luco
/
gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gitops/docker/stacks/02-media/media-stack/docker-compose.yml

237 lines
6.5 KiB
YAML
Raw Blame History

services:
gluetun:
image: qmcgaw/gluetun
container_name: gluetun
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- "8080:8080" # qBittorrent
- "9696:9696" # Prowlarr
- "6881:6881" # Torrent TCP
- "6881:6881/udp" # Torrent UDP
env_file:
- .env
environment:
- VPN_SERVICE_PROVIDER=protonvpn
- VPN_TYPE=wireguard
- WIREGUARD_PRIVATE_KEY=${WIREGUARD_PRIVATE_KEY}
- WIREGUARD_ADDRESSES=10.2.0.2/32
- SERVER_COUNTRIES=Netherlands
- SERVER_CITIES=Amsterdam
- FIREWALL_OUTBOUND_SUBNETS=172.16.0.0/12,192.168.0.0/16,10.0.0.0/8
networks:
- proxy_net
labels:
- "traefik.enable=true"
- "traefik.http.routers.torrent.rule=Host(`torrent.kotori-waifu.cc`)"
- "traefik.http.routers.torrent.tls.certresolver=cloudflare"
- "traefik.http.routers.torrent.service=torrent"
- "traefik.http.services.torrent.loadbalancer.server.port=8080"
- "traefik.http.routers.prowlarr.rule=Host(`prowlarr.kotori-waifu.cc`)"
- "traefik.http.routers.prowlarr.tls.certresolver=cloudflare"
- "traefik.http.routers.prowlarr.service=prowlarr"
- "traefik.http.services.prowlarr.loadbalancer.server.port=9696"
restart: unless-stopped
qbittorrent:
image: lscr.io/linuxserver/qbittorrent:latest
container_name: qbittorrent
network_mode: service:gluetun
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- WEBUI_PORT=8080
- DOCKER_MODS=linuxserver/mods:universal-package-install
- INSTALL_PACKAGES=zip
volumes:
- /opt/homelab/data/qbittorrent:/config
- /mnt/nas:/data
restart: unless-stopped
prowlarr:
image: lscr.io/linuxserver/prowlarr:latest
container_name: prowlarr
network_mode: service:gluetun
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /opt/homelab/data/prowlarr:/config
restart: unless-stopped
radarr:
image: lscr.io/linuxserver/radarr:latest
container_name: radarr
ports:
- "7878:7878"
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /opt/homelab/data/radarr:/config
- /mnt/nas:/data
networks:
- proxy_net
labels:
- "traefik.enable=true"
- "traefik.http.routers.radarr.rule=Host(`radarr.kotori-waifu.cc`)"
- "traefik.http.routers.radarr.tls.certresolver=cloudflare"
- "traefik.http.services.radarr.loadbalancer.server.port=7878"
restart: unless-stopped
sonarr:
image: lscr.io/linuxserver/sonarr:latest
container_name: sonarr
ports:
- "8989:8989"
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /opt/homelab/data/sonarr:/config
- /mnt/nas:/data
networks:
- proxy_net
labels:
- "traefik.enable=true"
- "traefik.http.routers.sonarr.rule=Host(`sonarr.kotori-waifu.cc`)"
- "traefik.http.routers.sonarr.tls.certresolver=cloudflare"
- "traefik.http.services.sonarr.loadbalancer.server.port=8989"
restart: unless-stopped
jellyfin:
image: lscr.io/linuxserver/jellyfin:latest
container_name: jellyfin
ports:
- "8096:8096"
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /opt/homelab/data/jellyfin:/config
- /mnt/nas:/data
devices:
- /dev/dri:/dev/dri
networks:
- proxy_net
labels:
- "traefik.enable=true"
- "traefik.http.routers.jellyfin.rule=Host(`jellyfin.kotori-waifu.cc`)"
- "traefik.http.routers.jellyfin.tls.certresolver=cloudflare"
- "traefik.http.services.jellyfin.loadbalancer.server.port=8096"
restart: unless-stopped
seerr:
image: ghcr.io/seerr-team/seerr:latest
container_name: seerr
init: true
ports:
- "5055:5055"
environment:
- TZ=Etc/UTC
# Enforce strict execution namespace mapping to host UID/GID 1000
- PUID=1000
- PGID=1000
volumes:
- /opt/homelab/data/seerr:/app/config
networks:
- proxy_net
labels:
- "traefik.enable=true"
- "traefik.http.routers.seerr.rule=Host(`jellyseer.kotori-waifu.cc`) || Host(`seer.kotori-waifu.cc`)"
- "traefik.http.routers.seerr.tls.certresolver=cloudflare"
- "traefik.http.routers.seerr.middlewares=authelia@docker"
- "traefik.http.services.seerr.loadbalancer.server.port=5055"
restart: unless-stopped
flaresolverr:
image: flaresolverr/flaresolverr:v3.4.3
container_name: flaresolverr
network_mode: service:gluetun
environment:
- LOG_LEVEL=info
- TZ=Etc/UTC
- HOST=0.0.0.0
- PORT=8191
security_opt:
- seccomp:unconfined
shm_size: 1gb
restart: unless-stopped
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
environment:
- TZ=Europe/Berlin
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_SCHEDULE=0 0 4 * * *
- DOCKER_API_VERSION=1.44
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
- proxy_net
restart: unless-stopped
homepage:
image: ghcr.io/gethomepage/homepage:latest
container_name: homepage
ports:
- "3000:3000"
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- HOMEPAGE_ALLOWED_HOSTS=*
volumes:
- /opt/homelab/data/homepage:/app/config
- /var/run/docker.sock:/var/run/docker.sock:ro
- /mnt/nas:/mnt/nas:ro
networks:
- proxy_net
labels:
- "traefik.enable=true"
- "traefik.http.routers.homepage.rule=PathPrefix(`/`)"
- "traefik.http.routers.homepage.priority=1"
- "traefik.http.services.homepage.loadbalancer.server.port=3000"
restart: unless-stopped
komga:
image: gotson/komga:latest
container_name: komga
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
volumes:
- /opt/homelab/data/komga:/config
- /mnt/nas/manga:/data
ports:
- "25600:25600"
networks:
- proxy_net
labels:
- "traefik.enable=true"
- "traefik.http.routers.komga.rule=Host(`goon.kotori-waifu.cc`)"
- "traefik.http.routers.komga.tls.certresolver=cloudflare"
- "traefik.http.services.komga.loadbalancer.server.port=25600"
restart: unless-stopped
cloudflared:
image: cloudflare/cloudflared:latest
container_name: cloudflared
networks:
- proxy_net
restart: unless-stopped
env_file:
- .env
command: tunnel --no-autoupdate run --token ${CLOUDFLARED_TOKEN}
networks:
proxy_net:
external: true
Reference in New Issue View Git Blame Copy Permalink