commit 60318acd4d3e005d41f538f22339c2fda099f9b7 Author: azpsen Date: Sun Jan 5 15:54:18 2025 -0600 initial commit diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100755 index 0000000..ae8053a --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,580 @@ +services: + + +#---------------- USER-FACING SERVICES ----------------# + + ## Jellyfin (media server) + jellyfin: + image: lscr.io/linuxserver/jellyfin:latest + container_name: jellyfin + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Chicago + - JELLYFIN_PublishedServerUrl=https://watch.azpsen.com + volumes: + - /docker/jellyfin:/config + - /docker/jellyfin/theme:/usr/share/jellyfin/web/theme + - /media/jellyfin/Movies:/data/movies + - /media/jellyfin/TV Shows:/data/tvshows + - /media/jellyfin/Music:/data/music + - /media/jellyfin/Live TV:/data/livetv + ports: + - 8096:8096 + - 7539:7539/udp + - 1900:1900/udp + devices: + - /dev/dri:/dev/dri + dns: + - 100.111.0.126 + restart: unless-stopped + + ## Miniflux (rss feed reader) + miniflux: + image: miniflux/miniflux:latest + container_name: miniflux + ports: + - 8772:8080 + depends_on: + rss_db: + condition: service_healthy + env_file: + - /docker/env/miniflux.env + healthcheck: + test: ["CMD", "/usr/bin/miniflux", "-healthcheck", "auto"] + dns: + - 100.111.0.126 + restart: unless-stopped + rss_db: + image: postgres:15 + container_name: rss_db + env_file: + - /docker/env/miniflux.env + volumes: + - miniflux-db:/var/lib/postgresql/data + healthcheck: + test: ["CMD", "pg_isready", "-U", "miniflux"] + interval: 10s + start_period: 30s + restart: unless-stopped + + ## Vaultwarden (password manager) + vaultwarden: + image: vaultwarden/server:latest + container_name: vaultwarden + env_file: + - /docker/env/vaultwarden.env + volumes: + - /docker/vaultwarden:/data + ports: + - 8912:80 + dns: + - 100.111.0.126 + restart: unless-stopped + + ## Gitea + gitea: + image: docker.io/gitea/gitea:latest-rootless + container_name: gitea + user: "1001" + volumes: + - /docker/gitea/data:/var/lib/gitea + - /docker/gitea/config:/etc/gitea + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + - 3003:3000 + - 2222:2222 + dns: + - 100.111.0.126 + restart: unless-stopped + + ## Link Stack + linkstack: + image: linkstackorg/linkstack + container_name: linkstack + env_file: + - /docker/env/linkstack.env + ports: + - 4000:80 + dns: + - 100.111.0.126 + volumes: + - linkstack:/htdocs + restart: unless-stopped + + ## Server Dashboard + dashboard: + image: ghcr.io/gethomepage/homepage:latest + container_name: dashboard + environment: + - PUID=1000 + - PGID=1000 + ports: + - 3000:3000 + volumes: + - /docker/dashboard:/app/config + - /docker/dashboard/images:/app/public/images + - /docker/dashboard/fonts:/app/public/fonts + - /media:/media:ro + dns: + - 100.111.0.126 + restart: unless-stopped + docker-proxy: + image: ghcr.io/tecnativa/docker-socket-proxy:latest + container_name: docker-proxy + environment: + - CONTAINERS=1 # Allow access to viewing containers + - POST=0 # Disallow any POST operations (effectively read-only) + ports: + - 2375:2375 + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + restart: unless-stopped + + ## Kiwix (offline wiki) + kiwix-serve: + image: ghcr.io/kiwix/kiwix-serve + container_name: kiwix-serve + volumes: + - /media/kiwix:/data + ports: + - 8765:8080 + command: '*.zim' + restart: unless-stopped + + ## Actual (budget) + actual_server: + image: docker.io/actualbudget/actual-server:latest + container_name: actual + ports: + - 5006:5006 + volumes: + - /docker/actual:/data + dns: + - 100.111.0.126 + restart: unless-stopped + + ## Paperless (document management) + paperless: + image: ghcr.io/paperless-ngx/paperless-ngx:latest + container_name: paperless + user: 1000:1000 + depends_on: + - paperless_broker + ports: + - 8143:8000 + volumes: + - paperless-data:/usr/src/paperless/data + - paperless-media:/usr/src/paperless/media + - /docker/paperless/export:/usr/src/paperless/export + - /docker/paperless/consume:/usr/src/paperless/consume + env_file: + - /docker/env/paperless.env + restart: unless-stopped + paperless_broker: + image: docker.io/library/redis:7 + container_name: paperless_broker + volumes: + - redis-data:/data + restart: unless-stopped + + ## Immich (photo library management) + immich-server: + container_name: immich_server + image: ghcr.io/immich-app/immich-server:v1.123.0 + volumes: + - /media/immich:/usr/src/app/upload + - /docker/immich_db_dump:/db_dump + env_file: + - /docker/env/immich.env + environment: + - PUID=1000 + - PGID=1000 + ports: + - 2283:2283 + depends_on: + - redis + - database + dns: + - 100.111.0.126 + restart: unless-stopped + immich-machine-learning: + container_name: immich_machine_learning + image: ghcr.io/immich-app/immich-machine-learning:v1.123.0 + volumes: + - model-cache:/cache + env_file: + - /docker/env/immich.env + restart: unless-stopped + redis: + container_name: immich_redis + image: redis:6.2-alpine@sha256:70a7a5b641117670beae0d80658430853896b5ef269ccf00d1827427e3263fa3 + restart: unless-stopped + database: + container_name: immich_postgres + image: tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0 + env_file: + - /docker/env/immich.env + volumes: + - /docker/immich:/var/lib/postgresql/data + restart: unless-stopped + + ## Grocy (home inventory management) + grocy: + container_name: grocy + image: lscr.io/linuxserver/grocy:latest + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Chicago + volumes: + - /docker/grocy:/config + ports: + - 9283:80 + restart: unless-stopped + + ## Tandoor (recipe management) + tandoor: + container_name: tandoor + image: vabene1111/recipes + user: 1000:1000 + env_file: + - /docker/env/tandoor.env + volumes: + - tandoor-server-config:/opt/recipes/nginx/conf.d + - /docker/tandoor/static:/opt/recipes/staticfiles + - /docker/tandoor/media:/opt/recipes/mediafiles + depends_on: + - tandoor-db + dns: + - 100.111.0.126 + restart: unless-stopped + tandoor-server: + image: nginx:mainline-alpine + container_name: tandoor-server + ports: + - 8554:80 + env_file: + - /docker/env/tandoor.env + volumes: + - tandoor-server-config:/etc/nginx/conf.d:ro + - /docker/tandoor/static:/static:ro + - /docker/tandoor/media:/media:ro + depends_on: + - tandoor + dns: + - 100.111.0.126 + restart: unless-stopped + tandoor-db: + container_name: tandoor-db + image: postgres:16-alpine + user: 1000:1000 + env_file: + - /docker/env/tandoor.env + volumes: + - /docker/tandoor/postgresql:/var/lib/postgresql/data + restart: unless-stopped + + ## AudioBookShelf (audiobook downloading) + audiobookshelf: + container_name: audiobookshelf + image: ghcr.io/advplyr/audiobookshelf:latest + environment: + - AUDIOBOOKSHELF_UID=99 + - AUDIOBOOKSHELF_GID=100 + ports: + - 13378:80 + volumes: + - /media/audiobooks:/audiobooks + - /media/podcasts:/podcasts + - /docker/audiobookshelf/config:/config + - /docker/audiobookshelf/metadata:/metadata + dns: + - 100.111.0.126 + restart: unless-stopped + ## AudioBookShelf metadata provider + abs-tract: + container_name: abs-tract + image: arranhs/abs-tract:latest + ports: + - 5585:5555 + dns: + - 100.111.0.126 + restart: unless-stopped + +#---------------- UTILITIES ----------------# + + ## Joplin (notes) + joplin: + image: joplin/server:latest + container_name: joplin + ports: + - 22300:22300 + env_file: + - /docker/env/joplin.env + depends_on: + - joplin-db + dns: + - 100.111.0.126 + restart: unless-stopped + joplin-db: + image: postgres:15 + container_name: joplin-db + volumes: + - /docker/joplin:/var/lib/postgresql/data + ports: + - 5432:5432 + environment: + - POSTGRES_PASSWORD=d8t3nmcj3 + - POSTGRES_USER=april + - POSTGRES_DB=joplin + restart: unless-stopped + + +#---------------- MONITORING ----------------# + + ## Dozzle (docker logs) + dozzle: + container_name: dozzle + image: amir20/dozzle:latest + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + ports: + - 9999:8080 + restart: unless-stopped + + ## Scrutiny (disk health monitoring) + scrutiny: + container_name: scrutiny + image: ghcr.io/analogj/scrutiny:master-omnibus + cap_add: + - SYS_RAWIO + ports: + - 8181:8080 + - 8086:8086 + volumes: + - /run/udev:/run/udev:ro + - /docker/scrutiny/config:/opt/scrutiny/config + - /docker/scrutiny/influxdb:/opt/scrutiny/influxdb + devices: + - /dev/sda:/dev/sda + - /dev/sdb:/dev/sdb + - /dev/sdc:/dev/sdc + - /dev/sdd:/dev/sdd + restart: unless-stopped + + ## Speedtest Tracker + speedtest-tracker: + image: lscr.io/linuxserver/speedtest-tracker:latest + container_name: speedtest-tracker + ports: + - 8465:80 + - 8466:443 + env_file: + - /docker/env/speedtest.env + volumes: + - /docker/speedtest-tracker:/config + dns: + - 100.111.0.126 + restart: unless-stopped + + ## Glances (system monitor) + glances: + image: nicolargo/glances:latest + container_name: glances + pid: host + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /:/glances/root:ro + environment: + - "GLANCES_OPT=-w" + ports: + - 61208:61208 + secrets: + - source: glances_password + target: /root/.config/glances/glances.pwd + restart: unless-stopped + + ## Calibre (ebook management) + calibre-web: + image: lscr.io/linuxserver/calibre-web:latest + container_name: calibre-web + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Chicago + - DOCKER_MODS=linuxserver/mods:universal-calibre #optional + - OAUTHLIB_RELAX_TOKEN_SCOPE=1 #optional + volumes: + - /docker/calibre/config:/config + - /docker/calibre/books:/books + ports: + - 8083:8083 + dns: + - 100.111.0.126 + restart: unless-stopped + + +#---------------- NETWORKING ----------------# + + ## Cloudflared (tunnel service for outside web access) + cloudflared: + container_name: cloudflared + image: cloudflare/cloudflared:latest + network_mode: "host" + volumes: + - /docker/cloudflared:/etc/cloudflared + command: tunnel --no-autoupdate run + env_file: + - /docker/env/cloudflared.env + restart: unless-stopped + + ## Gluetun (vpn connector) + gluetun: + image: qmcgaw/gluetun:latest + container_name: gluetun + hostname: gluetun + cap_add: + - NET_ADMIN + network_mode: bridge + ports: + # System/Utility Ports + - 8888:8888/tcp # HTTP Proxy + - 8388:8388/tcp # Shadowsocks + - 8388:8388/udp # Shadowsocks + - 6881:6881 # Torrent peers + - 6881:6881/udp # Torrent peers + - 8111:8000/tcp # HTTP Control + # Service Ports + - 8080:8080 # qBittorrent + - 3001:3001 # Flood + - 7878:7878 # Sonarr + - 8989:8989 # Radarr + - 8686:8686 # Lidarr + - 9696:9696 # Prowlarr + volumes: + - /docker/gluetun:/gluetun + - /etc/localtime:/etc/localtime:ro + devices: + - /dev/net/tun:/dev/net/tun + env_file: + - /docker/env/gluetun.env + restart: unless-stopped + + ## AdGuard Home (ad-blocking dns provider) + adguard: + image: adguard/adguardhome + container_name: adguard + network_mode: host + ports: + - 53:53/tcp + - 53:53/udp + - 784:784/udp + - 853:853/tcp + - 3000:3000/tcp + - 80:80/tcp + - 443:443/tcp + volumes: + - /docker/adguard/working:/opt/adguardhome/work + - /docker/adguard/conf:/opt/adguardhome/conf + restart: unless-stopped + + +#---------------- DOWNLOADING ----------------# + + ## QBittorrent (torrent client) + qbittorrent: + image: ghcr.io/linuxserver/qbittorrent:latest + container_name: qbittorrent + network_mode: "service:gluetun" + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Chicago + - WEBUI_PORT=8080 + volumes: + - /docker/qbittorrent/config:/config + - /docker/qbittorrent/downloads:/downloads + - /media/downloads:/ext_dl + restart: unless-stopped + + ## Radarr (movie downloading) + radarr: + image: ghcr.io/linuxserver/radarr:latest + container_name: radarr + network_mode: "service:gluetun" + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Chicago + volumes: + - /docker/radarr:/config + - /media/jellyfin/Movies:/Movies #optional + - /docker/qbittorrent/downloads:/downloads #optional + restart: unless-stopped + + ## Sonarr (tv show downloading) + sonarr: + image: ghcr.io/linuxserver/sonarr:latest + container_name: sonarr + network_mode: "service:gluetun" + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Chicago + - DOCKER_MODS=ghcr.io/gilbn/theme.park:sonarr + - TP_ADDON=sonarr-darker + - TP_THEME=dark + volumes: + - /docker/sonarr:/config + - /media/jellyfin/TV Shows:/TV Shows + - /docker/qbittorrent/downloads:/downloads + restart: unless-stopped + + ## Prowlarr (torrent indexer management) + prowlarr: + image: ghcr.io/linuxserver/prowlarr:nightly + container_name: prowlarr + network_mode: "service:gluetun" + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Chicago + volumes: + - /docker/prowlarr:/config + restart: unless-stopped + + ## Bazarr (subtitle downloading) + bazarr: + image: lscr.io/linuxserver/bazarr:latest + container_name: bazarr + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Chicago + volumes: + - /docker/bazarr:/config + - /media/jellyfin/Movies:/movies + - /media/jellyfin/TV Shows:/tv + ports: + - 6767:6767 + restart: unless-stopped + + +#---------------- DOCKER ----------------# + +secrets: + glances_password: + file: /docker/secrets/glances_password + +volumes: + model-cache: + miniflux-db: + paperless-data: + paperless-media: + redis-data: + tandoor-server-config: + joplindb: + linkstack: + diff --git a/readme.md b/readme.md new file mode 100644 index 0000000..c340713 --- /dev/null +++ b/readme.md @@ -0,0 +1 @@ +# homelab