├── .gitignore ├── README.md ├── authelia ├── .env.example ├── .gitignore ├── .kopiaignore ├── config │ └── .gitkeep ├── db_dumps │ └── .gitkeep └── docker-compose.yml ├── bazarr ├── .env.example ├── .gitignore ├── config │ └── .gitkeep └── docker-compose.yml ├── changedetection ├── .env.example ├── .gitignore ├── datastore │ └── .gitkeep └── docker-compose.yml ├── deluge ├── .env.example ├── .gitignore ├── config │ └── .gitkeep └── docker-compose.yml ├── firefly_iii ├── .env.example ├── .gitignore ├── .kopiaignore ├── db_dumps │ └── .gitkeep ├── docker-compose.yml └── upload │ └── .gitkeep ├── flaresolverr ├── .env.example └── docker-compose.yml ├── gotify ├── .env.example ├── .gitignore ├── .kopiaignore ├── data │ └── .gitkeep ├── db_dumps │ └── .gitkeep └── docker-compose.yml ├── healthchecks ├── .env.example ├── .gitignore ├── data │ └── .gitkeep └── docker-compose.yml ├── homer ├── .env.example ├── .gitignore ├── assets │ └── .gitkeep └── docker-compose.yml ├── immich ├── .env.example ├── .gitignore ├── .kopiaignore ├── db_dumps │ └── .gitkeep └── docker-compose.yml ├── jellyfin ├── .env.example ├── .gitignore ├── .kopiaignore ├── config │ └── .gitkeep └── docker-compose.yml ├── jellyseerr ├── .env.example ├── .gitignore ├── config │ └── .gitkeep └── docker-compose.yml ├── maloja ├── .env.example ├── .gitignore ├── data │ └── .gitkeep └── docker-compose.yml ├── mealie ├── .env.example ├── .gitignore ├── .kopiaignore ├── data │ └── .gitkeep ├── db_dumps │ └── .gitkeep └── docker-compose.yml ├── multi-scrobbler ├── .env.example ├── .gitignore ├── config │ └── .gitkeep └── docker-compose.yml ├── navidrome ├── .env.example ├── .gitignore ├── data │ └── .gitkeep └── docker-compose.yml ├── paperless-ngx ├── .env.example ├── .gitignore ├── .kopiaignore ├── consume │ └── .gitkeep ├── data │ └── .gitkeep ├── db_dumps │ └── .gitkeep ├── docker-compose.yml ├── export │ └── .gitkeep └── media │ └── .gitkeep ├── prowlarr ├── .env.example ├── .gitignore ├── config │ └── .gitkeep └── docker-compose.yml ├── radarr ├── .env.example ├── .gitignore ├── config │ └── .gitkeep └── docker-compose.yml ├── radicale ├── .env.example ├── .gitignore ├── config │ ├── .gitkeep │ └── config ├── data │ └── .gitkeep └── docker-compose.yml ├── recyclarr ├── .env.example ├── .gitignore ├── config │ ├── .gitkeep │ └── recyclarr.yml └── docker-compose.yml ├── renovate.json ├── shlink ├── .env.example ├── .gitignore ├── .kopiaignore ├── db_dumps │ └── .gitkeep └── docker-compose.yml ├── sonarr ├── .env.example ├── .gitignore ├── config │ └── .gitkeep └── docker-compose.yml ├── syncthing ├── .env.example ├── .gitignore ├── config │ └── .gitkeep └── docker-compose.yml ├── traefik ├── .env.example ├── .gitignore ├── acme │ └── .gitkeep └── docker-compose.yml └── uptime_kuma ├── .env.example ├── .gitignore ├── data └── .gitkeep └── docker-compose.yml /.gitignore: -------------------------------------------------------------------------------- 1 | .env 2 | !.env.example 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # My Docker Compose files 2 | Here I save all the docker-compose files which I used to self host a service. 3 | 4 | Every service is proxied with Traefik and protected using Authelia. -------------------------------------------------------------------------------- /authelia/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | AUTHELIA_DB_DUMPER_HEALTHCHECKS_URL= 6 | 7 | # The Authelia host 8 | AUTHELIA_HOST=authelia.example.com 9 | 10 | # The domain to protect. 11 | # Note: the authenticator must also be in that domain. 12 | # If empty, the cookie is restricted to the subdomain of the issuer. 13 | AUTHELIA_SESSION_DOMAIN=example.com 14 | 15 | # The password of the Postgres database. 16 | AUTHELIA_STORAGE_POSTGRES_PASSWORD= 17 | 18 | # The encryption key that is used to encrypt sensitive information in the database. Must be a string with a minimum 19 | # length of 20. Please see the docs if you configure this with an undesirable key and need to change it. 20 | AUTHELIA_STORAGE_ENCRYPTION_KEY= 21 | 22 | # The secret used to generate JWT tokens when validating user identity by email confirmation. 23 | AUTHELIA_JWT_SECRET= 24 | 25 | # The secret to encrypt the session data. This is only used with Redis / Redis Sentinel. 26 | AUTHELIA_SESSION_SECRET= 27 | 28 | # SMTP configurations. 29 | AUTHELIA_NOTIFIER_SMTP_USERNAME= 30 | AUTHELIA_NOTIFIER_SMTP_PASSWORD= 31 | AUTHELIA_NOTIFIER_SMTP_SENDER= 32 | AUTHELIA_NOTIFIER_SMTP_PORT= 33 | AUTHELIA_NOTIFIER_SMTP_HOST= 34 | -------------------------------------------------------------------------------- /authelia/.gitignore: -------------------------------------------------------------------------------- 1 | db/* 2 | db_dumps/* 3 | config/* 4 | 5 | !**/.gitkeep 6 | -------------------------------------------------------------------------------- /authelia/.kopiaignore: -------------------------------------------------------------------------------- 1 | db/* -------------------------------------------------------------------------------- /authelia/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/authelia/config/.gitkeep -------------------------------------------------------------------------------- /authelia/db_dumps/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/authelia/db_dumps/.gitkeep -------------------------------------------------------------------------------- /authelia/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | authelia_redis: 5 | image: docker.io/library/redis:7.4.4-alpine@sha256:ee9e8748ace004102a267f7b8265dab2c618317df22507b89d16a8add7154273 6 | container_name: authelia_redis 7 | restart: unless-stopped 8 | networks: 9 | - authelia 10 | healthcheck: 11 | test: ["CMD-SHELL", "redis-cli ping | grep PONG"] 12 | start_period: 20s 13 | interval: 30s 14 | retries: 5 15 | timeout: 3s 16 | 17 | authelia_db: 18 | image: docker.io/library/postgres:15.13-alpine@sha256:b86604df02ea670dcc56c4a769f283f71647e2d29c90d9edd069524ee6dcc3aa 19 | restart: unless-stopped 20 | container_name: authelia_db 21 | # See: https://github.com/docker-library/docs/blob/master/postgres/README.md#arbitrary---user-notes 22 | user: "${PUID}:${PGID}" 23 | volumes: 24 | - ./db:/var/lib/postgresql/data 25 | environment: 26 | - POSTGRES_DB=authelia 27 | - POSTGRES_USER=authelia 28 | - POSTGRES_PASSWORD=${AUTHELIA_STORAGE_POSTGRES_PASSWORD} 29 | networks: 30 | - authelia 31 | healthcheck: 32 | test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] 33 | start_period: 20s 34 | interval: 30s 35 | retries: 5 36 | timeout: 5s 37 | 38 | authelia_db_dumper: 39 | image: docker.io/paolobasso/database_dumper:postgres-15 40 | restart: unless-stopped 41 | depends_on: 42 | - authelia_db 43 | container_name: authelia_db_dumper 44 | volumes: 45 | - ./db_dumps:/dumps 46 | environment: 47 | - PUID=${PUID} 48 | - PGID=${PGID} 49 | - DUMPER_DATABASE=authelia 50 | - DUMPER_HOST=authelia_db 51 | - DUMPER_USER=authelia 52 | - DUMPER_PASSWORD=${AUTHELIA_STORAGE_POSTGRES_PASSWORD} 53 | - DUMPER_HEALTHCHECKS_URL=${AUTHELIA_DB_DUMPER_HEALTHCHECKS_URL} 54 | networks: 55 | - authelia 56 | 57 | authelia: 58 | image: docker.io/authelia/authelia:4.39.4@sha256:64b356c30fd817817a4baafb4dbc0f9f8702e46b49e1edb92ff42e19e487b517 59 | depends_on: 60 | - authelia_redis 61 | - authelia_db 62 | container_name: authelia 63 | user: "${PUID}:${PGID}" 64 | restart: unless-stopped 65 | volumes: 66 | - ./config:/config 67 | environment: 68 | - AUTHELIA_JWT_SECRET=${AUTHELIA_JWT_SECRET} 69 | # Session 70 | - AUTHELIA_SESSION_DOMAIN=${AUTHELIA_SESSION_DOMAIN} 71 | - AUTHELIA_SESSION_SECRET=${AUTHELIA_SESSION_SECRET} 72 | # Session: Redis 73 | - AUTHELIA_SESSION_REDIS_HOST=authelia_redis 74 | - AUTHELIA_SESSION_REDIS_PORT=6379 75 | # Database 76 | - AUTHELIA_STORAGE_ENCRYPTION_KEY=${AUTHELIA_STORAGE_ENCRYPTION_KEY} 77 | - AUTHELIA_STORAGE_POSTGRES_PASSWORD=${AUTHELIA_STORAGE_POSTGRES_PASSWORD} 78 | - AUTHELIA_STORAGE_POSTGRES_HOST=authelia_db 79 | - AUTHELIA_STORAGE_POSTGRES_PORT=5432 80 | - AUTHELIA_STORAGE_POSTGRES_DATABASE=authelia 81 | - AUTHELIA_STORAGE_POSTGRES_USERNAME=authelia 82 | # Notifier 83 | - AUTHELIA_NOTIFIER_SMTP_USERNAME=${AUTHELIA_NOTIFIER_SMTP_USERNAME} 84 | - AUTHELIA_NOTIFIER_SMTP_PASSWORD=${AUTHELIA_NOTIFIER_SMTP_PASSWORD} 85 | - AUTHELIA_NOTIFIER_SMTP_SENDER=${AUTHELIA_NOTIFIER_SMTP_SENDER} 86 | - AUTHELIA_NOTIFIER_SMTP_PORT=${AUTHELIA_NOTIFIER_SMTP_PORT} 87 | - AUTHELIA_NOTIFIER_SMTP_HOST=${AUTHELIA_NOTIFIER_SMTP_HOST} 88 | labels: 89 | - "traefik.enable=true" 90 | - "traefik.http.services.authelia.loadbalancer.server.port=9091" 91 | - 'traefik.http.routers.authelia.rule=Host("$AUTHELIA_HOST")' 92 | - "traefik.http.routers.authelia.tls=true" 93 | - "traefik.http.routers.authelia.entrypoints=websecure" 94 | # Authelia headers, see https://www.authelia.com/docs/security/measures.html#traefik-2x---docker-compose 95 | - "traefik.http.routers.authelia.middlewares=authelia-headers" 96 | - "traefik.http.middlewares.authelia-headers.headers.browserXssFilter=true" 97 | - "traefik.http.middlewares.authelia-headers.headers.customFrameOptionsValue=SAMEORIGIN" 98 | - "traefik.http.middlewares.authelia-headers.headers.customResponseHeaders.Cache-Control=no-store" 99 | - "traefik.http.middlewares.authelia-headers.headers.customResponseHeaders.Pragma=no-cache" 100 | networks: 101 | - web_proxy 102 | - authelia 103 | # No healthcheck because already present in Dockerfile 104 | 105 | networks: 106 | web_proxy: 107 | external: true 108 | authelia: 109 | driver: bridge 110 | -------------------------------------------------------------------------------- /bazarr/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | BAZARR_HOST=bazarr.example.com 6 | BAZARR_MOVIES_PATH=/path/to/movies 7 | BAZARR_TV_PATH=/path/to/tv 8 | -------------------------------------------------------------------------------- /bazarr/.gitignore: -------------------------------------------------------------------------------- 1 | config/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /bazarr/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/bazarr/config/.gitkeep -------------------------------------------------------------------------------- /bazarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | bazarr: 5 | image: docker.io/linuxserver/bazarr:1.5.2@sha256:81d76b6c13a7a9481440402f0fa0ff1dc6027d003447da28eb1ed150e1846af7 6 | container_name: bazarr 7 | environment: 8 | - PUID=${PUID} 9 | - PGID=${PGID} 10 | - TZ=${TZ} 11 | volumes: 12 | - ./config:/config 13 | - ${BAZARR_MOVIES_PATH}:/movies:rw,rslave 14 | - ${BAZARR_TV_PATH}:/tv:rw,rslave 15 | restart: unless-stopped 16 | labels: 17 | - "traefik.enable=true" 18 | - "traefik.http.services.bazarr.loadbalancer.server.port=6767" 19 | - "traefik.http.routers.bazarr.service=bazarr" 20 | - "traefik.http.routers.bazarr.tls=true" 21 | - "traefik.http.routers.bazarr.entrypoints=websecure" 22 | - 'traefik.http.routers.bazarr.rule=Host("$BAZARR_HOST")' 23 | - "traefik.http.routers.bazarr.middlewares=authelia@docker" 24 | networks: 25 | - web_proxy 26 | - torrent 27 | healthcheck: 28 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:6767"] 29 | start_period: 20s 30 | interval: 30s 31 | timeout: 5s 32 | retries: 5 33 | 34 | networks: 35 | web_proxy: 36 | external: true 37 | torrent: 38 | external: true 39 | -------------------------------------------------------------------------------- /changedetection/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | CHANGEDETECTION_HOST=changedetection.example.com 6 | -------------------------------------------------------------------------------- /changedetection/.gitignore: -------------------------------------------------------------------------------- 1 | datastore/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /changedetection/datastore/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/changedetection/datastore/.gitkeep -------------------------------------------------------------------------------- /changedetection/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | changedetection: 5 | container_name: changedetection 6 | image: ghcr.io/dgtlmoon/changedetection.io:0.48.06@sha256:c67332c39ac8f5c12af68a6205461f7ab487352f4a3bcda8e6f4c17e6cf3f47a 7 | restart: unless-stopped 8 | depends_on: 9 | changedetection_playwright: 10 | condition: service_started 11 | environment: 12 | - BASE_URL=https://${CHANGEDETECTION_HOST} 13 | - PLAYWRIGHT_DRIVER_URL=ws://changedetection_playwright:3000/?stealth=1&--disable-web-security=true 14 | - HIDE_REFERER=true 15 | volumes: 16 | - ./datastore:/datastore 17 | labels: 18 | - "traefik.enable=true" 19 | - "traefik.http.services.changedetection.loadbalancer.server.port=5000" 20 | - "traefik.http.routers.changedetection.service=changedetection" 21 | - 'traefik.http.routers.changedetection.rule=Host("$CHANGEDETECTION_HOST")' 22 | - "traefik.http.routers.changedetection.tls=true" 23 | - "traefik.http.routers.changedetection.entrypoints=websecure" 24 | - "traefik.http.routers.changedetection.middlewares=authelia@docker" 25 | networks: 26 | - web_proxy 27 | - changedetection 28 | # No healthcheck because no curl or wget 29 | 30 | 31 | changedetection_playwright: 32 | container_name: changedetection_playwright 33 | image: docker.io/browserless/chrome:1.61.1-chrome-stable@sha256:efac47cfff3830d9a50b27d29f8bbb61949058ae336c823fbe9bd3c0d1debcc8 34 | restart: unless-stopped 35 | environment: 36 | - SCREEN_WIDTH=1920 37 | - SCREEN_HEIGHT=1024 38 | - SCREEN_DEPTH=16 39 | - ENABLE_DEBUGGER=false 40 | - PREBOOT_CHROME=true 41 | - CONNECTION_TIMEOUT=300000 42 | - MAX_CONCURRENT_SESSIONS=10 43 | - CHROME_REFRESH_TIME=600000 44 | - DEFAULT_BLOCK_ADS=true 45 | - DEFAULT_STEALTH=true 46 | - DEFAULT_IGNORE_HTTPS_ERRORS=true 47 | networks: 48 | - changedetection 49 | healthcheck: 50 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:3000"] 51 | start_period: 20s 52 | interval: 30s 53 | timeout: 5s 54 | retries: 5 55 | 56 | networks: 57 | web_proxy: 58 | external: true 59 | changedetection: 60 | driver: bridge 61 | -------------------------------------------------------------------------------- /deluge/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | DELUGE_HOST=deluge.example.com 6 | DELUGE_DOWNLOADS_PATH=/path/to/downloads 7 | DELUGE_VPN_USER=vpn_username 8 | DELUGE_VPN_PASS=vpn_password -------------------------------------------------------------------------------- /deluge/.gitignore: -------------------------------------------------------------------------------- 1 | config/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /deluge/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/deluge/config/.gitkeep -------------------------------------------------------------------------------- /deluge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | deluge: 5 | image: docker.io/binhex/arch-delugevpn:2.1.1-4-04@sha256:654610e9059002596db91ab46b40457aa1d12f429334e4dac9962f418c2019dd 6 | container_name: deluge 7 | environment: 8 | - PUID=${PUID} 9 | - PGID=${PGID} 10 | - UMASK=000 11 | - TZ=${TZ} 12 | - VPN_ENABLED=yes 13 | - VPN_PROV=custom 14 | - VPN_CLIENT=openvpn 15 | - VPN_USER=${DELUGE_VPN_USER} 16 | - VPN_PASS=${DELUGE_VPN_PASS} 17 | - ENABLE_PRIVOXY=no 18 | - LAN_NETWORK=192.168.1.0/24 19 | - NAME_SERVERS=84.200.69.80,37.235.1.174,1.1.1.1,37.235.1.177,84.200.70.40,1.0.0.1 20 | - DELUGE_DAEMON_LOG_LEVEL=info 21 | - DELUGE_WEB_LOG_LEVEL=info 22 | - DELUGE_ENABLE_WEBUI_PASSWORD=yes 23 | - DEBUG=false 24 | volumes: 25 | - ./config:/config 26 | - ${DELUGE_DOWNLOADS_PATH}:/downloads:rw,rslave 27 | - /etc/localtime:/etc/localtime:ro 28 | restart: unless-stopped 29 | cap_add: 30 | - "NET_ADMIN" 31 | networks: 32 | - torrent 33 | healthcheck: 34 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8112"] 35 | start_period: 20s 36 | interval: 30s 37 | timeout: 5s 38 | retries: 5 39 | 40 | deluge_proxy: 41 | image: docker.io/library/caddy:2.10.0-alpine@sha256:e2e3a089760c453bc51c4e718342bd7032d6714f15b437db7121bfc2de2654a6 42 | restart: unless-stopped 43 | container_name: deluge_proxy 44 | command: caddy reverse-proxy --from :80 --to deluge:8112 45 | user: "${PUID}:${PGID}" 46 | labels: 47 | - "traefik.enable=true" 48 | - "traefik.http.services.deluge_proxy.loadbalancer.server.port=80" 49 | - "traefik.http.routers.deluge_proxy.service=deluge_proxy" 50 | - 'traefik.http.routers.deluge_proxy.rule=Host("${DELUGE_HOST}")' 51 | - "traefik.http.routers.deluge_proxy.tls=true" 52 | - "traefik.http.routers.deluge_proxy.entrypoints=websecure" 53 | - "traefik.http.routers.deluge_proxy.middlewares=authelia@docker" 54 | networks: 55 | - torrent 56 | - web_proxy 57 | healthcheck: 58 | test: ["CMD", "wget", "-q", "--no-verbose", "--tries", "1", "--spider", "--timeout", "2", "http://localhost:80"] 59 | start_period: 20s 60 | interval: 30s 61 | timeout: 5s 62 | retries: 5 63 | 64 | networks: 65 | web_proxy: 66 | external: true 67 | torrent: 68 | external: true 69 | 70 | -------------------------------------------------------------------------------- /firefly_iii/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | # Firefly 6 | FIREFLY_III_HOST=firefly.example.com 7 | FIREFLY_III_OWNER_EMAIL=example 8 | FIREFLY_III_APP_KEY=32_CHARS 9 | FIREFLY_III_EMAIL=example 10 | FIREFLY_III_STATIC_CRON_TOKEN=32_CHARS 11 | 12 | # Firefly DB 13 | FIREFLY_III_DB_PASSWORD= 14 | FIREFLY_III_DB_ROOT_PASSWORD= 15 | FIREFLY_III_DB_DUMPER_HEALTHCHECKS_URL= 16 | 17 | # Firefly Mailgun, if you are on EU region in mailgun, use api.eu.mailgun.net, otherwise use api.mailgun.net 18 | FIREFLY_III_MAIL_FROM=firefly@example.com 19 | FIREFLY_III_MAILGUN_ENDPOINT=api.eu.mailgun.net 20 | FIREFLY_III_MAILGUN_DOMAIN=mail.example.com 21 | FIREFLY_III_MAILGUN_SECRET= 22 | 23 | # Firefly Mapbox 24 | FIREFLY_III_MAPBOX_API_KEY= -------------------------------------------------------------------------------- /firefly_iii/.gitignore: -------------------------------------------------------------------------------- 1 | upload/* 2 | db/* 3 | db_dumps/* 4 | 5 | !**/.gitkeep 6 | -------------------------------------------------------------------------------- /firefly_iii/.kopiaignore: -------------------------------------------------------------------------------- 1 | db/* 2 | -------------------------------------------------------------------------------- /firefly_iii/db_dumps/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/firefly_iii/db_dumps/.gitkeep -------------------------------------------------------------------------------- /firefly_iii/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | firefly_iii_db: 5 | image: docker.io/linuxserver/mariadb:10.11.10@sha256:118e71fcfca80622241c1d188b1ca0410672149ff1e028b360d51683efeea620 6 | container_name: firefly_iii_db 7 | environment: 8 | - PUID=${PUID} 9 | - PGID=${PGID} 10 | - TZ=${TZ} 11 | - MYSQL_ROOT_PASSWORD=${FIREFLY_III_DB_ROOT_PASSWORD} 12 | - MYSQL_USER=firefly_iii 13 | - MYSQL_PASSWORD=${FIREFLY_III_DB_PASSWORD} 14 | - MYSQL_DATABASE=firefly_iii 15 | volumes: 16 | - ./db:/config 17 | restart: unless-stopped 18 | networks: 19 | - firefly_iii 20 | healthcheck: 21 | test: ["CMD-SHELL", "mysql -u $${MYSQL_USER} -p$${MYSQL_PASSWORD} -e 'SELECT 1'"] 22 | start_period: 20s 23 | interval: 30s 24 | retries: 5 25 | timeout: 5s 26 | 27 | firefly_iii_db_dumper: 28 | image: docker.io/paolobasso/database_dumper:mariadb 29 | restart: unless-stopped 30 | depends_on: 31 | - firefly_iii_db 32 | container_name: firefly_iii_db_dumper 33 | volumes: 34 | - ./db_dumps:/dumps 35 | environment: 36 | - PUID=${PUID} 37 | - PGID=${PGID} 38 | - DUMPER_DATABASE=firefly_iii 39 | - DUMPER_HOST=firefly_iii_db 40 | - DUMPER_USER=firefly_iii 41 | - DUMPER_PASSWORD=${FIREFLY_III_DB_PASSWORD} 42 | - DUMPER_HEALTHCHECKS_URL=${FIREFLY_III_DB_DUMPER_HEALTHCHECKS_URL} 43 | networks: 44 | - firefly_iii 45 | 46 | firefly_iii: 47 | image: docker.io/fireflyiii/core:version-6.0.26@sha256:bb046f374823f110ba981c5a9088eb2a6a924514b7c43e94dbe645ea9c9a2578 48 | container_name: firefly_iii 49 | depends_on: 50 | - firefly_iii_db 51 | environment: 52 | - TZ=${TZ} 53 | - SITE_OWNER=${FIREFLY_III_OWNER_EMAIL} 54 | - APP_KEY=${FIREFLY_III_APP_KEY} 55 | - DB_CONNECTION=mysql 56 | - DB_HOST=firefly_iii_db 57 | - DB_PORT=3306 58 | - DB_DATABASE=firefly_iii 59 | - DB_USERNAME=firefly_iii 60 | - DB_PASSWORD=${FIREFLY_III_DB_PASSWORD} 61 | - MAIL_MAILER=mailgun 62 | - MAIL_FROM=${FIREFLY_III_MAIL_FROM} 63 | - MAILGUN_DOMAIN=${FIREFLY_III_MAILGUN_DOMAIN} 64 | - MAILGUN_SECRET=${FIREFLY_III_MAILGUN_SECRET} 65 | - MAILGUN_ENDPOINT=${FIREFLY_III_MAILGUN_ENDPOINT} 66 | - MAPBOX_API_KEY=${FIREFLY_III_MAPBOX_API_KEY} 67 | - TRUSTED_PROXIES=** 68 | - APP_URL=https://${FIREFLY_III_HOST} 69 | - STATIC_CRON_TOKEN=${FIREFLY_III_STATIC_CRON_TOKEN} 70 | volumes: 71 | - ./upload:/var/www/html/storage/upload 72 | restart: unless-stopped 73 | labels: 74 | - "traefik.enable=true" 75 | - "traefik.http.services.firefly_iii.loadbalancer.server.port=8080" 76 | - "traefik.http.routers.firefly_iii.service=firefly_iii" 77 | - "traefik.http.routers.firefly_iii.tls=true" 78 | - "traefik.http.routers.firefly_iii.entrypoints=websecure" 79 | - 'traefik.http.routers.firefly_iii.rule=Host("$FIREFLY_III_HOST")' 80 | - "traefik.http.routers.firefly_iii.middlewares=authelia@docker" 81 | networks: 82 | - web_proxy 83 | - firefly_iii 84 | # No healthcheck because already present in Dockerfile 85 | 86 | firefly_iii_cron: 87 | image: docker.io/library/alpine:3.22.0@sha256:8a1f59ffb675680d47db6337b49d22281a139e9d709335b492be023728e11715 88 | restart: unless-stopped 89 | depends_on: 90 | - firefly_iii 91 | container_name: firefly_iii_cron 92 | command: sh -c "echo \"0 3 * * * wget -qO- http://firefly_iii:8080/api/v1/cron/${FIREFLY_III_STATIC_CRON_TOKEN}\" | crontab - && crond -f -L /dev/stdout" 93 | networks: 94 | - firefly_iii 95 | healthcheck: 96 | test: ["CMD-SHELL", "crontab -l | grep wget"] 97 | start_period: 20s 98 | interval: 30s 99 | timeout: 5s 100 | retries: 5 101 | 102 | networks: 103 | web_proxy: 104 | external: true 105 | firefly_iii: 106 | driver: bridge 107 | -------------------------------------------------------------------------------- /firefly_iii/upload/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/firefly_iii/upload/.gitkeep -------------------------------------------------------------------------------- /flaresolverr/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | -------------------------------------------------------------------------------- /flaresolverr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | flaresolverr: 5 | image: ghcr.io/flaresolverr/flaresolverr:v3.3.21@sha256:f104ee51e5124d83cf3be9b37480649355d223f7d8f9e453d0d5ef06c6e3b31b 6 | container_name: flaresolverr 7 | user: ${PUID}:${PGID} 8 | environment: 9 | - TZ=${TZ} 10 | restart: unless-stopped 11 | sysctls: 12 | - net.ipv6.conf.all.disable_ipv6=1 13 | networks: 14 | - torrent 15 | healthcheck: 16 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8191"] 17 | start_period: 20s 18 | interval: 30s 19 | timeout: 5s 20 | retries: 5 21 | 22 | networks: 23 | torrent: 24 | external: true 25 | -------------------------------------------------------------------------------- /gotify/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | 4 | GOTIFY_HOST=gotify.example.com 5 | GOTIFY_DB_PASSWORD= 6 | GOTIFY_DB_DUMPER_HEALTHCHECKS_URL= -------------------------------------------------------------------------------- /gotify/.gitignore: -------------------------------------------------------------------------------- 1 | data/* 2 | db_dumps/* 3 | db/* 4 | 5 | !**/.gitkeep 6 | -------------------------------------------------------------------------------- /gotify/.kopiaignore: -------------------------------------------------------------------------------- 1 | db/* 2 | -------------------------------------------------------------------------------- /gotify/data/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/gotify/data/.gitkeep -------------------------------------------------------------------------------- /gotify/db_dumps/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/gotify/db_dumps/.gitkeep -------------------------------------------------------------------------------- /gotify/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | gotify_db: 5 | image: docker.io/library/postgres:15.13-alpine@sha256:b86604df02ea670dcc56c4a769f283f71647e2d29c90d9edd069524ee6dcc3aa 6 | restart: unless-stopped 7 | container_name: gotify_db 8 | # See: https://github.com/docker-library/docs/blob/master/postgres/README.md#arbitrary---user-notes 9 | user: "${PUID}:${PGID}" 10 | volumes: 11 | - ./db:/var/lib/postgresql/data 12 | environment: 13 | - POSTGRES_DB=gotify 14 | - POSTGRES_USER=gotify 15 | - POSTGRES_PASSWORD=${GOTIFY_DB_PASSWORD} 16 | networks: 17 | - gotify 18 | healthcheck: 19 | test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] 20 | start_period: 20s 21 | interval: 30s 22 | retries: 5 23 | timeout: 5s 24 | 25 | gotify_db_dumper: 26 | image: docker.io/paolobasso/database_dumper:postgres-15 27 | restart: unless-stopped 28 | depends_on: 29 | - gotify_db 30 | container_name: gotify_db_dumper 31 | volumes: 32 | - ./db_dumps:/dumps 33 | environment: 34 | - PUID=${PUID} 35 | - PGID=${PGID} 36 | - DUMPER_DATABASE=gotify 37 | - DUMPER_HOST=gotify_db 38 | - DUMPER_USER=gotify 39 | - DUMPER_PASSWORD=${GOTIFY_DB_PASSWORD} 40 | - DUMPER_HEALTHCHECKS_URL=${GOTIFY_DB_DUMPER_HEALTHCHECKS_URL} 41 | networks: 42 | - gotify 43 | 44 | gotify: 45 | image: docker.io/gotify/server:2.6.3@sha256:dfbee7fc4701b300936a24b01d24620b4d62e405204c71fd749a63abfb9b4ec4 46 | depends_on: 47 | - gotify_db 48 | restart: unless-stopped 49 | container_name: gotify 50 | user: "${PUID}:${PGID}" 51 | environment: 52 | - GOTIFY_DATABASE_DIALECT=postgres 53 | - GOTIFY_DATABASE_CONNECTION=host=gotify_db port=5432 user=gotify dbname=gotify password=${GOTIFY_DB_PASSWORD} sslmode=disable 54 | labels: 55 | - "traefik.enable=true" 56 | - "traefik.http.services.gotify.loadbalancer.server.port=80" 57 | - "traefik.http.routers.gotify.service=gotify" 58 | - "traefik.http.routers.gotify.tls=true" 59 | - "traefik.http.routers.gotify.entrypoints=websecure" 60 | - 'traefik.http.routers.gotify.rule=Host("$GOTIFY_HOST")' 61 | volumes: 62 | - ./data:/app/data 63 | networks: 64 | - gotify 65 | - web_proxy 66 | # No healthcheck because already present in Dockerfile 67 | 68 | networks: 69 | web_proxy: 70 | external: true 71 | gotify: 72 | driver: bridge 73 | -------------------------------------------------------------------------------- /healthchecks/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | 4 | HEALTHCHECKS_HOST=healthchecks.example.com 5 | 6 | HEALTHCHECKS_DEFAULT_FROM_EMAIL=healthchecks@example.com 7 | HEALTHCHECKS_EMAIL_HOST= 8 | HEALTHCHECKS_EMAIL_HOST_PASSWORD= 9 | HEALTHCHECKS_EMAIL_HOST_USER= 10 | HEALTHCHECKS_EMAIL_PORT= 11 | HEALTHCHECKS_EMAIL_USE_TLS= 12 | HEALTHCHECKS_SECRET_KEY= 13 | 14 | -------------------------------------------------------------------------------- /healthchecks/.gitignore: -------------------------------------------------------------------------------- 1 | data/* 2 | 3 | !**/.gitkeep 4 | 5 | -------------------------------------------------------------------------------- /healthchecks/data/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/healthchecks/data/.gitkeep -------------------------------------------------------------------------------- /healthchecks/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | healthchecks: 5 | image: docker.io/healthchecks/healthchecks:v3.8.2@sha256:720a5bf85008a46c82dc326f326f3e2360c63b20a7ac06d75d87126f3a0da50f 6 | container_name: healthchecks 7 | user: "${PUID}:${PGID}" 8 | volumes: 9 | - ./data:/data 10 | environment: 11 | - ALLOWED_HOSTS=${HEALTHCHECKS_HOST} 12 | - SITE_NAME=Healthchecks 13 | - REGISTRATION_OPEN=False 14 | - APPRISE_ENABLED=True 15 | - DB=sqlite 16 | - DB_NAME=/data/hc.sqlite 17 | - DEBUG=False 18 | - DEFAULT_FROM_EMAIL=${HEALTHCHECKS_DEFAULT_FROM_EMAIL} 19 | - EMAIL_HOST=${HEALTHCHECKS_EMAIL_HOST} 20 | - EMAIL_HOST_PASSWORD=${HEALTHCHECKS_EMAIL_HOST_PASSWORD} 21 | - EMAIL_HOST_USER=${HEALTHCHECKS_EMAIL_HOST_USER} 22 | - EMAIL_PORT=${HEALTHCHECKS_EMAIL_PORT} 23 | - EMAIL_USE_TLS=${HEALTHCHECKS_EMAIL_USE_TLS} 24 | - SECRET_KEY=${HEALTHCHECKS_SECRET_KEY} 25 | - SITE_ROOT=https://${HEALTHCHECKS_HOST} 26 | restart: unless-stopped 27 | labels: 28 | - "traefik.enable=true" 29 | - "traefik.http.services.healthchecks.loadbalancer.server.port=8000" 30 | - "traefik.http.routers.healthchecks.service=healthchecks" 31 | - "traefik.http.routers.healthchecks.tls=true" 32 | - "traefik.http.routers.healthchecks.entrypoints=websecure" 33 | - 'traefik.http.routers.healthchecks.rule=Host("$HEALTHCHECKS_HOST")' 34 | - "traefik.http.routers.healthchecks.middlewares=authelia@docker" 35 | networks: 36 | - web_proxy 37 | # Healthchecks failing 38 | healthcheck: 39 | disable: true 40 | 41 | networks: 42 | web_proxy: 43 | external: true 44 | 45 | -------------------------------------------------------------------------------- /homer/.env.example: -------------------------------------------------------------------------------- 1 | HOMER_HOST=homer.example.com 2 | 3 | -------------------------------------------------------------------------------- /homer/.gitignore: -------------------------------------------------------------------------------- 1 | assets/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /homer/assets/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/homer/assets/.gitkeep -------------------------------------------------------------------------------- /homer/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | homer: 5 | image: docker.io/b4bz/homer:v24.12.1@sha256:4b44a4a9e3294ccef756275271342661c389ae2936e71ac96b911a139de57757 6 | container_name: homer 7 | volumes: 8 | - ./assets:/www/assets 9 | restart: unless-stopped 10 | labels: 11 | - "traefik.enable=true" 12 | - "traefik.http.services.homer.loadbalancer.server.port=8080" 13 | - "traefik.http.routers.homer.service=homer" 14 | - "traefik.http.routers.homer.tls=true" 15 | - "traefik.http.routers.homer.entrypoints=websecure" 16 | - 'traefik.http.routers.homer.rule=Host("$HOMER_HOST")' 17 | - "traefik.http.routers.homer.middlewares=authelia@docker" 18 | networks: 19 | - web_proxy 20 | # No healthchek because already present in Dockerfile 21 | 22 | networks: 23 | web_proxy: 24 | external: true 25 | -------------------------------------------------------------------------------- /immich/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | IMMICH_UPLOADS_PATH=/path/to/uploads 6 | IMMICH_HOST=immich.example.com 7 | IMMICH_DB_PASSWORD=random-text 8 | IMMICH_DB_DUMPER_HEALTHCHECKS_URL=https://hc-ping.com/00000000-0000-0000-0000-000000000000 9 | IMMICH_TYPESENSE_API_KEY=random-text 10 | 11 | -------------------------------------------------------------------------------- /immich/.gitignore: -------------------------------------------------------------------------------- 1 | db/* 2 | db_dumps/* 3 | typesense/* 4 | 5 | !**/.gitkeep 6 | -------------------------------------------------------------------------------- /immich/.kopiaignore: -------------------------------------------------------------------------------- 1 | db/* 2 | typesense/* 3 | -------------------------------------------------------------------------------- /immich/db_dumps/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/immich/db_dumps/.gitkeep -------------------------------------------------------------------------------- /immich/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | immich_db: 5 | image: docker.io/library/postgres:15.13-alpine@sha256:b86604df02ea670dcc56c4a769f283f71647e2d29c90d9edd069524ee6dcc3aa 6 | restart: unless-stopped 7 | container_name: immich_db 8 | # See: https://github.com/docker-library/docs/blob/master/postgres/README.md#arbitrary---user-notes 9 | user: "${PUID}:${PGID}" 10 | volumes: 11 | - ./db:/var/lib/postgresql/data 12 | environment: 13 | - POSTGRES_DB=immich 14 | - POSTGRES_USER=immich 15 | - POSTGRES_PASSWORD=${IMMICH_DB_PASSWORD} 16 | networks: 17 | - immich 18 | healthcheck: 19 | test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] 20 | start_period: 20s 21 | interval: 30s 22 | retries: 5 23 | timeout: 5s 24 | 25 | immich_db_dumper: 26 | image: docker.io/paolobasso/database_dumper:postgres-15 27 | restart: unless-stopped 28 | depends_on: 29 | - immich_db 30 | container_name: immich_db_dumper 31 | volumes: 32 | - ./db_dumps:/dumps 33 | environment: 34 | - PUID=${PUID} 35 | - PGID=${PGID} 36 | - DUMPER_DATABASE=immich 37 | - DUMPER_HOST=immich_db 38 | - DUMPER_USER=immich 39 | - DUMPER_PASSWORD=${IMMICH_DB_PASSWORD} 40 | - DUMPER_HEALTHCHECKS_URL=${IMMICH_DB_DUMPER_HEALTHCHECKS_URL} 41 | networks: 42 | - immich 43 | 44 | immich_server: 45 | image: ghcr.io/immich-app/immich-server:v1.134.0@sha256:073fc04c7e3d18ace466c20763809cf17aa55765ed610f12971b392a6a80b50c 46 | container_name: immich_server 47 | command: ["start.sh", "immich"] 48 | depends_on: 49 | - immich_db 50 | - immich_redis 51 | environment: 52 | - IMMICH_MACHINE_LEARNING_ENABLED=false 53 | - DB_HOSTNAME=immich_db 54 | - DB_USERNAME=immich 55 | - DB_PASSWORD=${IMMICH_DB_PASSWORD} 56 | - DB_DATABASE_NAME=immich 57 | - DB_PORT=5432 58 | - REDIS_HOSTNAME=immich_redis 59 | - REDIS_PORT=6379 60 | - TYPESENSE_ENABLED=false 61 | volumes: 62 | - ${IMMICH_UPLOAD_PATH}:/usr/src/app/upload 63 | - /etc/localtime:/etc/localtime:ro 64 | restart: unless-stopped 65 | labels: 66 | - "traefik.enable=true" 67 | - "traefik.http.services.immich_server.loadbalancer.server.port=3001" 68 | - "traefik.http.middlewares.immich_server.stripprefix.prefixes=/api/" 69 | - "traefik.http.routers.immich_server.service=immich_server" 70 | - "traefik.http.routers.immich_server.tls=true" 71 | - "traefik.http.routers.immich_server.entrypoints=websecure" 72 | - 'traefik.http.routers.immich_server.rule=Host(`${IMMICH_HOST}`) && PathPrefix("/api/")' 73 | - "traefik.http.routers.immich_server.middlewares=immich_server" 74 | networks: 75 | - immich 76 | - web_proxy 77 | healthcheck: 78 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:3001/server-info/ping"] 79 | start_period: 20s 80 | interval: 30s 81 | timeout: 5s 82 | retries: 5 83 | 84 | immich_microservices: 85 | image: ghcr.io/immich-app/immich-server:v1.134.0@sha256:073fc04c7e3d18ace466c20763809cf17aa55765ed610f12971b392a6a80b50c 86 | container_name: immich_microservices 87 | command: ["start.sh", "microservices"] 88 | volumes: 89 | - ${IMMICH_UPLOAD_PATH}:/usr/src/app/upload 90 | - /etc/localtime:/etc/localtime:ro 91 | environment: 92 | - IMMICH_MACHINE_LEARNING_ENABLED=false 93 | - DB_HOSTNAME=immich_db 94 | - DB_USERNAME=immich 95 | - DB_PASSWORD=${IMMICH_DB_PASSWORD} 96 | - DB_DATABASE_NAME=immich 97 | - DB_PORT=5432 98 | - REDIS_HOSTNAME=immich_redis 99 | - REDIS_PORT=6379 100 | - TYPESENSE_ENABLED=false 101 | depends_on: 102 | - immich_db 103 | - immich_redis 104 | restart: unless-stopped 105 | networks: 106 | - immich 107 | 108 | immich_web: 109 | container_name: immich_web 110 | image: ghcr.io/immich-app/immich-web:v1.87.0@sha256:2bef28adbcc60a2ee5dee8cafe109e3d5c6b7bca88d90acdd3eec376200a6d6e 111 | depends_on: 112 | - immich_server 113 | - immich_redis 114 | - immich_db 115 | environment: 116 | - IMMICH_SERVER_URL=http://immich_server:3001 117 | - PUBLIC_IMMICH_SERVER_URL=http://immich_server:3001 118 | - IMMICH_API_URL_EXTERNAL=/api 119 | restart: unless-stopped 120 | labels: 121 | - "traefik.enable=true" 122 | - "traefik.http.routers.immich_web.service=immich_web" 123 | - "traefik.http.routers.immich_web.tls=true" 124 | - "traefik.http.routers.immich_web.tls.certresolver=dns-cloudflare" 125 | - "traefik.http.routers.immich_web.entrypoints=websecure" 126 | - "traefik.http.routers.immich_web.rule=Host(`${IMMICH_HOST}`)" 127 | - "traefik.http.services.immich_web.loadbalancer.server.port=3000" 128 | - "traefik.http.routers.immich_web.middlewares=authelia@docker" 129 | networks: 130 | - immich 131 | - web_proxy 132 | healthcheck: 133 | test: ["CMD", "wget", "-q", "--no-verbose", "--tries", "1", "--spider", "--timeout", "2", "http://localhost:3000"] 134 | start_period: 20s 135 | interval: 30s 136 | timeout: 5s 137 | retries: 5 138 | 139 | immich_redis: 140 | image: docker.io/library/redis:7.4.4-alpine@sha256:ee9e8748ace004102a267f7b8265dab2c618317df22507b89d16a8add7154273 141 | container_name: immich_redis 142 | restart: unless-stopped 143 | networks: 144 | - immich 145 | healthcheck: 146 | test: ["CMD-SHELL", "redis-cli ping | grep PONG"] 147 | start_period: 20s 148 | interval: 30s 149 | retries: 5 150 | timeout: 3s 151 | 152 | networks: 153 | web_proxy: 154 | external: true 155 | immich: 156 | driver: bridge 157 | -------------------------------------------------------------------------------- /jellyfin/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | 4 | JELLYFIN_HOST=jellyfin.example.com 5 | JELLYFIN_MOVIES_PATH=/path/to/movies 6 | JELLYFIN_TV_PATH=/path/to/tv 7 | JELLYFIN_MUSIC_PATH=/path/to/music -------------------------------------------------------------------------------- /jellyfin/.gitignore: -------------------------------------------------------------------------------- 1 | config/* 2 | cache/* 3 | 4 | !**/.gitkeep 5 | -------------------------------------------------------------------------------- /jellyfin/.kopiaignore: -------------------------------------------------------------------------------- 1 | cache/* 2 | -------------------------------------------------------------------------------- /jellyfin/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/jellyfin/config/.gitkeep -------------------------------------------------------------------------------- /jellyfin/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | jellyfin: 5 | image: docker.io/jellyfin/jellyfin:10.10.7@sha256:7ae36aab93ef9b6aaff02b37f8bb23df84bb2d7a3f6054ec8fc466072a648ce2 6 | container_name: jellyfin 7 | user: ${PUID}:${PGID} 8 | environment: 9 | - JELLYFIN_PublishedServerUrl=https://${JELLYFIN_HOST} 10 | volumes: 11 | - ./config:/config 12 | - ./cache:/cache 13 | - ${JELLYFIN_MOVIES_PATH}:/movies:rw,rslave 14 | - ${JELLYFIN_TV_PATH}:/tv:rw,rslave 15 | - ${JELLYFIN_MUSIC_PATH}:/music:rw,rslave 16 | restart: unless-stopped 17 | labels: 18 | - "traefik.enable=true" 19 | - "traefik.http.services.jellyfin.loadbalancer.server.port=8096" 20 | - "traefik.http.routers.jellyfin.service=jellyfin" 21 | - "traefik.http.routers.jellyfin.tls=true" 22 | - "traefik.http.routers.jellyfin.entrypoints=websecure" 23 | - 'traefik.http.routers.jellyfin.rule=Host("$JELLYFIN_HOST")' 24 | # - "traefik.http.routers.jellyfin.middlewares=authelia@docker" 25 | networks: 26 | - web_proxy 27 | - torrent 28 | # No healthcheck because already present in Dockerfile 29 | 30 | networks: 31 | web_proxy: 32 | external: true 33 | torrent: 34 | external: true 35 | -------------------------------------------------------------------------------- /jellyseerr/.env.example: -------------------------------------------------------------------------------- 1 | JELLYSEERR_HOST=jellyseerr.example.com 2 | -------------------------------------------------------------------------------- /jellyseerr/.gitignore: -------------------------------------------------------------------------------- 1 | config/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /jellyseerr/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/jellyseerr/config/.gitkeep -------------------------------------------------------------------------------- /jellyseerr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | jellyseerr: 5 | image: docker.io/fallenbagel/jellyseerr:2.5.2@sha256:2a611369ad1d0d501c2d051fc89b6246ff081fb4a30879fdc75642cf6a37b1a6 6 | container_name: jellyseerr 7 | volumes: 8 | - ./config:/app/config 9 | restart: unless-stopped 10 | labels: 11 | - "traefik.enable=true" 12 | - "traefik.http.services.jellyseerr.loadbalancer.server.port=5055" 13 | - "traefik.http.routers.jellyseerr.service=jellyseerr" 14 | - "traefik.http.routers.jellyseerr.tls=true" 15 | - "traefik.http.routers.jellyseerr.entrypoints=websecure" 16 | - 'traefik.http.routers.jellyseerr.rule=Host("$JELLYSEERR_HOST")' 17 | # - "traefik.http.routers.jellyseerr.middlewares=authelia@docker" 18 | networks: 19 | - web_proxy 20 | - torrent 21 | healthcheck: 22 | test: ["CMD", "wget", "-q", "--no-verbose", "--tries", "1", "--spider", "--timeout", "2", "http://localhost:5055/api/v1/status"] 23 | start_period: 20s 24 | interval: 30s 25 | timeout: 5s 26 | retries: 5 27 | 28 | networks: 29 | web_proxy: 30 | external: true 31 | torrent: 32 | external: true 33 | -------------------------------------------------------------------------------- /maloja/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | 4 | MALOJA_HOST=maloja.example.com 5 | MALOJA_FORCE_PASSWORD=change-me 6 | -------------------------------------------------------------------------------- /maloja/.gitignore: -------------------------------------------------------------------------------- 1 | data/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /maloja/data/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/maloja/data/.gitkeep -------------------------------------------------------------------------------- /maloja/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | maloja: 5 | image: docker.io/krateng/maloja:3.2.4@sha256:4ecea26058d2ca5168a8d53820279942d28f0606664cea6425f42371d5d88f95 6 | container_name: maloja 7 | # user: ${PUID}:${PGID} 8 | environment: 9 | - MALOJA_DATA_DIRECTORY=/mljdata 10 | - MALOJA_FORCE_PASSWORD=${MALOJA_FORCE_PASSWORD} 11 | volumes: 12 | - ./data:/mljdata 13 | restart: unless-stopped 14 | labels: 15 | - "traefik.enable=true" 16 | - "traefik.http.services.maloja.loadbalancer.server.port=42010" 17 | - "traefik.http.routers.maloja.service=maloja" 18 | - "traefik.http.routers.maloja.tls=true" 19 | - "traefik.http.routers.maloja.entrypoints=websecure" 20 | - 'traefik.http.routers.maloja.rule=Host("$MALOJA_HOST")' 21 | - "traefik.http.routers.maloja.middlewares=authelia@docker" 22 | networks: 23 | - web_proxy 24 | # No healthcheck because no public endpoint 25 | 26 | networks: 27 | web_proxy: 28 | external: true 29 | -------------------------------------------------------------------------------- /mealie/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | MEALIE_DB_PASSWORD= 6 | MEALIE_DB_DUMPER_HEALTHCHECKS_URL= 7 | MEALIE_HOST=mealie.example.com 8 | 9 | -------------------------------------------------------------------------------- /mealie/.gitignore: -------------------------------------------------------------------------------- 1 | data/* 2 | db_dumps/* 3 | db/* 4 | 5 | !**/.gitkeep 6 | -------------------------------------------------------------------------------- /mealie/.kopiaignore: -------------------------------------------------------------------------------- 1 | db/* 2 | -------------------------------------------------------------------------------- /mealie/data/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/mealie/data/.gitkeep -------------------------------------------------------------------------------- /mealie/db_dumps/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/mealie/db_dumps/.gitkeep -------------------------------------------------------------------------------- /mealie/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | mealie_db: 5 | image: docker.io/library/postgres:15.13-alpine@sha256:b86604df02ea670dcc56c4a769f283f71647e2d29c90d9edd069524ee6dcc3aa 6 | restart: unless-stopped 7 | container_name: mealie_db 8 | # See: https://github.com/docker-library/docs/blob/master/postgres/README.md#arbitrary---user-notes 9 | user: "${PUID}:${PGID}" 10 | volumes: 11 | - ./db:/var/lib/postgresql/data 12 | environment: 13 | - POSTGRES_DB=mealie 14 | - POSTGRES_USER=mealie 15 | - POSTGRES_PASSWORD=${MEALIE_DB_PASSWORD} 16 | networks: 17 | - mealie 18 | healthcheck: 19 | test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] 20 | start_period: 20s 21 | interval: 30s 22 | retries: 5 23 | timeout: 5s 24 | 25 | mealie_db_dumper: 26 | image: docker.io/paolobasso/database_dumper:postgres-15 27 | restart: unless-stopped 28 | depends_on: 29 | - mealie_db 30 | container_name: mealie_db_dumper 31 | volumes: 32 | - ./db_dumps:/dumps 33 | environment: 34 | - PUID=${PUID} 35 | - PGID=${PGID} 36 | - DUMPER_DATABASE=mealie 37 | - DUMPER_HOST=mealie_db 38 | - DUMPER_USER=mealie 39 | - DUMPER_PASSWORD=${MEALIE_DB_PASSWORD} 40 | - DUMPER_HEALTHCHECKS_URL=${MEALIE_DB_DUMPER_HEALTHCHECKS_URL} 41 | networks: 42 | - mealie 43 | 44 | mealie: 45 | image: ghcr.io/mealie-recipes/mealie:v1.0.0-RC1.1@sha256:6df1e795f17af43f082146e471113315487b5f0882f2ee7553d469034d929af1 46 | depends_on: 47 | - mealie_db 48 | restart: unless-stopped 49 | container_name: mealie 50 | environment: 51 | - PUID=${PUID} 52 | - PGID=${PGID} 53 | - TZ=${TZ} 54 | - ALLOW_SIGNUP=false 55 | - MAX_WORKERS=1 56 | - WEB_CONCURRENCY=1 57 | - BASE_URL=https://${MEALIE_HOST} 58 | - DB_ENGINE=postgres 59 | - POSTGRES_USER=mealie 60 | - POSTGRES_PASSWORD=${MEALIE_DB_PASSWORD} 61 | - POSTGRES_SERVER=mealie_db 62 | - POSTGRES_PORT=5432 63 | - POSTGRES_DB=mealie 64 | labels: 65 | - "traefik.enable=true" 66 | - "traefik.http.services.mealie.loadbalancer.server.port=9000" 67 | - "traefik.http.routers.mealie.service=mealie" 68 | - "traefik.http.routers.mealie.tls=true" 69 | - "traefik.http.routers.mealie.entrypoints=websecure" 70 | - 'traefik.http.routers.mealie.rule=Host("$MEALIE_HOST")' 71 | - "traefik.http.routers.mealie.middlewares=authelia@docker" 72 | volumes: 73 | - ./data:/app/data 74 | networks: 75 | - mealie 76 | - web_proxy 77 | # No healthcheck because already present in Dockerfile 78 | 79 | networks: 80 | web_proxy: 81 | external: true 82 | mealie: 83 | driver: bridge 84 | -------------------------------------------------------------------------------- /multi-scrobbler/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | MULTI_SCROBBLER_HOST=multi-scrobbler.example.com 6 | MALOJA_API_KEY=your-maloja-api-key 7 | MALOJA_URL=https://maloja.example.com 8 | SPOTIFY_REDIRECT_URI=https://${MULTI_SCROBBLER_HOST}/callback 9 | SPOTIFY_CLIENT_SECRET=your-spotify-client-secret 10 | SPOTIFY_CLIENT_ID=your-spotify-client-id 11 | -------------------------------------------------------------------------------- /multi-scrobbler/.gitignore: -------------------------------------------------------------------------------- 1 | config/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /multi-scrobbler/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/multi-scrobbler/config/.gitkeep -------------------------------------------------------------------------------- /multi-scrobbler/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | multi_scrobbler: 5 | image: ghcr.io/foxxmd/multi-scrobbler:0.8.8@sha256:0b1289f28a1d5b66eed45b16d5f8c5b9238a80467dfe6ece72234fcccbd903e7 6 | container_name: multi_scrobbler 7 | environment: 8 | - PUID=${PUID} 9 | - PGID=${PGID} 10 | - MALOJA_API_KEY=${MALOJA_API_KEY} 11 | - MALOJA_URL=${MALOJA_URL} 12 | - SPOTIFY_REDIRECT_URI=${SPOTIFY_REDIRECT_URI} 13 | - SPOTIFY_CLIENT_SECRET=${SPOTIFY_CLIENT_SECRET} 14 | - SPOTIFY_CLIENT_ID=${SPOTIFY_CLIENT_ID} 15 | volumes: 16 | - ./config:/config 17 | restart: unless-stopped 18 | labels: 19 | - "traefik.enable=true" 20 | - "traefik.http.services.multi_scrobbler.loadbalancer.server.port=9078" 21 | - "traefik.http.routers.multi_scrobbler.service=multi_scrobbler" 22 | - "traefik.http.routers.multi_scrobbler.tls=true" 23 | - "traefik.http.routers.multi_scrobbler.entrypoints=websecure" 24 | - 'traefik.http.routers.multi_scrobbler.rule=Host("$MULTI_SCROBBLER_HOST")' 25 | - "traefik.http.routers.multi_scrobbler.middlewares=authelia@docker" 26 | networks: 27 | - web_proxy 28 | healthcheck: 29 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:9078/api/status"] 30 | start_period: 20s 31 | interval: 30s 32 | timeout: 5s 33 | retries: 5 34 | 35 | networks: 36 | web_proxy: 37 | external: true 38 | -------------------------------------------------------------------------------- /navidrome/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | NAVIDROME_HOST=navidrome.example.com 6 | NAVIDROME_MUSIC_PATH=/path/to/your/music 7 | NAVIDROME_LISTENBRAINZ_BASEURL=https://maloja.example.com/apis/listenbrainz 8 | NAVIDROME_SCANSCHEDULE=12h 9 | NAVIDROME_LOGLEVEL=info 10 | NAVIDROME_SESSIONTIMEOUT=24h 11 | -------------------------------------------------------------------------------- /navidrome/.gitignore: -------------------------------------------------------------------------------- 1 | data/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /navidrome/data/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/navidrome/data/.gitkeep -------------------------------------------------------------------------------- /navidrome/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | navidrome: 5 | image: docker.io/deluan/navidrome:0.54.5@sha256:2a4deb64be3d42f245947b4330988bb8b48b99271f6afdaf68384ed3c3de9d51 6 | user: ${PUID}:${PGID} 7 | container_name: navidrome 8 | environment: 9 | - ND_SCANSCHEDULE=${NAVIDROME_SCANSCHEDULE} 10 | - ND_LOGLEVEL=${NAVIDROME_LOGLEVEL} 11 | - ND_SESSIONTIMEOUT=${NAVIDROME_SESSIONTIMEOUT} 12 | - ND_LISTENBRAINZ_BASEURL=${NAVIDROME_LISTENBRAINZ_BASEURL} 13 | volumes: 14 | - ./data:/data 15 | - ${NAVIDROME_MUSIC_PATH}:/music:ro,rslave 16 | restart: unless-stopped 17 | labels: 18 | - "traefik.enable=true" 19 | - "traefik.http.services.navidrome.loadbalancer.server.port=4533" 20 | - "traefik.http.routers.navidrome.service=navidrome" 21 | - "traefik.http.routers.navidrome.tls=true" 22 | - "traefik.http.routers.navidrome.entrypoints=websecure" 23 | - 'traefik.http.routers.navidrome.rule=Host("$NAVIDROME_HOST")' 24 | - "traefik.http.routers.navidrome.middlewares=authelia@docker" 25 | networks: 26 | - web_proxy 27 | # No healthcheck because already present in Dockerfile 28 | 29 | networks: 30 | web_proxy: 31 | external: true 32 | -------------------------------------------------------------------------------- /paperless-ngx/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | PAPERLESS_NGX_HOST=paperless-ngx.example.com 6 | PAPERLESS_NGX_WEBDAV_HOST=paperless-ngx-webdav.example.com 7 | PAPERLESS_NGX_DB_PASSWORD=change-me 8 | PAPERLESS_NGX_DB_DUMPER_HEALTHCHECKS_URL= 9 | PAPERLESS_NGX_SECRET_KEY=change-me 10 | PAPERLESS_NGX_OCR_LANGUAGE=eng 11 | -------------------------------------------------------------------------------- /paperless-ngx/.gitignore: -------------------------------------------------------------------------------- 1 | db/* 2 | db_dumps/* 3 | data/* 4 | media/* 5 | export/* 6 | consume/* 7 | 8 | !**/.gitkeep 9 | 10 | -------------------------------------------------------------------------------- /paperless-ngx/.kopiaignore: -------------------------------------------------------------------------------- 1 | db/* -------------------------------------------------------------------------------- /paperless-ngx/consume/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/paperless-ngx/consume/.gitkeep -------------------------------------------------------------------------------- /paperless-ngx/data/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/paperless-ngx/data/.gitkeep -------------------------------------------------------------------------------- /paperless-ngx/db_dumps/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/paperless-ngx/db_dumps/.gitkeep -------------------------------------------------------------------------------- /paperless-ngx/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | paperless_ngx_redis: 5 | image: docker.io/library/redis:7.4.4-alpine@sha256:ee9e8748ace004102a267f7b8265dab2c618317df22507b89d16a8add7154273 6 | container_name: paperless_ngx_redis 7 | restart: unless-stopped 8 | networks: 9 | - paperless_ngx 10 | healthcheck: 11 | test: ["CMD-SHELL", "redis-cli ping | grep PONG"] 12 | start_period: 20s 13 | interval: 30s 14 | retries: 5 15 | timeout: 3s 16 | 17 | paperless_ngx_db: 18 | image: docker.io/library/postgres:15.13-alpine@sha256:b86604df02ea670dcc56c4a769f283f71647e2d29c90d9edd069524ee6dcc3aa 19 | restart: unless-stopped 20 | container_name: papeless_ngx_db 21 | # See: https://github.com/docker-library/docs/blob/master/postgres/README.md#arbitrary---user-notes 22 | user: "${PUID}:${PGID}" 23 | volumes: 24 | - ./db:/var/lib/postgresql/data 25 | environment: 26 | - POSTGRES_DB=paperless_ngx 27 | - POSTGRES_USER=paperless_ngx 28 | - POSTGRES_PASSWORD=${PAPERLESS_NGX_DB_PASSWORD} 29 | networks: 30 | - paperless_ngx 31 | healthcheck: 32 | test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] 33 | start_period: 20s 34 | interval: 30s 35 | retries: 5 36 | timeout: 5s 37 | 38 | paperless_ngx_db_dumper: 39 | image: docker.io/paolobasso/database_dumper:postgres-15 40 | restart: unless-stopped 41 | depends_on: 42 | - paperless_ngx_db 43 | container_name: paperless_ngx_db_dumper 44 | volumes: 45 | - ./db_dumps:/dumps 46 | environment: 47 | - PUID=${PUID} 48 | - PGID=${PGID} 49 | - DUMPER_DATABASE=paperless_ngx 50 | - DUMPER_HOST=paperless_ngx_db 51 | - DUMPER_USER=paperless_ngx 52 | - DUMPER_PASSWORD=${PAPERLESS_NGX_DB_PASSWORD} 53 | - DUMPER_HEALTHCHECKS_URL=${PAPERLESS_NGX_DB_DUMPER_HEALTHCHECKS_URL} 54 | networks: 55 | - paperless_ngx 56 | 57 | paperless_ngx_tika: 58 | image: ghcr.io/paperless-ngx/tika@sha256:20db3df89eaeb1b271dd840888fe909b88b12f4b86ef641ec07a1d45d4c5168f 59 | container_name: paperless_ngx_tika 60 | restart: unless-stopped 61 | user: ${PUID}:${PGID} 62 | networks: 63 | - paperless_ngx 64 | # No healthcheck because no curl or wget 65 | 66 | paperless_ngx_gotenberg: 67 | image: docker.io/gotenberg/gotenberg:8.21.0@sha256:8ccd9b57b537a92bba778a49a0c7a8367c61927170e632840fe8a056c4702d9f 68 | restart: unless-stopped 69 | container_name: paperless_ngx_gotenberg 70 | user: ${PUID}:${PGID} 71 | command: 72 | - "gotenberg" 73 | - "--chromium-disable-javascript=true" 74 | - "--chromium-allow-list=file:///tmp/.*" 75 | healthcheck: 76 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:3000/health"] 77 | start_period: 20s 78 | interval: 30s 79 | timeout: 5s 80 | retries: 5 81 | networks: 82 | - paperless_ngx 83 | 84 | paperless_ngx: 85 | image: ghcr.io/paperless-ngx/paperless-ngx:2.16.2@sha256:2096725a544b81d07d35ac123aca079bcb859e03c73d03acb0105dd2629b3dea 86 | container_name: paperless_ngx 87 | depends_on: 88 | - paperless_ngx_redis 89 | - paperless_ngx_db 90 | - paperless_ngx_tika 91 | - paperless_ngx_gotenberg 92 | environment: 93 | - USERMAP_UID=${PUID} 94 | - USERMAP_GID=${PGID} 95 | - PAPERLESS_TIME_ZONE=${TZ} 96 | - PAPERLESS_SECRET_KEY=${PAPERLESS_NGX_SECRET_KEY} 97 | - PAPERLESS_OCR_LANGUAGE=${PAPERLESS_NGX_OCR_LANGUAGE} 98 | - PAPERLESS_REDIS=redis://paperless_ngx_redis:6379 99 | - PAPERLESS_DBHOST=paperless_ngx_db 100 | - PAPERLESS_DBPORT=5432 101 | - PAPERLESS_DBUSER=paperless_ngx 102 | - PAPERLESS_DBNAME=paperless_ngx 103 | - PAPERLESS_DBPASS=${PAPERLESS_NGX_DB_PASSWORD} 104 | - PAPERLESS_TIKA_ENABLED=1 105 | - PAPERLESS_TIKA_GOTENBERG_ENDPOINT=http://paperless_ngx_gotenberg:3000 106 | - PAPERLESS_TIKA_ENDPOINT=http://paperless_ngx_tika:9998 107 | - PAPERLESS_URL=https://${PAPERLESS_NGX_HOST} 108 | volumes: 109 | - ./data:/usr/src/paperless/data 110 | - ./media:/usr/src/paperless/media 111 | - ./export:/usr/src/paperless/export 112 | - ./consume:/usr/src/paperless/consume 113 | restart: unless-stopped 114 | labels: 115 | - "traefik.enable=true" 116 | - "traefik.http.services.paperless_ngx.loadbalancer.server.port=8000" 117 | - "traefik.http.routers.paperless_ngx.service=paperless_ngx" 118 | - "traefik.http.routers.paperless_ngx.tls=true" 119 | - "traefik.http.routers.paperless_ngx.entrypoints=websecure" 120 | - 'traefik.http.routers.paperless_ngx.rule=Host("$PAPERLESS_NGX_HOST")' 121 | - "traefik.http.routers.paperless_ngx.middlewares=authelia@docker" 122 | networks: 123 | - paperless_ngx 124 | - web_proxy 125 | healthcheck: 126 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000"] 127 | start_period: 20s 128 | interval: 30s 129 | timeout: 5s 130 | retries: 5 131 | 132 | paperless_ngx_webdav: 133 | image: docker.io/paolobasso/webdav 134 | container_name: paperless_ngx_webdav 135 | environment: 136 | - PUID=${PUID} 137 | - PGID=${PGID} 138 | - TZ=${TZ} 139 | volumes: 140 | - ./consume:/data 141 | restart: unless-stopped 142 | labels: 143 | - "traefik.enable=true" 144 | - "traefik.http.services.paperless_ngx_webdav.loadbalancer.server.port=80" 145 | - "traefik.http.routers.paperless_ngx_webdav.service=paperless_ngx_webdav" 146 | - "traefik.http.routers.paperless_ngx_webdav.tls=true" 147 | - "traefik.http.routers.paperless_ngx_webdav.entrypoints=websecure" 148 | - "traefik.http.routers.paperless_ngx_webdav.middlewares=authelia-basic@docker" 149 | - 'traefik.http.routers.paperless_ngx_webdav.rule=Host("$PAPERLESS_NGX_WEBDAV_HOST")' 150 | networks: 151 | - web_proxy 152 | healthcheck: 153 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:80"] 154 | start_period: 20s 155 | interval: 30s 156 | timeout: 5s 157 | retries: 5 158 | 159 | networks: 160 | web_proxy: 161 | external: true 162 | paperless_ngx: 163 | driver: bridge 164 | -------------------------------------------------------------------------------- /paperless-ngx/export/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/paperless-ngx/export/.gitkeep -------------------------------------------------------------------------------- /paperless-ngx/media/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/paperless-ngx/media/.gitkeep -------------------------------------------------------------------------------- /prowlarr/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | PROWLARR_HOST=prowlarr.example.com 6 | -------------------------------------------------------------------------------- /prowlarr/.gitignore: -------------------------------------------------------------------------------- 1 | config/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /prowlarr/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/prowlarr/config/.gitkeep -------------------------------------------------------------------------------- /prowlarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | prowlarr: 5 | image: docker.io/linuxserver/prowlarr:version-1.8.6.3946@sha256:8c5d3932109eed7d316d0b9e99285a71df86e85d7a1b9f72d70eb83de79475d1 6 | container_name: prowlarr 7 | environment: 8 | - PUID=${PUID} 9 | - PGID=${PGID} 10 | - TZ=${TZ} 11 | volumes: 12 | - ./config:/config 13 | restart: unless-stopped 14 | labels: 15 | - "traefik.enable=true" 16 | - "traefik.http.services.prowlarr.loadbalancer.server.port=9696" 17 | - "traefik.http.routers.prowlarr.service=prowlarr" 18 | - "traefik.http.routers.prowlarr.tls=true" 19 | - "traefik.http.routers.prowlarr.entrypoints=websecure" 20 | - 'traefik.http.routers.prowlarr.rule=Host("$PROWLARR_HOST")' 21 | - "traefik.http.routers.prowlarr.middlewares=authelia@docker" 22 | networks: 23 | - web_proxy 24 | - torrent 25 | healthcheck: 26 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:9696/login"] 27 | start_period: 20s 28 | interval: 30s 29 | timeout: 5s 30 | retries: 5 31 | 32 | networks: 33 | web_proxy: 34 | external: true 35 | torrent: 36 | external: true 37 | -------------------------------------------------------------------------------- /radarr/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | RADARR_HOST=radarr.bassopaolo.com 6 | RADARR_MOVIES_PATH=/path/to/movies 7 | RADARR_DOWNLOADS_PATH=/path/to/downloads 8 | -------------------------------------------------------------------------------- /radarr/.gitignore: -------------------------------------------------------------------------------- 1 | config/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /radarr/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/radarr/config/.gitkeep -------------------------------------------------------------------------------- /radarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | radarr: 5 | image: docker.io/linuxserver/radarr:version-5.0.3.8127@sha256:9d963b1a7cf228904a0d17ad99e5fe2aeb91c17432dbe166ba1950664e3a9f86 6 | container_name: radarr 7 | environment: 8 | - PUID=${PUID} 9 | - PGID=${PGID} 10 | - TZ=${TZ} 11 | volumes: 12 | - ./config:/config 13 | - ${RADARR_DOWNLOADS_PATH}:/downloads:rw,rslave 14 | - ${RADARR_MOVIES_PATH}:/movies:rw,rslave 15 | restart: unless-stopped 16 | labels: 17 | - "traefik.enable=true" 18 | - "traefik.http.services.radarr.loadbalancer.server.port=7878" 19 | - "traefik.http.routers.radarr.service=radarr" 20 | - "traefik.http.routers.radarr.tls=true" 21 | - "traefik.http.routers.radarr.entrypoints=websecure" 22 | - 'traefik.http.routers.radarr.rule=Host("$RADARR_HOST")' 23 | - "traefik.http.routers.radarr.middlewares=authelia@docker" 24 | networks: 25 | - web_proxy 26 | - torrent 27 | healthcheck: 28 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:7878/login"] 29 | start_period: 20s 30 | interval: 30s 31 | timeout: 5s 32 | retries: 5 33 | 34 | networks: 35 | web_proxy: 36 | external: true 37 | torrent: 38 | external: true 39 | -------------------------------------------------------------------------------- /radicale/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | RADICALE_HOST=radicale.example.com -------------------------------------------------------------------------------- /radicale/.gitignore: -------------------------------------------------------------------------------- 1 | data/* 2 | config/users 3 | 4 | !**/.gitkeep 5 | -------------------------------------------------------------------------------- /radicale/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/radicale/config/.gitkeep -------------------------------------------------------------------------------- /radicale/config/config: -------------------------------------------------------------------------------- 1 | # -*- mode: conf -*- 2 | # vim:ft=cfg 3 | 4 | # Config file for Radicale - A simple calendar server 5 | # 6 | # Place it into /etc/radicale/config (global) 7 | # or /.config/radicale/config (user) 8 | # 9 | # The current values are the default ones 10 | 11 | 12 | [server] 13 | 14 | # CalDAV server hostnames separated by a comma 15 | # IPv4 syntax: address:port 16 | # IPv6 syntax: [address]:port 17 | # For example: 0.0.0.0:9999, [::]:9999 18 | #hosts = 127.0.0.1:5232 19 | hosts = 0.0.0.0:5232 20 | 21 | # Max parallel connections 22 | #max_connections = 8 23 | 24 | # Max size of request body (bytes) 25 | #max_content_length = 100000000 26 | 27 | # Socket timeout (seconds) 28 | #timeout = 30 29 | 30 | # SSL flag, enable HTTPS protocol 31 | #ssl = False 32 | 33 | # SSL certificate path 34 | #certificate = /etc/ssl/radicale.cert.pem 35 | 36 | # SSL private key 37 | #key = /etc/ssl/radicale.key.pem 38 | 39 | # CA certificate for validating clients. This can be used to secure 40 | # TCP traffic between Radicale and a reverse proxy 41 | #certificate_authority = 42 | 43 | # SSL Protocol used. See python's ssl module for available values 44 | #protocol = PROTOCOL_TLSv1_2 45 | 46 | # Available ciphers. See python's ssl module for available ciphers 47 | #ciphers = 48 | 49 | # Reverse DNS to resolve client address in logs 50 | #dns_lookup = True 51 | 52 | 53 | [encoding] 54 | 55 | # Encoding for responding requests 56 | #request = utf-8 57 | 58 | # Encoding for storing local collections 59 | #stock = utf-8 60 | 61 | 62 | [auth] 63 | 64 | # Authentication method 65 | # Value: none | htpasswd | remote_user | http_x_remote_user 66 | type = htpasswd 67 | 68 | # Htpasswd filename 69 | htpasswd_filename = /config/users 70 | 71 | # Htpasswd encryption method 72 | # Value: plain | sha1 | ssha | crypt | bcrypt | md5 73 | # Only bcrypt can be considered secure. 74 | # bcrypt and md5 require the passlib library to be installed. 75 | htpasswd_encryption = bcrypt 76 | 77 | # Incorrect authentication delay (seconds) 78 | #delay = 1 79 | 80 | # Message displayed in the client when a password is needed 81 | #realm = Radicale - Password Required 82 | 83 | 84 | [rights] 85 | 86 | # Rights backend 87 | # Value: none | authenticated | owner_only | owner_write | from_file 88 | #type = owner_only 89 | 90 | # File for rights management from_file 91 | #file = /etc/radicale/rights 92 | 93 | 94 | [storage] 95 | 96 | # Storage backend 97 | # Value: multifilesystem 98 | #type = multifilesystem 99 | 100 | # Folder for storing local collections, created if not present 101 | #filesystem_folder = /var/lib/radicale/collections 102 | filesystem_folder = /data/collections 103 | 104 | # Delete sync token that are older (seconds) 105 | #max_sync_token_age = 2592000 106 | 107 | # Command that is run after changes to storage 108 | # Example: ([ -d .git ] || git init) && git add -A && (git diff --cached --quiet || git commit -m "Changes by "%(user)s) 109 | #hook = 110 | 111 | 112 | [web] 113 | 114 | # Web interface backend 115 | # Value: none | internal | radicale_infcloud 116 | # (See also https://github.com/Unrud/RadicaleInfCloud) 117 | #type = internal 118 | 119 | 120 | [logging] 121 | 122 | # Logging configuration file 123 | # If no config is given, simple information is printed on the standard output 124 | # For more information about the syntax of the configuration file, see: 125 | # http://docs.python.org/library/logging.config.html 126 | #config = 127 | 128 | # Set the default logging level to debug 129 | #debug = False 130 | 131 | # Store all environment variables (including those set in the shell) 132 | #full_environment = False 133 | 134 | # Don't include passwords in logs 135 | #mask_passwords = True 136 | 137 | 138 | [headers] 139 | 140 | # Additional HTTP headers 141 | #Access-Control-Allow-Origin = * 142 | -------------------------------------------------------------------------------- /radicale/data/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/radicale/data/.gitkeep -------------------------------------------------------------------------------- /radicale/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | radicale: 5 | image: docker.io/tomsquest/docker-radicale:3.5.4.0@sha256:99a1145aafab55f211389a303a553109d06ff2c00f634847a52b8561bd01f172 6 | container_name: radicale 7 | cap_drop: 8 | - ALL 9 | cap_add: 10 | - CHOWN 11 | - SETUID 12 | - SETGID 13 | - KILL 14 | security_opt: 15 | - no-new-privileges:true 16 | init: true 17 | read_only: true 18 | restart: unless-stopped 19 | volumes: 20 | - ./config:/config:ro 21 | - ./data:/data 22 | environment: 23 | - TZ=${TZ} 24 | labels: 25 | - "traefik.enable=true" 26 | - "traefik.http.services.radicale.loadbalancer.server.port=5232" 27 | - "traefik.http.routers.radicale.service=radicale" 28 | - "traefik.http.routers.radicale.tls=true" 29 | - "traefik.http.routers.radicale.entrypoints=websecure" 30 | - 'traefik.http.routers.radicale.rule=Host("$RADICALE_HOST")' 31 | networks: 32 | - web_proxy 33 | # No healthcheck because already present in Dockerfile 34 | 35 | networks: 36 | web_proxy: 37 | external: true 38 | -------------------------------------------------------------------------------- /recyclarr/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | SONARR_API_KEY= 6 | RADARR_API_KEY= -------------------------------------------------------------------------------- /recyclarr/.gitignore: -------------------------------------------------------------------------------- 1 | config/* 2 | 3 | !config/recyclarr.yml 4 | !**/.gitkeep 5 | -------------------------------------------------------------------------------- /recyclarr/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/recyclarr/config/.gitkeep -------------------------------------------------------------------------------- /recyclarr/config/recyclarr.yml: -------------------------------------------------------------------------------- 1 | # yaml-language-server: $schema=https://raw.githubusercontent.com/recyclarr/recyclarr/master/schemas/config-schema.json 2 | 3 | # A starter config to use with Recyclarr. Most values are set to "reasonable defaults". Update the 4 | # values below as needed for your instance. You will be required to update the API Key and URL for 5 | # each instance you want to use. 6 | # 7 | # Many optional settings have been omitted to keep this template simple. Note that there's no "one 8 | # size fits all" configuration. Please refer to the guide to understand how to build the appropriate 9 | # configuration based on your hardware setup and capabilities. 10 | # 11 | # For any lines that mention uncommenting YAML, you simply need to remove the leading hash (`#`). 12 | # The YAML comments will already be at the appropriate indentation. 13 | # 14 | # For more details on the configuration, see the Configuration Reference on the wiki here: 15 | # https://recyclarr.dev/wiki/yaml/config-reference/ 16 | 17 | # Configuration specific to Sonarr 18 | sonarr: 19 | series: 20 | # Set the URL/API Key to your actual instance 21 | base_url: http://sonarr:8989 22 | api_key: !env_var SONARR_API_KEY 23 | 24 | # Quality definitions from the guide to sync to Sonarr. Choices: series, anime 25 | quality_definition: 26 | type: series 27 | 28 | # Release profiles from the guide to sync to Sonarr v3 (Sonarr v4 does not use this!) 29 | # Use `recyclarr list release-profiles` for values you can put here. 30 | # https://trash-guides.info/Sonarr/Sonarr-Release-Profile-RegEx/ 31 | release_profiles: 32 | # Series 33 | - trash_ids: 34 | - EBC725268D687D588A20CBC5F97E538B # Low Quality Groups 35 | - 1B018E0C53EC825085DD911102E2CA36 # Release Sources (Streaming Service) 36 | - 71899E6C303A07AF0E4746EFF9873532 # P2P Groups + Repack/Proper 37 | # Anime (Uncomment below if you want it) 38 | #- trash_ids: 39 | # - d428eda85af1df8904b4bbe4fc2f537c # Anime - First release profile 40 | # - 6cd9e10bb5bb4c63d2d7cd3279924c7b # Anime - Second release profile 41 | 42 | # Configuration specific to Radarr. 43 | radarr: 44 | movies: 45 | # Set the URL/API Key to your actual instance 46 | base_url: http://radarr:7878 47 | api_key: !env_var RADARR_API_KEY 48 | 49 | # Which quality definition in the guide to sync to Radarr. Only choice right now is 'movie' 50 | quality_definition: 51 | type: movie 52 | 53 | # Set to 'true' to automatically remove custom formats from Radarr when they are removed from 54 | # the guide or your configuration. This will NEVER delete custom formats you manually created! 55 | delete_old_custom_formats: false 56 | 57 | custom_formats: 58 | # A list of custom formats to sync to Radarr. 59 | # Use `recyclarr list custom-formats radarr` for values you can put here. 60 | # https://trash-guides.info/Radarr/Radarr-collection-of-custom-formats/ 61 | - trash_ids: 62 | # Movie Versions 63 | - 570bc9ebecd92723d2d21500f4be314c # Remastered 64 | - eca37840c13c6ef2dd0262b141a5482f # 4K Remaster 65 | - e0c07d59beb37348e975a930d5e50319 # Criterion Collection 66 | - 9d27d9d2181838f76dee150882bdc58c # Masters of Cinema 67 | - db9b4c4b53d312a3ca5f1378f6440fc9 # Vinegar Syndrome 68 | - 957d0f44b592285f26449575e8b1167e # Special Edition 69 | - eecf3a857724171f968a66cb5719e152 # IMAX 70 | - 9f6cbff8cfe4ebbc1bde14c7b7bec0de # IMAX Enhanced 71 | # HQ Release Groups 72 | - ed27ebfef2f323e964fb1f61391bcb35 # HD Bluray Tier 01 73 | - c20c8647f2746a1f4c4262b0fbbeeeae # HD Bluray Tier 02 74 | - 5608c71bcebba0a5e666223bae8c9227 # HD Bluray Tier 03 75 | - c20f169ef63c5f40c2def54abaf4438e # WEB Tier 01 76 | - 403816d65392c79236dcb6dd591aeda4 # WEB Tier 02 77 | - af94e0fe497124d1f9ce732069ec8c3b # WEB Tier 03 78 | # Misc 79 | - e7718d7a3ce595f289bfee26adc178f5 # Repack/Proper 80 | - ae43b294509409a6a13919dedd4764c4 # Repack2 81 | # Unwanted 82 | - ed38b889b31be83fda192888e2286d83 # BR-DISK 83 | - 90a6f9a284dff5103f6346090e6280c8 # LQ 84 | - dc98083864ea246d05a42df0d05f81cc # x265 (HD) 85 | - b8cd450cbfa689c0259a01d9e29ba3d6 # 3D 86 | # Streaming Services 87 | - b3b3a6ac74ecbd56bcdbefa4799fb9df # AMZN 88 | - 40e9380490e748672c2522eaaeb692f7 # ATVP 89 | - cc5e51a9e85a6296ceefe097a77f12f4 # BCORE 90 | - f6ff65b3f4b464a79dcc75950fe20382 # CRAV 91 | - 16622a6911d1ab5d5b8b713d5b0036d4 # CRiT 92 | - 84272245b2988854bfb76a16e60baea5 # DSNP 93 | - 509e5f41146e278f9eab1ddaceb34515 # HBO 94 | - 5763d1b0ce84aff3b21038eea8e9b8ad # HMAX 95 | - 6a061313d22e51e0f25b7cd4dc065233 # MAX 96 | - 526d445d4c16214309f0fd2b3be18a89 # Hulu 97 | - 2a6039655313bf5dab1e43523b62c374 # MA 98 | - 170b1d363bd8516fbf3a3eb05d4faff6 # NF 99 | - bf7e73dd1d85b12cc527dc619761c840 # Pathe 100 | - c9fd353f8f5f1baf56dc601c4cb29920 # PCOK 101 | - e36a0ba1bc902b26ee40818a1d59b8bd # PMTP 102 | - c2863d2a50c9acad1fb50e53ece60817 # STAN 103 | - fbca986396c5e695ef7b2def3c755d01 # OViD 104 | 105 | 106 | # Uncomment the below properties to specify one or more quality profiles that should be 107 | # updated with scores from the guide for each custom format. Without this, custom formats 108 | # are synced to Radarr but no scores are set in any quality profiles. 109 | #quality_profiles: 110 | # - name: Quality Profile 1 111 | # - name: Quality Profile 2 112 | # #score: -9999 # Optional score to assign to all CFs. Overrides scores in the guide. 113 | # #reset_unmatched_scores: true # Optionally set other scores to 0 if they are not listed in 'names' above. 114 | quality_profiles: 115 | - name: HD-1080p 116 | 117 | -------------------------------------------------------------------------------- /recyclarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | recyclarr: 5 | image: ghcr.io/recyclarr/recyclarr:7.4.1@sha256:759540877f95453eca8a26c1a93593e783a7a824c324fbd57523deffb67f48e1 6 | container_name: recyclarr 7 | user: ${PUID}:${PGID} 8 | environment: 9 | - SONARR_API_KEY=${SONARR_API_KEY} 10 | - RADARR_API_KEY=${RADARR_API_KEY} 11 | volumes: 12 | - ./config:/config 13 | restart: unless-stopped 14 | networks: 15 | - torrent 16 | 17 | networks: 18 | torrent: 19 | external: true 20 | -------------------------------------------------------------------------------- /renovate.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://docs.renovatebot.com/renovate-schema.json", 3 | "extends": [ 4 | "config:recommended", 5 | "docker:enableMajor", 6 | "default:automergeDigest" 7 | ], 8 | "ignoreTests": true, 9 | "packageRules": [ 10 | { 11 | "matchUpdateTypes": [ 12 | "minor" 13 | ], 14 | "matchCurrentVersion": "!/^0/", 15 | "automerge": true 16 | }, 17 | { 18 | "matchUpdateTypes": [ 19 | "patch", 20 | "pin", 21 | "digest" 22 | ], 23 | "automerge": true 24 | } 25 | ] 26 | } 27 | -------------------------------------------------------------------------------- /shlink/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | SHLINK_SERVER_HOST=go.example.com 6 | SHLINK_CLIENT_HOST=shlink.example.com 7 | SHLINK_DEFAULT_BASE_URL_REDIRECT=https://example.com 8 | SHLINK_DB_PASSWORD= 9 | SHLINK_DB_DUMPER_HEALTHCHECKS_URL= 10 | SHLINK_GEOLITE_LICENSE_KEY= 11 | 12 | # Generate with: docker exec -it shlink_api shlink api-key:generate 13 | SHLINK_SERVER_API_KEY= -------------------------------------------------------------------------------- /shlink/.gitignore: -------------------------------------------------------------------------------- 1 | db/* 2 | db_dumps/* 3 | 4 | !**/.gitkeep 5 | -------------------------------------------------------------------------------- /shlink/.kopiaignore: -------------------------------------------------------------------------------- 1 | db/* -------------------------------------------------------------------------------- /shlink/db_dumps/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/shlink/db_dumps/.gitkeep -------------------------------------------------------------------------------- /shlink/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | shlink_db: 5 | image: docker.io/library/postgres:15.13-alpine@sha256:b86604df02ea670dcc56c4a769f283f71647e2d29c90d9edd069524ee6dcc3aa 6 | restart: unless-stopped 7 | container_name: shlink_db 8 | # See: https://github.com/docker-library/docs/blob/master/postgres/README.md#arbitrary---user-notes 9 | user: "${PUID}:${PGID}" 10 | volumes: 11 | - ./db:/var/lib/postgresql/data 12 | environment: 13 | - POSTGRES_DB=shlink 14 | - POSTGRES_USER=shlink 15 | - POSTGRES_PASSWORD=${SHLINK_DB_PASSWORD} 16 | networks: 17 | - shlink 18 | healthcheck: 19 | test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] 20 | start_period: 20s 21 | interval: 30s 22 | retries: 5 23 | timeout: 5s 24 | 25 | shlink_db_dumper: 26 | image: docker.io/paolobasso/database_dumper:postgres-15 27 | restart: unless-stopped 28 | depends_on: 29 | - shlink_db 30 | container_name: shlink_db_dumper 31 | volumes: 32 | - ./db_dumps:/dumps 33 | environment: 34 | - PUID=${PUID} 35 | - PGID=${PGID} 36 | - DUMPER_DATABASE=shlink 37 | - DUMPER_HOST=shlink_db 38 | - DUMPER_USER=shlink 39 | - DUMPER_PASSWORD=${SHLINK_DB_PASSWORD} 40 | - DUMPER_HEALTHCHECKS_URL=${SHLINK_DB_DUMPER_HEALTHCHECKS_URL} 41 | networks: 42 | - shlink 43 | 44 | shlink_client: 45 | image: docker.io/shlinkio/shlink-web-client:4.4.0@sha256:99988516ee0caf2059a485edaacab9759db0a3140c5a5c2634e0a97ac4d194bf 46 | container_name: shlink_client 47 | depends_on: 48 | - shlink_db 49 | - shlink_server 50 | environment: 51 | - SHLINK_SERVER_URL=https://${SHLINK_SERVER_HOST} 52 | - SHLINK_SERVER_API_KEY=${SHLINK_SERVER_API_KEY} 53 | restart: unless-stopped 54 | labels: 55 | - "traefik.enable=true" 56 | - "traefik.http.routers.shlink_client.middlewares=authelia@docker" 57 | - "traefik.http.routers.shlink_client.service=shlink_client" 58 | - 'traefik.http.routers.shlink_client.rule=Host("$SHLINK_CLIENT_HOST")' 59 | - "traefik.http.routers.shlink_client.tls=true" 60 | - "traefik.http.routers.shlink_client.entrypoints=websecure" 61 | - "traefik.http.services.shlink_client.loadbalancer.server.port=80" 62 | networks: 63 | - web_proxy 64 | healthcheck: 65 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:80"] 66 | start_period: 20s 67 | interval: 30s 68 | timeout: 5s 69 | retries: 5 70 | 71 | shlink_server: 72 | image: docker.io/shlinkio/shlink:3.7.4-non-root@sha256:b6553353135346c094e116207fca14fb4d5ce91468e657af92e3e9e730d579e7 73 | container_name: shlink_server 74 | depends_on: 75 | - shlink_db 76 | environment: 77 | - DEFAULT_DOMAIN=${SHLINK_SERVER_HOST} 78 | - IS_HTTPS_ENABLED=true 79 | - DEFAULT_BASE_URL_REDIRECT=${SHLINK_DEFAULT_BASE_URL_REDIRECT} 80 | - GEOLITE_LICENSE_KEY=${SHLINK_GEOLITE_LICENSE_KEY} 81 | - DB_DRIVER=postgres 82 | - DB_NAME=shlink 83 | - DB_USER=shlink 84 | - DB_PASSWORD=${SHLINK_DB_PASSWORD} 85 | - DB_HOST=shlink_db 86 | restart: unless-stopped 87 | labels: 88 | - "traefik.enable=true" 89 | - "traefik.http.services.shlink_server.loadbalancer.server.port=8080" 90 | - "traefik.http.routers.shlink_server.service=shlink_server" 91 | - 'traefik.http.routers.shlink_server.rule=Host("$SHLINK_SERVER_HOST")' 92 | - "traefik.http.routers.shlink_server.tls=true" 93 | - "traefik.http.routers.shlink_server.entrypoints=websecure" 94 | networks: 95 | - web_proxy 96 | - shlink 97 | healthcheck: 98 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8080/rest/health"] 99 | start_period: 20s 100 | interval: 30s 101 | timeout: 5s 102 | retries: 5 103 | 104 | networks: 105 | web_proxy: 106 | external: true 107 | shlink: 108 | driver: bridge 109 | -------------------------------------------------------------------------------- /sonarr/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | SONARR_HOST=sonarr.example.com 6 | SONARR_TV_PATH=/path/to/your/tv/shows 7 | SONARR_DOWNLOADS_PATH=/path/to/your/download/folder 8 | -------------------------------------------------------------------------------- /sonarr/.gitignore: -------------------------------------------------------------------------------- 1 | config/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /sonarr/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/sonarr/config/.gitkeep -------------------------------------------------------------------------------- /sonarr/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | sonarr: 5 | image: docker.io/linuxserver/sonarr:version-3.0.10.1567@sha256:4f69472a0cdea29e23967db6a3395487539b759def3920327d1f49ae00b9dfd4 6 | container_name: sonarr 7 | environment: 8 | - PUID=${PUID} 9 | - PGID=${PGID} 10 | - TZ=${TZ} 11 | volumes: 12 | - ./config:/config 13 | - ${SONARR_DOWNLOADS_PATH}:/downloads:rw,rslave 14 | - ${SONARR_TV_PATH}:/tv:rw,rslave 15 | restart: unless-stopped 16 | labels: 17 | - "traefik.enable=true" 18 | - "traefik.http.services.sonarr.loadbalancer.server.port=8989" 19 | - "traefik.http.routers.sonarr.service=sonarr" 20 | - "traefik.http.routers.sonarr.tls=true" 21 | - "traefik.http.routers.sonarr.entrypoints=websecure" 22 | - 'traefik.http.routers.sonarr.rule=Host("$SONARR_HOST")' 23 | - "traefik.http.routers.sonarr.middlewares=authelia@docker" 24 | networks: 25 | - web_proxy 26 | - torrent 27 | healthcheck: 28 | test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8989/login"] 29 | start_period: 20s 30 | interval: 30s 31 | timeout: 5s 32 | retries: 5 33 | 34 | networks: 35 | web_proxy: 36 | external: true 37 | torrent: 38 | external: true 39 | -------------------------------------------------------------------------------- /syncthing/.env.example: -------------------------------------------------------------------------------- 1 | PUID=1000 2 | PGID=1000 3 | TZ=Europe/Rome 4 | 5 | SYNCTHING_HOST=syncthing.example.com 6 | SYNCTHING_DATA_PATH=/mnt/syncthing 7 | SYNCTHING_PORT=22000 8 | -------------------------------------------------------------------------------- /syncthing/.gitignore: -------------------------------------------------------------------------------- 1 | config/* 2 | 3 | !**/.gitkeep -------------------------------------------------------------------------------- /syncthing/config/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/syncthing/config/.gitkeep -------------------------------------------------------------------------------- /syncthing/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | syncthing: 5 | image: docker.io/linuxserver/syncthing:1.29.7@sha256:9026ba9209fa561b4d68ac38659f95620778e2d4336bd1665de25baa507a36f3 6 | container_name: syncthing 7 | environment: 8 | - PUID=${PUID} 9 | - PGID=${PGID} 10 | - TZ=${TZ} 11 | volumes: 12 | - ./config:/config 13 | - ${SYNCTHING_DATA_PATH}:/mnt/syncthing 14 | ports: 15 | - ${SYNCTHING_PORT}:22000 16 | restart: unless-stopped 17 | labels: 18 | - "traefik.enable=true" 19 | - "traefik.http.services.syncthing.loadbalancer.server.port=8384" 20 | - "traefik.http.routers.syncthing.service=syncthing" 21 | - "traefik.http.routers.syncthing.tls=true" 22 | - "traefik.http.routers.syncthing.entrypoints=websecure" 23 | - 'traefik.http.routers.syncthing.rule=Host("$SYNCTHING_HOST")' 24 | - "traefik.http.routers.syncthing.middlewares=authelia@docker" 25 | networks: 26 | - web_proxy 27 | # No healthcheck because no public endpoint 28 | 29 | networks: 30 | web_proxy: 31 | external: true 32 | -------------------------------------------------------------------------------- /traefik/.env.example: -------------------------------------------------------------------------------- 1 | TRAEFIK_DOMAIN=example.com 2 | TRAEFIK_SUBDOMAIN=traefik 3 | 4 | TRAEFIK_AUTHELIA_HOST=authelia.example.com 5 | TRAEFIK_AUTHELIA_VERIFY_URL=http://authelia:9091/api/verify 6 | 7 | TRAEFIK_CF_API_EMAIL=example 8 | TRAEFIK_CF_API_KEY=XXXXXXXXXXXX 9 | 10 | TRAEFIK_LOG_LEVEL=WARN # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC 11 | -------------------------------------------------------------------------------- /traefik/.gitignore: -------------------------------------------------------------------------------- 1 | acme/* 2 | 3 | !**/.gitkeep 4 | -------------------------------------------------------------------------------- /traefik/acme/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/traefik/acme/.gitkeep -------------------------------------------------------------------------------- /traefik/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | traefik: 5 | container_name: traefik 6 | image: docker.io/library/traefik:v2.11.25@sha256:6b0e06781a8c7ecfc0171b86ef4239567913f025d054f829b93836484c08d4de 7 | restart: unless-stopped 8 | security_opt: 9 | - no-new-privileges:true 10 | environment: 11 | - CF_API_EMAIL=${TRAEFIK_CF_API_EMAIL} 12 | - CF_API_KEY=${TRAEFIK_CF_API_KEY} 13 | ports: 14 | # - 80:80 15 | - 443:443 16 | volumes: 17 | - /var/run/docker.sock:/var/run/docker.sock:ro 18 | - ./acme/acme.json:/acme.json 19 | networks: 20 | - web_proxy 21 | command: 22 | - --serversTransport.insecureSkipVerify=true 23 | # Global settings 24 | - --global.checkNewVersion=true 25 | - --global.sendAnonymousUsage=false 26 | # Entrypoints 27 | # - --entryPoints.web.address=:80 28 | - --entryPoints.websecure.address=:443 29 | # Dashboard 30 | - --api=true 31 | - --api.dashboard=true 32 | - --api.insecure=false 33 | - --api.debug=false 34 | # Log 35 | - --log=true 36 | - --log.level=${TRAEFIK_LOG_LEVEL} # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC 37 | # Certificate 38 | # - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server 39 | - --certificatesResolvers.dns-cloudflare.acme.email=${TRAEFIK_CF_API_EMAIL} 40 | - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json 41 | - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare 42 | # Docker provider 43 | - --providers.docker=true 44 | - --providers.docker.endpoint=unix:///var/run/docker.sock 45 | - --providers.docker.exposedByDefault=false 46 | - --providers.docker.network=web_proxy 47 | - --providers.docker.swarmMode=false 48 | - --providers.docker.defaultRule=Host("{{ index .Labels "com.docker.compose.service" }}.$TRAEFIK_DOMAIN") 49 | # Metrics 50 | - --entryPoints.metrics.address=:5043 51 | - --metrics=true 52 | - --metrics.prometheus=true 53 | - --metrics.prometheus.entryPoint=metrics 54 | # Skip verification of backend certificates if needed, see https://community.containo.us/t/insecureskipverify-explanation/2195/28 55 | # - --serversTransport.insecureSkipVerify=true 56 | labels: 57 | - "traefik.enable=true" 58 | # Dashboard 59 | - "traefik.http.routers.traefik.service=api@internal" 60 | - "traefik.http.routers.traefik.tls=true" 61 | - "traefik.http.routers.traefik.tls.certresolver=dns-cloudflare" 62 | - "traefik.http.routers.traefik.entrypoints=websecure" 63 | - 'traefik.http.routers.traefik.rule=Host("$TRAEFIK_SUBDOMAIN.$TRAEFIK_DOMAIN")' 64 | # Certificates 65 | - "traefik.http.routers.traefik.tls.domains[0].main=$TRAEFIK_DOMAIN" 66 | - "traefik.http.routers.traefik.tls.domains[0].sans=*.$TRAEFIK_DOMAIN" 67 | # Redirect http to https 68 | # - 'traefik.http.routers.http-catchall.rule=hostregexp("{host:.+}")' 69 | # - "traefik.http.routers.http-catchall.entrypoints=web" 70 | # - "traefik.http.routers.http-catchall.middlewares=redirect-to-https" 71 | # - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" 72 | # Metrics 73 | - "traefik.http.routers.traefik-metrics.service=traefik-metrics" 74 | - "traefik.http.routers.traefik-metrics.tls=true" 75 | - "traefik.http.routers.traefik-metrics.tls.certresolver=dns-cloudflare" 76 | - "traefik.http.routers.traefik-metrics.entrypoints=websecure" 77 | - "traefik.http.services.traefik-metrics.loadbalancer.server.port=5043" 78 | - 'traefik.http.routers.traefik-metrics.rule=Host("$TRAEFIK_SUBDOMAIN.$TRAEFIK_DOMAIN") && Path("/metrics")' 79 | # Authelia middlewares 80 | - "traefik.http.middlewares.authelia.forwardauth.address=$TRAEFIK_AUTHELIA_VERIFY_URL?rd=https://$TRAEFIK_AUTHELIA_HOST" 81 | - "traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true" 82 | - "traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email" 83 | - "traefik.http.middlewares.authelia-basic.forwardauth.address=$TRAEFIK_AUTHELIA_VERIFY_URL?auth=basic" 84 | - "traefik.http.middlewares.authelia-basic.forwardauth.trustForwardHeader=true" 85 | - "traefik.http.middlewares.authelia-basic.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email" 86 | # Protect dashboard and metrics with Authelia 87 | - "traefik.http.routers.traefik.middlewares=authelia@docker" 88 | - "traefik.http.routers.traefik-metrics.middlewares=authelia-basic@docker" 89 | 90 | networks: 91 | web_proxy: 92 | external: true 93 | -------------------------------------------------------------------------------- /uptime_kuma/.env.example: -------------------------------------------------------------------------------- 1 | UPTIME_KUMA_HOST=uptime-kuma.example.com 2 | -------------------------------------------------------------------------------- /uptime_kuma/.gitignore: -------------------------------------------------------------------------------- 1 | data/* 2 | 3 | !**/.gitkeep 4 | 5 | -------------------------------------------------------------------------------- /uptime_kuma/data/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/paolobasso99/containers/798bdd278293e8c2692466db6cc4a0bc604064d5/uptime_kuma/data/.gitkeep -------------------------------------------------------------------------------- /uptime_kuma/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.9" 2 | 3 | services: 4 | uptime_kuma: 5 | image: docker.io/louislam/uptime-kuma:1.23.16-alpine@sha256:f111cca721507faa0a57e1ffc75210d64c9a9ca0f8375e0336a2a9a88ae2987c 6 | container_name: uptime_kuma 7 | volumes: 8 | - ./data:/app/data 9 | restart: unless-stopped 10 | labels: 11 | - "traefik.enable=true" 12 | - "traefik.http.services.uptime_kuma.loadbalancer.server.port=3001" 13 | - "traefik.http.routers.uptime_kuma.service=uptime_kuma" 14 | - "traefik.http.routers.uptime_kuma.tls=true" 15 | - "traefik.http.routers.uptime_kuma.entrypoints=websecure" 16 | - 'traefik.http.routers.uptime_kuma.rule=Host("$UPTIME_KUMA_HOST")' 17 | - "traefik.http.routers.uptime_kuma.middlewares=authelia@docker" 18 | networks: 19 | - web_proxy 20 | # No healthcheck because no public endpoint 21 | 22 | networks: 23 | web_proxy: 24 | external: true 25 | --------------------------------------------------------------------------------