├── .gitignore ├── HAUpdate.sh ├── README.md ├── docker-compose.yml └── envfiles ├── ghost.example ├── grafana.example ├── influxdb.example ├── mariadb.example ├── pma.example ├── traefik.example └── zerotier.example /.gitignore: -------------------------------------------------------------------------------- 1 | # Example .gitignore file for your config dir. 2 | # A * ensures that everything will be ignored. 3 | # * 4 | 5 | # You can whitelist files/folders with !, these will not be ignored. 6 | #!*.yaml 7 | !docker-compose.yml 8 | !.gitignore 9 | !*.md 10 | !LICENSE 11 | # 12 | !envfiles 13 | www/* 14 | !www/lovelace 15 | # 16 | 17 | # Ignore folders. 18 | .storage 19 | .cloud 20 | .google.token 21 | .spotify-token-cache 22 | tts 23 | deps 24 | glances 25 | zones 26 | __pycache__ 27 | icloud 28 | bash 29 | 30 | # Ignore extensions 31 | *.db 32 | *.old 33 | *.env 34 | *.log 35 | *.conf 36 | *.HA_VERSION 37 | *.db-shm 38 | *.db-wal 39 | *.xml 40 | *.sqlite 41 | *.txt 42 | *.bak 43 | 44 | # Ensure these YAML files are ignored, otherwise your secret data/credentials will leak. 45 | ip_bans.yaml 46 | secrets.yaml 47 | known_devices.yaml 48 | -------------------------------------------------------------------------------- /HAUpdate.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | cd /home/hass/docker_files 3 | docker-compose pull 4 | docker-compose down 5 | docker-compose up -d 6 | docker system prune -fa 7 | docker volume prune -f 8 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # My docker-compose files 2 | 3 | This is my Docker-Compose file. Took me ages to create but quite happy where I am at the moment. 4 | 5 | Have a look at files and let me know if you have any questions. I once have been completely new to docker-compose so undestand that it might sometimes be quite overwhelming 6 | 7 | ## TO-DO 8 | - [ ] Complete description of what containers I use and why 9 | - [ ] create a bidge for zerotier 10 | - [ ] start using influx db and grafana 11 | - [ ] find something similar to glaucamole that works with Windows 10 12 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | ##Reference: https://www.smarthomebeginner.com/traefik-reverse-proxy-tutorial-for-docker 2 | #Requirement: Set environmental variables: ${$USERDIR}, ${PUID}, ${PGID}, ${TZ}, ${DOMAINNAME}, ${CLOUDFLARE_EMAIL}, ${CLOUDFLARE_API_KEY}, ${HTTP_USERNAME}, ${HTTP_PASSWORD}, etc. as explained in the reference. 3 | 4 | version: "3.6" 5 | services: 6 | zerotier: 7 | image: croc/zerotier 8 | container_name: zerotier 9 | env_file: 10 | - ./envfiles/zerotier.env 11 | volumes: 12 | - './config/route.list:/config/route.list:ro' 13 | network_mode: host 14 | privileged: true 15 | restart: always 16 | 17 | # Traefik Reverse Proxy 18 | traefik: 19 | hostname: traefik 20 | # image: traefik:latest 21 | image: traefik:v1.7.16 22 | container_name: traefik 23 | restart: always 24 | domainname: ${DOMAINNAME} 25 | networks: 26 | - default 27 | - traefik_proxy 28 | ports: 29 | - "80:80" 30 | - "443:443" 31 | - "8080:8080" 32 | env_file: 33 | - ./envfiles/traefik.env 34 | labels: 35 | - "traefik.enable=true" 36 | - "traefik.backend=traefik" 37 | - "traefik.frontend.rule=Host:traefik.${DOMAINNAME}" 38 | - "traefik.port=8080" 39 | - "traefik.docker.network=traefik_proxy" 40 | - "traefik.frontend.headers.SSLRedirect=true" 41 | - "traefik.frontend.headers.STSSeconds=315360000" 42 | - "traefik.frontend.headers.browserXSSFilter=true" 43 | - "traefik.frontend.headers.contentTypeNosniff=true" 44 | - "traefik.frontend.headers.forceSTSHeader=true" 45 | - "traefik.frontend.headers.SSLHost=example.com" 46 | - "traefik.frontend.headers.STSIncludeSubdomains=true" 47 | - "traefik.frontend.headers.STSPreload=true" 48 | - "traefik.frontend.headers.frameDeny=true" 49 | volumes: 50 | - /var/run/docker.sock:/var/run/docker.sock:ro 51 | - ${USERDIR}/docker/traefik:/etc/traefik 52 | - ${USERDIR}/docker/shared:/shared 53 | 54 | bitwarden: 55 | image: bitwardenrs/server 56 | restart: always 57 | volumes: 58 | - ${USERDIR}/docker/bw-data:/data 59 | environment: 60 | WEBSOCKET_ENABLED: 'true' # Required to use websockets 61 | # SIGNUPS_ALLOWED: 'true' 62 | SIGNUPS_ALLOWED: 'false' 63 | ADMIN_TOKEN: 'random_token' 64 | labels: 65 | - traefik.enable=true 66 | - traefik.docker.network=traefik_proxy 67 | - traefik.web.frontend.rule=Host:bitwarden.${DOMAINNAME} 68 | - traefik.web.port=80 69 | - traefik.hub.frontend.rule=Host:bitwarden.${DOMAINNAME};Path:/notifications/hub 70 | - traefik.hub.port=3012 71 | - traefik.hub.protocol=ws 72 | 73 | # NextCloud – Your Own Cloud Storage 74 | nextcloud: 75 | container_name: nextcloud 76 | restart: always 77 | image: linuxserver/nextcloud 78 | volumes: 79 | - ${USERDIR}/docker/nextcloud:/config 80 | - ${USERDIR}/shared_data:/data 81 | - ${USERDIR}/docker/shared:/shared 82 | ports: 83 | - 443 84 | environment: 85 | - PUID=${PUID} 86 | - PGID=${PGID} 87 | networks: 88 | - traefik_proxy 89 | - default 90 | links: 91 | - db 92 | labels: 93 | - "traefik.enable=true" 94 | - "traefik.backend=nextcloud" 95 | - "traefik.frontend.rule=Host:nextcloud.${DOMAINNAME}" 96 | - "traefik.port=443" 97 | - "traefik.protocol=https" 98 | - "traefik.docker.network=traefik_proxy" 99 | - "traefik.frontend.headers.SSLRedirect=true" 100 | - "traefik.frontend.headers.STSSeconds=315360000" 101 | - "traefik.frontend.headers.browserXSSFilter=true" 102 | - "traefik.frontend.headers.contentTypeNosniff=true" 103 | - "traefik.frontend.headers.forceSTSHeader=true" 104 | - "traefik.frontend.headers.SSLHost=example.com" 105 | - "traefik.frontend.headers.STSIncludeSubdomains=true" 106 | - "traefik.frontend.headers.STSPreload=true" 107 | - "traefik.frontend.headers.frameDeny=true" 108 | 109 | cloud9: 110 | container_name: cloud9 111 | ports: 112 | - 8001:80 113 | volumes: 114 | - ${USERDIR}:/workspace/ 115 | image: kdelfour/cloud9-docker 116 | environment: 117 | - PUID=${PUID} 118 | - PGID=${PGID} 119 | 120 | # Home Assistant - Smart Home Hub 121 | homeassistant: 122 | container_name: homeassistant 123 | restart: always 124 | image: homeassistant/home-assistant:latest 125 | devices: 126 | # - /dev/ttyUSB0:/dev/ttyUSB0 127 | # - /dev/ttyUSB1:/dev/ttyUSB1 128 | - /dev/ttyACM0:/dev/ttyACM0 129 | volumes: 130 | - ${USERDIR}/docker/hass:/config 131 | - /etc/localtime:/etc/localtime:ro 132 | - ${USERDIR}/docker/shared:/shared 133 | ports: 134 | - "8123:8123" 135 | privileged: true 136 | environment: 137 | - PUID=${PUID} 138 | - PGID=${PGID} 139 | - TZ=${TZ} 140 | network_mode: "host" 141 | labels: 142 | - "traefik.enable=false" 143 | 144 | # influxdb: 145 | # image: influxdb 146 | # container_name: hass-influxdb 147 | # restart: unless-stopped 148 | # networks: 149 | # default: 150 | # ipv4_address: 172.22.0.101 151 | # volumes: 152 | # - ${USERDIR}/docker/influxdb:/var/lib/influxdb 153 | # environment: 154 | # - PUID=${PUID} 155 | # - PGID=${PGID} 156 | # env_file: 157 | # - ./envfiles/influxdb.env 158 | 159 | datascience-notebook: 160 | image: jupyter/datascience-notebook 161 | volumes: 162 | - ${USERDIR}/docker/jupyter:/home/khalilkk/work 163 | ports: 164 | - 8888:8888 165 | container_name: datascience-notebook-container 166 | labels: 167 | - "traefik.enable=true" 168 | - "traefik.backend=jupyter" 169 | - "traefik.frontend.rule=Host:jupyter.${DOMAINNAME}" 170 | - "traefik.port=8888" 171 | - "traefik.protocol=http" 172 | - "traefik.docker.network=traefik_proxy" 173 | networks: 174 | - traefik_proxy 175 | - default 176 | 177 | # grafana: 178 | # image: grafana/grafana 179 | # container_name: hass-grafana 180 | # restart: unless-stopped 181 | # environment: 182 | # - PUID=${PUID} 183 | # - PGID=${PGID} 184 | # volumes: 185 | # - ${USERDIR}/docker/grafana:/var/lib/grafana 186 | # - /etc/localtime:/etc/localtime:ro 187 | # ports: 188 | # - 3001:3000/tcp 189 | # networks: 190 | # default: 191 | # ipv4_address: 172.22.0.102 192 | # env_file: 193 | # - ./envfiles/grafana.env 194 | # labels: 195 | # - "traefik.enable=true" 196 | # - "traefik.backend=grafana" 197 | # - "traefik.frontend.rule=Host:grafana.${DOMAINNAME}" 198 | # - "traefik.port=3000" 199 | # - "traefik.protocol=http" 200 | # - "traefik.docker.network=traefik_proxy" 201 | 202 | mosquitto: 203 | container_name: mosquitto 204 | restart: unless-stopped 205 | image: eclipse-mosquitto 206 | environment: 207 | - PUID=${PUID} 208 | - PGID=${PGID} 209 | networks: 210 | default: 211 | ipv4_address: 172.22.0.103 212 | volumes: 213 | - ${USERDIR}/docker/mosquitto/data:/mosquitto/data 214 | - ${USERDIR}/docker/mosquitto/log:/mosquitto/log 215 | - ${USERDIR}/docker/mosquitto/config:/mosquitto/config 216 | ports: 217 | - "1883:1883" 218 | - "9001:9001" 219 | - "8883:8883" 220 | labels: 221 | - "traefik.enable=true" 222 | - "traefik.backend=mqtt" 223 | - "traefik.frontend.rule=Host:mqtt.${DOMAINNAME}" 224 | - "traefik.port=9001" 225 | # - "traefik.passHostHeader=true" 226 | - "traefik.protocol=ws" 227 | # - 'traefik.frontend.entryPoints=https' 228 | 229 | piwigo: 230 | image: linuxserver/piwigo 231 | restart: always 232 | privileged: true 233 | environment: 234 | - PUID=${PUID} 235 | - PGID=${PGID} 236 | - TZ=${TZ} 237 | ports: 238 | - "8088:80" 239 | links: 240 | - db 241 | # depends_on: 242 | # - db 243 | volumes: 244 | - ${USERDIR}/docker/piwigo1:/config/www/gallery/_data/i 245 | - type: bind 246 | source: ${USERDIR}/docker/piwigo1/galleries/vesna 247 | target: /config/www/gallery/vesna/vesna 248 | - type: bind 249 | source: ${USERDIR}/docker/piwigo1/galleries/mobile 250 | target: /config/www/gallery/vesna/mobile 251 | - type: bind 252 | source: ${USERDIR}/docker/piwigo1/galleries/shmelek 253 | target: /config/www/gallery/shmelek 254 | - type: bind 255 | source: ${USERDIR}/docker/piwigo1/galleries/khalilkk 256 | target: /config/www/gallery/khalilkk 257 | - type: bind 258 | source: ${USERDIR}/docker/piwigo1/galleries/khabibullins 259 | target: /config/www/gallery/khabibullins 260 | 261 | # - :/var/www/galleries 262 | 263 | # glances: 264 | # container_name: glances 265 | # image: vimagick/glances 266 | # volumes: 267 | # - ${USERDIR}/docker/glances/:/etc/glances 268 | # - /var/run/docker.sock:/var/run/docker.sock:ro 269 | # environment: 270 | # - GLANCES_OPT=-w 271 | # - PUID=${PUID} 272 | # - PGID=${PGID} 273 | # restart: always 274 | # network_mode: "host" 275 | # ports: 276 | # - "61208:61208" 277 | 278 | deconz: 279 | image: marthoc/deconz 280 | container_name: deconz 281 | # network_mode: host 282 | networks: 283 | default: 284 | ipv4_address: 172.22.0.7 285 | restart: always 286 | ports: 287 | - "8089:8089" 288 | - "444:444" 289 | volumes: 290 | - ${USERDIR}/docker/deconz:/root/.local/share/dresden-elektronik/deCONZ 291 | devices: 292 | - /dev/ttyUSB0 293 | environment: 294 | - DECONZ_WEB_PORT=8089 295 | - DECONZ_WS_PORT=445 296 | - DEBUG_INFO=1 297 | - DEBUG_APS=0 298 | - DEBUG_ZCL=0 299 | - DEBUG_ZDP=0 300 | - DEBUG_OTAU=0 301 | 302 | # motioneye: 303 | # image: ccrisan/motioneye:master-amd64 304 | # container_name: motioneye 305 | # ports: 306 | # - "8081:8081" 307 | # - "8765:8765" 308 | # volumes: 309 | # - ${USERDIR}/docker/motion/etc:/etc/motioneye 310 | # - ${USERDIR}/docker/motion/media:/var/lib/motioneye 311 | # networks: 312 | # - traefik_proxy 313 | # - default 314 | # labels: 315 | # - "traefik.enable=true" 316 | # - "traefik.port=8765" 317 | # - "traefik.protocol=http" 318 | # - "traefik.backend=cctv" 319 | # - "traefik.frontend.rule=Host:cctv.${DOMAINNAME}" 320 | # - "traefik.docker.network=traefik_proxy" 321 | 322 | ghost: 323 | image: ghost:latest 324 | container_name: ghost1 325 | restart: always 326 | ports: 327 | - 2368 328 | links: 329 | - db 330 | env_file: 331 | - ./envfiles/ghost.env 332 | networks: 333 | - traefik_proxy 334 | - default 335 | volumes: 336 | - ${USERDIR}/docker/ghost:/var/lib/ghost/content 337 | labels: 338 | - "traefik.enable=true" 339 | - "traefik.backend=blog" 340 | - "traefik.protocol=http" 341 | - "traefik.frontend.rule=Host:blog.${DOMAINNAME}" 342 | - "traefik.docker.network=traefik_proxy" 343 | 344 | db: 345 | container_name: db 346 | image: mariadb 347 | restart: always 348 | networks: 349 | default: 350 | ipv4_address: 172.22.0.50 351 | volumes: 352 | - ${USERDIR}/docker/mariadbNEW:/var/lib/mysql 353 | env_file: 354 | - ./envfiles/mariadb.env 355 | 356 | heimdall: 357 | image: linuxserver/heimdall 358 | container_name: heimdall 359 | environment: 360 | - PUID=${PUID} 361 | - PGID=${PGID} 362 | - TZ=${TZ} 363 | # - FORCE_HTTPS=true 364 | volumes: 365 | - ${USERDIR}/docker/heimdall:/config 366 | - ${USERDIR}/docker/shared:/shared 367 | ports: 368 | - 80 369 | - 443 370 | restart: unless-stopped 371 | networks: 372 | - traefik_proxy 373 | - default 374 | labels: 375 | - "traefik.enable=true" 376 | - "traefik.backend=heimdall" 377 | - "traefik.frontend.rule=Host:home.${DOMAINNAME}" 378 | - "traefik.port=80" 379 | - "traefik.docker.network=traefik_proxy" 380 | - "traefik.protocol=http" 381 | 382 | phpmyadmin: 383 | hostname: phpmyadmin 384 | container_name: phpmyadmin 385 | image: phpmyadmin/phpmyadmin 386 | restart: always 387 | links: 388 | - db 389 | ports: 390 | - 80 391 | env_file: 392 | - ./envfiles/pma.env 393 | networks: 394 | # - traefik_proxy 395 | - default 396 | # labels: 397 | # - "traefik.enable=true" 398 | # - "traefik.backend=pma" 399 | # - "traefik.frontend.rule=Host:pma.${DOMAINNAME}" 400 | # - "traefik.port=80" 401 | # - "traefik.docker.network=traefik_proxy" 402 | # - "traefik.protocol=http" 403 | 404 | cloudberry-backup: 405 | hostname: cloudberry 406 | container_name: cloudberry 407 | image: jlesage/cloudberry-backup 408 | restart: always 409 | ports: 410 | - "5800:5800" 411 | volumes: 412 | - ${USERDIR}/docker/cloudberry-backup:/config:rw 413 | - /mnt/3TB:/storage:ro 414 | 415 | portainer: 416 | image: portainer/portainer 417 | container_name: portainer 418 | restart: always 419 | command: -H unix:///var/run/docker.sock 420 | ports: 421 | - 9000:9000 422 | volumes: 423 | - /var/run/docker.sock:/var/run/docker.sock 424 | - ${USERDIR}/docker/portainer/data:/data 425 | - ${USERDIR}/docker/shared:/shared 426 | environment: 427 | - TZ=${TZ} 428 | networks: 429 | # - default 430 | - traefik_proxy 431 | labels: 432 | - "traefik.enable=true" 433 | - "traefik.backend=portainer" 434 | - "traefik.frontend.rule=Host:portainer.${DOMAINNAME}" 435 | # - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefixStrip: /portainer" 436 | - "traefik.port=9000" 437 | - "traefik.docker.network=traefik_proxy" 438 | - "traefik.protocol=http" 439 | 440 | # postgres: 441 | # driver: local 442 | 443 | wiki: 444 | image: requarks/wiki:2 445 | links: 446 | - db 447 | environment: 448 | DB_TYPE: mariadb 449 | DB_HOST: db 450 | DB_PORT: 3306 451 | DB_USER: "wikijs" 452 | DB_PASS: "wikijs111!" 453 | DB_NAME: "wikijs" 454 | restart: unless-stopped 455 | ports: 456 | - "3000:3000" 457 | networks: 458 | - default 459 | - traefik_proxy 460 | labels: 461 | # The following lines are valid for Traefik version 1.x: 462 | - "traefik.enable=true" 463 | - "traefik.backend=wiki" 464 | - "traefik.frontend.rule=Host:wiki.${DOMAINNAME}" 465 | # - "traefik.frontend.rule=Host:${DOMAINNAME}; PathPrefixStrip: /portainer" 466 | - "traefik.port=3000" 467 | - "traefik.docker.network=traefik_proxy" 468 | - "traefik.protocol=http" 469 | 470 | # synapse: 471 | # build: 472 | # context: ../.. 473 | # dockerfile: docker/Dockerfile 474 | # image: docker.io/matrixdotorg/synapse:latest 475 | # Since synapse does not retry to connect to the database, restart upon 476 | # failure 477 | # restart: unless-stopped 478 | # See the readme for a full documentation of the environment settings 479 | # environment: 480 | # - SYNAPSE_CONFIG_PATH=${USERDIR}/docker/synapse/ 481 | # volumes: 482 | # You may either store all the files in a local folder 483 | # - ${USERDIR}/docker/synapse/matrix-config:/etc 484 | # - ${USERDIR}/docker/synapse/files:/data 485 | # depends_on: 486 | # - db 487 | # networks: 488 | # - traefik_proxy 489 | # labels: 490 | # - "traefik.enable=true" 491 | # - "traefik.backend=matrix" 492 | # - "traefik.frontend.rule=Host:matrix.${DOMAINNAME}" 493 | # - "traefik.port=8008" 494 | # - "traefik.docker.network=traefik_proxy" 495 | # - "traefik.protocol=http" 496 | 497 | networks: 498 | traefik_proxy: 499 | external: 500 | name: traefik_proxy 501 | # ipam: 502 | # config: 503 | # - subnet: 172.18.0.0/24 504 | default: 505 | driver: bridge 506 | ipam: 507 | config: 508 | - subnet: 172.22.0.0/24 509 | -------------------------------------------------------------------------------- /envfiles/ghost.example: -------------------------------------------------------------------------------- 1 | url= 2 | database__client= 3 | database__connection__host= 4 | database__connection__user= 5 | database__connection__password= 6 | database__connection__database= -------------------------------------------------------------------------------- /envfiles/grafana.example: -------------------------------------------------------------------------------- 1 | GF_DEFAULT_INSTANCE_NAME= 2 | GF_SECURITY_ADMIN_USER= 3 | GF_SECURITY_ADMIN_PASSWORD= 4 | #GF_INSTALL_PLUGINS=XXX 5 | -------------------------------------------------------------------------------- /envfiles/influxdb.example: -------------------------------------------------------------------------------- 1 | INFLUXDB_DB= 2 | INFLUXDB_HTTP_AUTH_ENABLED= 3 | INFLUXDB_ADMIN_USER= 4 | INFLUXDB_ADMIN_PASSWORD= 5 | INFLUXDB_USER= 6 | INFLUXDB_USER_PASSWORD= 7 | INFLUXDB_READ_USER= 8 | INFLUXDB_READ_USER_PASSWORD= 9 | -------------------------------------------------------------------------------- /envfiles/mariadb.example: -------------------------------------------------------------------------------- 1 | MYSQL_ROOT_PASSWORD: -------------------------------------------------------------------------------- /envfiles/pma.example: -------------------------------------------------------------------------------- 1 | PMA_HOST= 2 | MYSQL_ROOT_PASSWORD= -------------------------------------------------------------------------------- /envfiles/traefik.example: -------------------------------------------------------------------------------- 1 | NAMECHEAP_API_USER= 2 | NAMECHEAP_API_KEY= -------------------------------------------------------------------------------- /envfiles/zerotier.example: -------------------------------------------------------------------------------- 1 | NETWORK_ID= --------------------------------------------------------------------------------