO_AUTH_TOKEN=1234 18 | 19 | DNS_CHALLENGE_PROVIDER=cloudflare 20 | CLOUDFLARE_EMAIL=me@example.com 21 | # Create a CLOUDFLARE_DNS_API_TOKEN here: https://dash.cloudflare.com/profile/api-tokens It has to have the permission to edit DNS zones. 22 | CLOUDFLARE_DNS_API_TOKEN=1234 23 | 24 | # sudo apt install apache2-utils 25 | # echo $(htpasswd -nb username password) | sed -e s/\\$/\\$\\$/g 26 | BASIC_AUTH= 27 | 28 | AUTHELIA_SUB_DOMAIN=authelia 29 | WHOAMI_SUB_DOMAIN=whoami 30 | WHOAMI_AUTH_SUB_DOMAIN=whoami-auth 31 | -------------------------------------------------------------------------------- /services/traefik/README.md: -------------------------------------------------------------------------------- 1 | # traefik 2 | 3 | https://traefik.io/traefik/ 4 | https://github.com/traefik/traefik 5 | 6 | https://www.authelia.com/ 7 | https://github.com/authelia/authelia 8 | -------------------------------------------------------------------------------- /services/traefik/authelia/.gitignore: -------------------------------------------------------------------------------- 1 | configuration.yml 2 | users_database.yml 3 | notification.txt 4 | db.sqlite3 -------------------------------------------------------------------------------- /services/traefik/authelia/configuration.yml.example: -------------------------------------------------------------------------------- 1 | --- 2 | server: 3 | host: 0.0.0.0 4 | port: 9091 5 | log: 6 | level: debug 7 | theme: dark 8 | jwt_secret: abc123 9 | default_redirection_url: https://authelia.example.com 10 | totp: 11 | issuer: authelia.com 12 | 13 | authentication_backend: 14 | file: 15 | path: /config/users_database.yml 16 | password: 17 | algorithm: argon2id 18 | iterations: 1 19 | salt_length: 16 20 | parallelism: 8 21 | memory: 64 22 | 23 | access_control: 24 | default_policy: one_factor 25 | 26 | session: 27 | name: authelia_session # make this unique if you are running multiple authelia-instances on one domain 28 | secret: abc123 29 | expiration: 3600 30 | inactivity: 300 31 | domain: example.com # this has to be the root domain 32 | 33 | regulation: 34 | max_retries: 3 35 | find_time: 120 36 | ban_time: 300 37 | 38 | storage: 39 | encryption_key: abc123 40 | local: 41 | path: /config/db.sqlite3 42 | 43 | notifier: 44 | filesystem: 45 | filename: /config/notification.txt 46 | ... -------------------------------------------------------------------------------- /services/traefik/authelia/users_database.yml.example: -------------------------------------------------------------------------------- 1 | --- 2 | ############################################################### 3 | # Users Database # 4 | ############################################################### 5 | 6 | # This file can be used if you do not have an LDAP set up. 7 | 8 | # List of users 9 | users: 10 | username: 11 | displayname: "Your Name" 12 | # Password is Authelia 13 | # docker run authelia/authelia:latest authelia hash-password 'yourpassword' 14 | password: "$argon2id$v=19$m=65536,t=1,p=8$cUI4a0E3L1laYnRDUXl3Lw$ZsdsrdadaoVIaVj8NltA8x4qVOzT+/r5GF62/bT8OuAs" 15 | email: you@example.com 16 | groups: 17 | - admins 18 | - dev 19 | ... -------------------------------------------------------------------------------- /services/traefik/hook.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | chown -R 1000:1000 /data/certs -------------------------------------------------------------------------------- /services/traggo/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=traggo 3 | 4 | TRAGGO_DEFAULT_USER_NAME=username 5 | TRAGGO_DEFAULT_USER_PASS=password -------------------------------------------------------------------------------- /services/traggo/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | traggo: 4 | image: traggo/server:latest 5 | environment: 6 | TRAGGO_DEFAULT_USER_NAME: ${TRAGGO_DEFAULT_USER_NAME} 7 | TRAGGO_DEFAULT_USER_PASS: ${TRAGGO_DEFAULT_USER_PASS} 8 | volumes: 9 | - ./data:/opt/traggo/data 10 | restart: unless-stopped 11 | security_opt: 12 | - no-new-privileges:true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.traggo.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.traggo.entrypoints: websecure 20 | traefik.http.services.traggo.loadbalancer.server.port: 3030 21 | 22 | networks: 23 | traefik: 24 | name: zone1 25 | external: true 26 | -------------------------------------------------------------------------------- /services/transmission/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=transmission 4 | 5 | USER= 6 | PASS= 7 | -------------------------------------------------------------------------------- /services/transmission/README.md: -------------------------------------------------------------------------------- 1 | # transmission 2 | 3 | https://transmissionbt.com/ 4 | https://github.com/transmission/transmission 5 | https://docs.linuxserver.io/images/docker-transmission 6 | -------------------------------------------------------------------------------- /services/transmission/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2" 2 | 3 | services: 4 | transmission: 5 | image: lscr.io/linuxserver/transmission:latest 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | UMASK_SET: 022 10 | TZ: 11 | USER: 12 | PASS: 13 | volumes: 14 | - ./data/config:/config 15 | - ./data/downloads:/downloads 16 | restart: always 17 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 18 | labels: 19 | homepage.group: Arr 20 | homepage.name: Transmission 21 | homepage.icon: transmission 22 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 23 | homepage.description: Torrent downloader 24 | homepage.widget.type: transmission 25 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 26 | homepage.widget.username: ${USER} 27 | homepage.widget.password: ${PASS} 28 | healthcheck: # https://github.com/qdm12/gluetun/issues/641#issuecomment-933856220 29 | test: "curl -sf https://example.com || exit 1" 30 | interval: 1m 31 | timeout: 10s 32 | retries: 1 33 | -------------------------------------------------------------------------------- /services/trillium/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=trillium -------------------------------------------------------------------------------- /services/trillium/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '2.1' 2 | services: 3 | trilium: 4 | image: zadam/trilium 5 | restart: always 6 | environment: 7 | - TRILIUM_DATA_DIR=/home/node/trilium-data 8 | ports: 9 | - "8080:8080" 10 | volumes: 11 | - ./data:/home/node/trilium-data 12 | security_opt: 13 | - no-new-privileges:true 14 | networks: 15 | - traefik 16 | labels: 17 | my.zone: zone1 18 | traefik.enable: true 19 | traefik.http.routers.trilium.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 20 | traefik.http.routers.trilium.entrypoints: websecure 21 | traefik.http.services.trilium.loadbalancer.server.port: 8080 22 | 23 | networks: 24 | traefik: 25 | name: zone1 26 | external: true 27 | -------------------------------------------------------------------------------- /services/tubearchivist/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=tubearchivist 4 | 5 | TA_USERNAME=username 6 | TA_PASSWORD=password 7 | ELASTIC_PASSWORD=password2 -------------------------------------------------------------------------------- /services/umami/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=umami 3 | 4 | HASH_SALT=12345 5 | POSTGRES_DB=umami 6 | POSTGRES_USER=user 7 | POSTGRES_PASSWORD=password -------------------------------------------------------------------------------- /services/umami/README.md: -------------------------------------------------------------------------------- 1 | # umami 2 | 3 | https://github.com/umami-software/umami 4 | https://umami.is/ 5 | 6 | ## login 7 | username: admin 8 | password: umami 9 | -------------------------------------------------------------------------------- /services/unmanic/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=unmanic 3 | HOMEPAGE_GROUP=Infrastructure 4 | HOMEPAGE_NAME=unmanic 5 | HOMEPAGE_ICON=unmanic 6 | HOMEPAGE_DESCRIPTION=Library Optimiser 7 | PGID=1000 8 | PUID=1000 9 | -------------------------------------------------------------------------------- /services/unmanic/README.md: -------------------------------------------------------------------------------- 1 | # unmanic 2 | 3 | https://github.com/Unmanic/unmanic 4 | https://docs.unmanic.app/ 5 | -------------------------------------------------------------------------------- /services/unmanic/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: '3' 3 | services: 4 | unmanic: 5 | image: josh5/unmanic:latest 6 | environment: 7 | PUID: 8 | PGID: 9 | volumes: 10 | - ./data/config:/config 11 | - ./data/library:/library 12 | - ./data/tmp:/tmp/unmanic 13 | restart: unless-stopped 14 | security_opt: 15 | - no-new-privileges:true 16 | labels: 17 | my.zone: zone1 18 | traefik.enable: true 19 | traefik.http.routers.unmanic.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 20 | traefik.http.routers.unmanic.entrypoints: websecure 21 | traefik.http.services.unmanic.loadbalancer.server.port: 8888 22 | homepage.group: ${HOMEPAGE_GROUP} 23 | homepage.name: ${HOMEPAGE_NAME} 24 | homepage.icon: ${HOMEPAGE_ICON} 25 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 26 | homepage.description: ${HOMEPAGE_DESCRIPTION} 27 | 28 | networks: 29 | default: 30 | name: zone1 31 | external: true 32 | -------------------------------------------------------------------------------- /services/upsnap/README.md: -------------------------------------------------------------------------------- 1 | # UpSnap 2 | 3 | https://github.com/seriousm4x/UpSnap 4 | 5 | You can start the service 'nginx-proxy-manager' and configure via its WebUI a 'Proxy Host' to redirect 'upsnap.example.com' to :8090 to access upsnap via a domain. -------------------------------------------------------------------------------- /services/upsnap/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | upsnap: 4 | image: ghcr.io/seriousm4x/upsnap:3 5 | restart: unless-stopped 6 | volumes: 7 | - ./data:/app/pb_data 8 | # environment: 9 | # - TZ=Europe/Berlin # Set container timezone for cron schedules 10 | # - UPSNAP_INTERVAL=@every 10s # Sets the interval in which the devices are pinged 11 | # - UPSNAP_SCAN_RANGE=192.168.1.0/24 # Scan range is used for device discovery on local network 12 | # - UPSNAP_WEBSITE_TITLE=Custom name # Custom website title 13 | # you can change the listen ip:port inside the container like this: 14 | # entrypoint: /bin/sh -c "./upsnap serve --http 0.0.0.0:5000" 15 | # healthcheck: 16 | # test: curl -fs "http://localhost:5000/api/health" || exit 1 17 | # interval: 10s 18 | # # or install custom packages for shutdown 19 | # entrypoint: /bin/sh -c "apk update && apk add --no-cache && rm -rf /var/cache/apk/* && ./upsnap serve --http 0.0.0.0:8090" 20 | security_opt: 21 | - no-new-privileges:true 22 | network_mode: host 23 | -------------------------------------------------------------------------------- /services/uptimekuma/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=uptimekuma -------------------------------------------------------------------------------- /services/uptimekuma/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | uptimekuma: 4 | image: louislam/uptime-kuma:latest 5 | volumes: 6 | - ./data:/app/data 7 | - /var/run/docker.sock:/var/run/docker.sock 8 | restart: unless-stopped 9 | security_opt: 10 | - no-new-privileges:true 11 | networks: 12 | - traefik 13 | ports: 14 | - 3001:3001 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.uptimekuma.rule: Host(`uptimekuma.${SERVER_DOMAIN}`) 19 | traefik.http.routers.uptimekuma.entrypoints: websecure 20 | traefik.http.services.uptimekuma.loadbalancer.server.port: 3001 21 | homepage.group: Infrastructure 22 | homepage.name: Uptimekuma 23 | homepage.icon: uptime-kuma 24 | homepage.href: https://uptimekuma.${SERVER_DOMAIN} 25 | homepage.description: Monitoring tool 26 | homepage.widget.type: uptimekuma 27 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 28 | homepage.widget.slug: zeugs 29 | 30 | networks: 31 | traefik: 32 | name: zone1 33 | external: true 34 | -------------------------------------------------------------------------------- /services/urbit/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=urbit 3 | HOMEPAGE_GROUP=Media 4 | HOMEPAGE_NAME=urbit 5 | HOMEPAGE_ICON=urbit 6 | HOMEPAGE_DESCRIPTION=A clean-slate OS and network for the 21st century. 7 | -------------------------------------------------------------------------------- /services/urbit/README.md: -------------------------------------------------------------------------------- 1 | # urbit 2 | 3 | https://urbit.org/ 4 | https://hub.docker.com/r/tloncorp/vere 5 | https://github.com/urbit/urbit 6 | -------------------------------------------------------------------------------- /services/urbit/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "3" 3 | 4 | services: 5 | urbit: 6 | image: tloncorp/vere 7 | ports: 8 | - 34343:34343/udp 9 | volumes: 10 | - ./data:/urbit 11 | restart: unless-stopped 12 | security_opt: 13 | - no-new-privileges:true 14 | labels: 15 | my.zone: zone1 16 | traefik.enable: true 17 | traefik.http.routers.urbit.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 18 | traefik.http.routers.urbit.entrypoints: websecure 19 | traefik.http.services.urbit.loadbalancer.server.port: 80 20 | homepage.group: ${HOMEPAGE_GROUP} 21 | homepage.name: ${HOMEPAGE_NAME} 22 | homepage.icon: ${HOMEPAGE_ICON} 23 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 24 | homepage.description: ${HOMEPAGE_DESCRIPTION} 25 | 26 | networks: 27 | default: 28 | name: zone1 29 | external: true 30 | -------------------------------------------------------------------------------- /services/vpnchecker/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=vpnchecker-nonvpn 3 | -------------------------------------------------------------------------------- /services/vpnchecker/README.md: -------------------------------------------------------------------------------- 1 | # vpnchecker 2 | 3 | -------------------------------------------------------------------------------- /services/vpnchecker/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | vpncheckerVpn: 5 | image: ghcr.io/simonhaas/docker-vpn-checker:main 6 | restart: always 7 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 8 | 9 | vpncheckerNonvpn: 10 | image: ghcr.io/simonhaas/docker-vpn-checker:main 11 | restart: always 12 | networks: 13 | - traefik 14 | depends_on: 15 | - vpncheckerVpn 16 | labels: 17 | my.zone: zone1 18 | traefik.enable: true 19 | traefik.http.routers.vpncheckerNonvpn.rule: Host(`vpnchecker-nonvpn.${SERVER_DOMAIN}`) 20 | traefik.http.routers.vpncheckerNonvpn.entrypoints: websecure 21 | traefik.http.services.vpncheckerNonvpn.loadbalancer.server.port: 80 22 | 23 | networks: 24 | traefik: 25 | name: zone1 26 | external: true 27 | -------------------------------------------------------------------------------- /services/watchtower/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=watchtower 3 | HOMEPAGE_GROUP=Infrastructure 4 | HOMEPAGE_NAME=watchtower 5 | HOMEPAGE_ICON=watchtower 6 | HOMEPAGE_DESCRIPTION=monitor docker containers for updates 7 | API_KEY= 8 | 9 | WATCHTOWER_SCHEDULE="0 0 4 * * *" 10 | WATCHTOWER_HTTP_API_METRICS=true 11 | WATCHTOWER_NOTIFICATIONS= 12 | WATCHTOWER_NOTIFICATION_EMAIL_FROM= 13 | WATCHTOWER_NOTIFICATION_EMAIL_TO= 14 | WATCHTOWER_NOTIFICATION_EMAIL_SERVER= 15 | WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT= 16 | WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER= 17 | WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD= 18 | -------------------------------------------------------------------------------- /services/watchtower/README.md: -------------------------------------------------------------------------------- 1 | # watchtower 2 | 3 | https://hub.docker.com/r/containrrr/watchtower 4 | https://containrrr.dev/watchtower/ -------------------------------------------------------------------------------- /services/watchyourlan/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | IFACE=eth0 3 | -------------------------------------------------------------------------------- /services/watchyourlan/README.md: -------------------------------------------------------------------------------- 1 | # watchyourlan 2 | 3 | https://github.com/aceberg/WatchYourLAN 4 | https://hub.docker.com/r/aceberg/watchyourlan 5 | 6 | Generate a string for notifications: 7 | https://containrrr.dev/shoutrrr/v0.5/services/overview/ 8 | 9 | ```shell 10 | docker run --rm -it containrrr/shoutrrr generate smtp 11 | ``` 12 | -------------------------------------------------------------------------------- /services/watchyourlan/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | services: 3 | watchyourlan: 4 | image: aceberg/watchyourlan 5 | network_mode: "host" 6 | restart: unless-stopped 7 | volumes: 8 | - ./data:/data 9 | environment: 10 | TZ: 11 | IFACE: 12 | DBPATH: "/data/db.sqlite" 13 | GUIIP: "0.0.0.0" 14 | GUIPORT: "8840" 15 | TIMEOUT: "120" 16 | SHOUTRRR_URL: "" 17 | THEME: "darkly" 18 | security_opt: 19 | - no-new-privileges:true 20 | # I use nginx-proxy-manager for this service, not traefik. You can find nginx-proxy-manager also in this repository. 21 | -------------------------------------------------------------------------------- /services/webmap/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=webmap -------------------------------------------------------------------------------- /services/webmap/.gitignore: -------------------------------------------------------------------------------- 1 | !data -------------------------------------------------------------------------------- /services/webmap/README.md: -------------------------------------------------------------------------------- 1 | # WebMap 2 | 3 | https://github.com/SabyasachiRana/WebMap 4 | 5 | docker exec -ti webmap-webmap-1 /root/token 6 | 7 | sudo apt install nmap -y 8 | -------------------------------------------------------------------------------- /services/webmap/data/.gitignore: -------------------------------------------------------------------------------- 1 | myscan.xml -------------------------------------------------------------------------------- /services/webmap/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | webmap: 4 | image: "reborntc/webmap" 5 | volumes: 6 | - ./data:/opt/xml 7 | restart: unless-stopped 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.webmap.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.webmap.entrypoints: websecure 17 | traefik.http.services.webmap.loadbalancer.server.port: 8000 18 | homepage.group: Infrastructure 19 | homepage.name: WebMap 20 | homepage.icon: webmap 21 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 22 | homepage.description: A Web Dashbord for Nmap XML Report 23 | 24 | networks: 25 | traefik: 26 | name: zone1 27 | external: true 28 | -------------------------------------------------------------------------------- /services/webnut/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=webnut 4 | 5 | UPS_HOST=192.168.1.2 6 | UPS_PORT=3493 7 | UPS_USER=admin 8 | UPS_PASSWORD=secret -------------------------------------------------------------------------------- /services/webnut/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | webnut: 4 | image: teknologist/webnut 5 | environment: 6 | - UPS_HOST=${UPS_HOST} 7 | - UPS_PORT=${UPS_PORT} 8 | - UPS_USER=${UPS_USER} 9 | - UPS_PASSWORD=${UPS_PASSWORD} 10 | restart: unless-stopped 11 | security_opt: 12 | - no-new-privileges:true 13 | networks: 14 | - traefik 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.webnut.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.webnut.entrypoints: websecure 20 | traefik.http.services.webnut.loadbalancer.server.port: 6543 21 | homepage.group: Infrastructure 22 | homepage.name: Webnut 23 | homepage.icon: webnut 24 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.description: Webnut 26 | 27 | networks: 28 | traefik: 29 | name: zone1 30 | external: true 31 | -------------------------------------------------------------------------------- /services/webtop/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=webtop 4 | 5 | RAM=2 -------------------------------------------------------------------------------- /services/webtop/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | webtop: 4 | image: ghcr.io/linuxserver/webtop:ubuntu-mate #choose your flavor 5 | #privileged: true #optional but not needed unless you are running kde or i3 or other tools 6 | environment: 7 | - PUID=1000 8 | - PGID=1000 9 | - TZ=${TZ} 10 | volumes: 11 | - ./data/config:/config #home directory 12 | #- /var/run/docker.sock:/var/run/docker.sock #optional only if you need access to docker winthin this container 13 | shm_size: "${RAM}gb" #optional but set to 1GB or higher to prevent browser crashes 14 | restart: unless-stopped 15 | security_opt: 16 | - no-new-privileges:true 17 | networks: 18 | - traefik 19 | labels: 20 | my.zone: zone1 21 | traefik.enable: true 22 | traefik.http.routers.webtop.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 23 | traefik.http.routers.webtop.entrypoints: websecure 24 | traefik.http.services.webtop.loadbalancer.server.port: 3000 25 | 26 | networks: 27 | traefik: 28 | name: zone1 29 | external: true 30 | -------------------------------------------------------------------------------- /services/wger/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=wger -------------------------------------------------------------------------------- /services/wger/README.md: -------------------------------------------------------------------------------- 1 | # wger 2 | https://github.com/wger-project/wger 3 | https://wger.de/de/software/features 4 | https://github.com/wger-project/docker 5 | 6 | because of file-permissions run: 7 | docker compose up -d 8 | sudo chown -R data/ 9 | docker compose down 10 | docker compose up -d 11 | 12 | TODO csrf Probleme -------------------------------------------------------------------------------- /services/whatsupdocker/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=whatsupdocker 3 | SERVICE_PORT=3000 4 | HOMEPAGE_GROUP=Infrastructure 5 | HOMEPAGE_NAME=whatsupdocker 6 | HOMEPAGE_ICON=whatsupdocker 7 | HOMEPAGE_DESCRIPTION=get notified when a new version of your Docker Container is available 8 | -------------------------------------------------------------------------------- /services/whatsupdocker/README.md: -------------------------------------------------------------------------------- 1 | # whats-up-docker 2 | 3 | https://github.com/fmartinou/whats-up-docker 4 | https://fmartinou.github.io/whats-up-docker/#/ 5 | https://hub.docker.com/r/fmartinou/whats-up-docker 6 | -------------------------------------------------------------------------------- /services/whatsupdocker/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | 3 | services: 4 | whatsupdocker: 5 | image: fmartinou/whats-up-docker 6 | container_name: wud 7 | volumes: 8 | - /var/run/docker.sock:/var/run/docker.sock 9 | restart: unless-stopped 10 | security_opt: 11 | - no-new-privileges:true 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.whatsupdocker.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.whatsupdocker.entrypoints: websecure 17 | traefik.http.services.whatsupdocker.loadbalancer.server.port: ${SERVICE_PORT} 18 | homepage.group: ${HOMEPAGE_GROUP} 19 | homepage.name: ${HOMEPAGE_NAME} 20 | homepage.icon: ${HOMEPAGE_ICON} 21 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 22 | homepage.description: ${HOMEPAGE_DESCRIPTION} 23 | homepage.widget.type: whatsupdocker 24 | homepage.widget.url: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | 26 | networks: 27 | default: 28 | name: zone1 29 | external: true 30 | -------------------------------------------------------------------------------- /services/where-the/README.md: -------------------------------------------------------------------------------- 1 | https://github.com/danricho/where_the -------------------------------------------------------------------------------- /services/where-the/docker-compose.yml: -------------------------------------------------------------------------------- 1 | TODO 2 | version: '3' 3 | 4 | services: 5 | web-app: 6 | image: where_the 7 | restart: unless-stopped 8 | ports: 9 | - 5055:5000 # the second needs to match the port in config.yml 10 | volumes: 11 | - ./config.yml:/srv/config.yml # configuration and user settings 12 | - ./data.json:/srv/data.json # data file 13 | - ./data_bkp:/srv/data_bkp # data backup directory -------------------------------------------------------------------------------- /services/whisparr/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=whisparr 4 | -------------------------------------------------------------------------------- /services/whisparr/README.md: -------------------------------------------------------------------------------- 1 | # whisparr 2 | 3 | https://whisparr.com/ 4 | https://github.com/Whisparr/Whisparr 5 | -------------------------------------------------------------------------------- /services/whisparr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3" 2 | 3 | services: 4 | whisparr: 5 | image: cr.hotio.dev/hotio/whisparr 6 | environment: 7 | PUID: 1000 8 | PGID: 1000 9 | UMASK: 002 10 | TZ: 11 | volumes: 12 | - ./data/config:/config 13 | - ./data/data:/data 14 | restart: always 15 | network_mode: container:gluetun # see ../gluetun/docker-compose.yml 16 | labels: 17 | homepage.group: Arr 18 | homepage.name: Whisparr 19 | homepage.icon: whisparr 20 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 21 | homepage.description: Porn 22 | -------------------------------------------------------------------------------- /services/whoogle/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=whoogle -------------------------------------------------------------------------------- /services/wikijs/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=wikijs -------------------------------------------------------------------------------- /services/wireguard/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVERURL=wireguard.example.com 3 | SERVERPORT=51820 4 | PEERS=smartphone1,tablet 5 | PEERDNS=1.1.1.1 6 | INTERNAL_SUBNET=10.13.13.0 7 | ALLOWEDIPS=0.0.0.0/0 8 | LOG_CONFS=true -------------------------------------------------------------------------------- /services/wireguard/README.md: -------------------------------------------------------------------------------- 1 | # wireguard 2 | 3 | https://docs.linuxserver.io/images/docker-wireguard 4 | https://hub.docker.com/r/linuxserver/wireguard 5 | https://www.wireguard.com/ -------------------------------------------------------------------------------- /services/wireguard/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2.1" 2 | services: 3 | wireguard: 4 | image: lscr.io/linuxserver/wireguard:latest 5 | cap_add: 6 | - NET_ADMIN 7 | - SYS_MODULE 8 | environment: 9 | PUID: 10 | PGID: 11 | TZ: 12 | SERVERURL: 13 | SERVERPORT: 14 | PEERS: 15 | PEERDNS: 16 | INTERNAL_SUBNET: 17 | ALLOWEDIPS: 18 | LOG_CONFS: 19 | volumes: 20 | - ./data/config:/config 21 | - /lib/modules:/lib/modules 22 | ports: 23 | - 51820:51820/udp 24 | restart: unless-stopped 25 | -------------------------------------------------------------------------------- /services/wol/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=wol -------------------------------------------------------------------------------- /services/wol/.gitignore: -------------------------------------------------------------------------------- 1 | config.csv -------------------------------------------------------------------------------- /services/wol/config.csv.example: -------------------------------------------------------------------------------- 1 | name,mac,ip 2 | Computer1,64-07-2D-BB-BB-BF,192.168.10.254:9 3 | Computer2,2D-F2-3D-06-17-00,192.168.10.254:9 4 | Computer3,FF-B3-95-62-1C-DD,192.168.10.254:9 -------------------------------------------------------------------------------- /services/wol/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | wol: 4 | image: "dabondi/go-rest-wol" 5 | volumes: 6 | - ./config.csv:/app/computer.csv 7 | restart: unless-stopped 8 | security_opt: 9 | - no-new-privileges:true 10 | networks: 11 | - traefik 12 | labels: 13 | my.zone: zone1 14 | traefik.enable: true 15 | traefik.http.routers.wol.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 16 | traefik.http.routers.wol.entrypoints: websecure 17 | traefik.http.services.wol.loadbalancer.server.port: 8080 18 | homepage.group: Infrastructure 19 | homepage.name: WakeOnLan 20 | homepage.icon: wol 21 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 22 | homepage.description: wol-service 23 | 24 | networks: 25 | traefik: 26 | name: zone1 27 | external: true 28 | -------------------------------------------------------------------------------- /services/wordpress/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=wordpress 3 | 4 | WORDPRESS_DB_USER=exampleuser 5 | WORDPRESS_DB_PASSWORD=examplepass 6 | WORDPRESS_DB_NAME=exampledb -------------------------------------------------------------------------------- /services/wordpress/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | wordpress: 4 | image: wordpress 5 | restart: always 6 | environment: 7 | WORDPRESS_DB_HOST: db 8 | WORDPRESS_DB_USER: ${WORDPRESS_DB_USER} 9 | WORDPRESS_DB_PASSWORD: ${WORDPRESS_DB_PASSWORD} 10 | WORDPRESS_DB_NAME: ${WORDPRESS_DB_PASSWORD} 11 | volumes: 12 | - ./data/wordpress:/var/www/html 13 | security_opt: 14 | - no-new-privileges:true 15 | networks: 16 | - traefik 17 | labels: 18 | my.zone: zone1 19 | traefik.enable: true 20 | traefik.http.routers.wordpress.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 21 | traefik.http.routers.wordpress.entrypoints: websecure 22 | traefik.http.services.wordpress.loadbalancer.server.port: 80 23 | 24 | db: 25 | image: mysql:5.7 26 | environment: 27 | MYSQL_DATABASE: ${WORDPRESS_DB_PASSWORD} 28 | MYSQL_USER: ${WORDPRESS_DB_USER} 29 | MYSQL_PASSWORD: ${WORDPRESS_DB_PASSWORD} 30 | MYSQL_RANDOM_ROOT_PASSWORD: '1' 31 | volumes: 32 | - ./data/db:/var/lib/mysql 33 | restart: unless-stopped 34 | security_opt: 35 | - no-new-privileges:true 36 | networks: 37 | - traefik 38 | 39 | networks: 40 | traefik: 41 | name: zone1 42 | external: true 43 | -------------------------------------------------------------------------------- /services/xbackbone/.env.example: -------------------------------------------------------------------------------- 1 | TZ=Europe/Berlin 2 | SERVER_DOMAIN=example.com 3 | SUB_DOMAIN=xbackbone 4 | HOMEPAGE_GROUP=Infrastructure 5 | HOMEPAGE_NAME=xbackbone 6 | HOMEPAGE_ICON=xbackbone 7 | HOMEPAGE_DESCRIPTION=A lightweight file manager with full ShareX support and more 8 | PUID=1000 9 | PGID=1000 10 | -------------------------------------------------------------------------------- /services/xbackbone/README.md: -------------------------------------------------------------------------------- 1 | # xbackbone 2 | 3 | https://github.com/SergiX44/XBackBone 4 | https://xbackbone.app/ 5 | 6 | ## setup 7 | 8 | go to ./data/www/xbackbone/config.php and change the base_url to 'https' 9 | -------------------------------------------------------------------------------- /services/xbackbone/docker-compose.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: "2.1" 3 | services: 4 | xbackbone: 5 | image: lscr.io/linuxserver/xbackbone:latest 6 | environment: 7 | PUID: 8 | PGID: 9 | TZ: 10 | volumes: 11 | - ./data:/config 12 | restart: unless-stopped 13 | security_opt: 14 | - no-new-privileges:true 15 | labels: 16 | my.zone: zone1 17 | traefik.enable: true 18 | traefik.http.routers.xbackbone.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 19 | traefik.http.routers.xbackbone.entrypoints: websecure 20 | traefik.http.services.xbackbone.loadbalancer.server.port: 80 21 | homepage.group: ${HOMEPAGE_GROUP} 22 | homepage.name: ${HOMEPAGE_NAME} 23 | homepage.icon: ${HOMEPAGE_ICON} 24 | homepage.href: https://${SUB_DOMAIN}.${SERVER_DOMAIN} 25 | homepage.description: ${HOMEPAGE_DESCRIPTION} 26 | 27 | networks: 28 | default: 29 | name: zone1 30 | external: true 31 | -------------------------------------------------------------------------------- /services/yacht/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=yacht -------------------------------------------------------------------------------- /services/yacht/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | yacht: 4 | image: selfhostedpro/yacht 5 | volumes: 6 | - /var/run/docker.sock:/var/run/docker.sock 7 | - ./data:/config 8 | restart: unless-stopped 9 | security_opt: 10 | - no-new-privileges:true 11 | networks: 12 | - traefik 13 | labels: 14 | my.zone: zone1 15 | traefik.enable: true 16 | traefik.http.routers.yacht.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) # admin@yacht.local / pass 17 | traefik.http.routers.yacht.entrypoints: websecure 18 | traefik.http.services.yacht.loadbalancer.server.port: 8000 19 | 20 | networks: 21 | traefik: 22 | name: zone1 23 | external: true 24 | -------------------------------------------------------------------------------- /services/youtube-dl/.env.example: -------------------------------------------------------------------------------- 1 | SERVER_DOMAIN=example.com 2 | SUB_DOMAIN=youtubedl -------------------------------------------------------------------------------- /services/youtube-dl/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.6" 2 | services: 3 | youtubedl: 4 | environment: 5 | ALLOW_CONFIG_MUTATIONS: "true" 6 | volumes: 7 | - ./data/appdata:/app/appdata 8 | - ./data/audio:/app/audio 9 | - ./data/video:/app/video 10 | - ./data/subscriptions:/app/subscriptions 11 | - ./data/users:/app/users 12 | image: tzahi12345/youtubedl-material:latest 13 | restart: unless-stopped 14 | security_opt: 15 | - no-new-privileges:true 16 | networks: 17 | - traefik 18 | labels: 19 | my.zone: zone1 20 | traefik.enable: true 21 | traefik.http.routers.youtubedl.rule: Host(`${SUB_DOMAIN}.${SERVER_DOMAIN}`) 22 | traefik.http.routers.youtubedl.entrypoints: websecure 23 | traefik.http.services.youtubedl.loadbalancer.server.port: 17442 24 | 25 | networks: 26 | traefik: 27 | name: zone1 28 | external: true 29 | --------------------------------------------------------------------------------