ultimatevps
This commit is contained in:
		
							parent
							
								
									7d9ff16238
								
							
						
					
					
						commit
						fe54766368
					
				|  | @ -0,0 +1 @@ | ||||||
|  | WIREGUARD_TOKEN=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX | ||||||
|  | @ -0,0 +1,334 @@ | ||||||
|  | services: | ||||||
|  |   gluetun: | ||||||
|  |     image: qmcgaw/gluetun | ||||||
|  |     # container_name: gluetun | ||||||
|  |     # line above must be uncommented to allow external containers to connect. | ||||||
|  |     # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun | ||||||
|  |     env_file: | ||||||
|  |       - .env # should default to .env | ||||||
|  |     cap_add: | ||||||
|  |       - NET_ADMIN | ||||||
|  |     devices: | ||||||
|  |       - /dev/net/tun:/dev/net/tun | ||||||
|  |     ports: | ||||||
|  |       - 8888:8888/tcp # HTTP proxy | ||||||
|  |       - 8388:8388/tcp # Shadowsocks | ||||||
|  |       - 8388:8388/udp # Shadowsocks | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/searxng/gluetun:/gluetun | ||||||
|  |     environment: | ||||||
|  |       # See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup | ||||||
|  |       - VPN_SERVICE_PROVIDER=nordvpn | ||||||
|  |       - VPN_TYPE=wireguard | ||||||
|  |       # OpenVPN: | ||||||
|  |       # - OPENVPN_USER= | ||||||
|  |       # - OPENVPN_PASSWORD= | ||||||
|  |       # Wireguard: | ||||||
|  |       - WIREGUARD_PRIVATE_KEY=${WIREGUARD_TOKEN} | ||||||
|  |       - WIREGUARD_ADDRESSES=10.5.0.2/16 | ||||||
|  |       - SERVER_COUNTRIES=UNITED KINGDOM | ||||||
|  |       # Timezone for accurate log times | ||||||
|  |       - TZ=Europe/London | ||||||
|  |       # Server list updater | ||||||
|  |       # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list | ||||||
|  |       - UPDATER_PERIOD=24h | ||||||
|  |     networks: | ||||||
|  |       - proxy | ||||||
|  |     labels: | ||||||
|  |       - "traefik.enable=true" | ||||||
|  |       - "traefik.docker.network=proxy" | ||||||
|  |       - "traefik.http.routers.qbittorrent.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.qbittorrent.rule=Host(`qbittorrent.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.qbittorrent-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.qbittorrent.middlewares=qbittorrent-https-redirect" | ||||||
|  |       - "traefik.http.routers.qbittorrent-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.qbittorrent-secure.rule=Host(`qbittorrent.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.qbittorrent-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.qbittorrent-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.qbittorrent-secure.service=qbittorrent" | ||||||
|  |       - "traefik.http.services.qbittorrent.loadbalancer.server.port=8085" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.jackett.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.jackett.rule=Host(`jackett.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.jackett-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.jackett.middlewares=jackett-https-redirect" | ||||||
|  |       - "traefik.http.routers.jackett-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.jackett-secure.rule=Host(`jackett.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.jackett-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.jackett-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.jackett-secure.service=jackett" | ||||||
|  |       - "traefik.http.services.jackett.loadbalancer.server.port=9117" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.sonarr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.sonarr.rule=Host(`sonarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.sonarr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.sonarr.middlewares=sonarr-https-redirect" | ||||||
|  |       - "traefik.http.routers.sonarr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.sonarr-secure.rule=Host(`sonarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.sonarr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.sonarr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.sonarr-secure.service=sonarr" | ||||||
|  |       - "traefik.http.services.sonarr.loadbalancer.server.port=8989" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.prowlarr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.prowlarr.rule=Host(`prowlarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.prowlarr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.prowlarr.middlewares=prowlarr-https-redirect" | ||||||
|  |       - "traefik.http.routers.prowlarr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.prowlarr-secure.rule=Host(`prowlarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.prowlarr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.prowlarr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.prowlarr-secure.service=prowlarr" | ||||||
|  |       - "traefik.http.services.prowlarr.loadbalancer.server.port=9696" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.radarr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.radarr.rule=Host(`radarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.radarr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.radarr.middlewares=radarr-https-redirect" | ||||||
|  |       - "traefik.http.routers.radarr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.radarr-secure.rule=Host(`radarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.radarr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.radarr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.radarr-secure.service=radarr" | ||||||
|  |       - "traefik.http.services.radarr.loadbalancer.server.port=7878" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.homepage-arr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.homepage-arr.rule=Host(`homepage-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.homepage-arr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.homepage-arr.middlewares=homepage-arr-https-redirect" | ||||||
|  |       - "traefik.http.routers.homepage-arr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.homepage-arr-secure.rule=Host(`homepage-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.homepage-arr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.homepage-arr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.homepage-arr-secure.service=homepage-arr" | ||||||
|  |       - "traefik.http.services.homepage-arr.loadbalancer.server.port=3000" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.jellyfin-arr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr.rule=Host(`jellyfin-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.jellyfin-arr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr.middlewares=jellyfin-arr-https-redirect" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr-secure.rule=Host(`jellyfin-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr-secure.service=jellyfin-arr" | ||||||
|  |       - "traefik.http.services.jellyfin-arr.loadbalancer.server.port=8096" | ||||||
|  | 
 | ||||||
|  |   qbittorrent: | ||||||
|  |     image: lscr.io/linuxserver/qbittorrent | ||||||
|  |     container_name: qbittorrent | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/London | ||||||
|  |       - WEBUI_PORT=8085 | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/qbittorrent:/config | ||||||
|  |       - /home/ubuntu/docker/arr-stack/qbittorrent/downloads:/downloads | ||||||
|  |     depends_on: | ||||||
|  |       - gluetun | ||||||
|  |     restart: always | ||||||
|  | 
 | ||||||
|  |   jackett: | ||||||
|  |     image: lscr.io/linuxserver/jackett:latest | ||||||
|  |     container_name: jackett | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Etc/UTC | ||||||
|  |       - AUTO_UPDATE=true #optional | ||||||
|  |       - RUN_OPTS= #optional | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/jackett/data:/config | ||||||
|  |       - /home/ubuntu/docker/arr-stack/jackett/blackhole:/downloads | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   sonarr: | ||||||
|  |     image: lscr.io/linuxserver/sonarr:latest | ||||||
|  |     container_name: sonarr | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Etc/UTC | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/sonarr/data:/config | ||||||
|  |       - /home/ubuntu/docker/arr-stack/sonarr/tvseries:/tv #optional | ||||||
|  |       - /home/ubuntu/docker/arr-stack/sonarr/downloadclient-downloads:/downloads #optional | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   prowlarr: | ||||||
|  |     image: lscr.io/linuxserver/prowlarr:latest | ||||||
|  |     container_name: prowlarr | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Etc/UTC | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/prowlarr/data:/config | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   radarr: | ||||||
|  |     image: lscr.io/linuxserver/radarr:latest | ||||||
|  |     container_name: radarr | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Etc/UTC | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/radarr/data:/config | ||||||
|  |       # - /path/to/movies:/movies #optional | ||||||
|  |       - /home/ubuntu/docker/arr-stack/qbittorrent/downloads:/downloads #optional | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   homepage: | ||||||
|  |     image: ghcr.io/gethomepage/homepage:latest | ||||||
|  |     container_name: homepage | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       PUID: 1000 # optional, your user id | ||||||
|  |       PGID: 1000 # optional, your group id | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/homepage:/app/config # Make sure your local config directory exists | ||||||
|  |       - /var/run/docker.sock:/var/run/docker.sock:ro # optional, for docker integrations | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   jellyfin: | ||||||
|  |     image: jellyfin/jellyfin | ||||||
|  |     container_name: jellyfin | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     #group_add: | ||||||
|  |     #  - '109'  # This needs to be the group id of running `stat -c '%g' /dev/dri/renderD128` on the docker host | ||||||
|  |     environment: | ||||||
|  |       - TZ=Europe/London | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/jellyfin/config:/config | ||||||
|  |       - /home/ubuntu/docker/arr-stack/jellyfin/cache:/cache | ||||||
|  |       # - /home/ubuntu/YOUR_NAS/Films:/Films:ro | ||||||
|  |       # - /home/ubuntu/YOUR_NAS/TVShows:/TVShows:ro | ||||||
|  |       # - /home/ubuntu/YOUR_NAS/Audiobooks:/Audiobooks:ro | ||||||
|  |       # - /home/ubuntu/YOUR_NAS/Music:/Music:ro | ||||||
|  |     #ports: You will need to uncomment if you aren't running through a proxy | ||||||
|  |     #  - 8096:8096 | ||||||
|  |     #  - 8920:8920 #optional | ||||||
|  |     #  - 7359:7359/udp #optional | ||||||
|  |     #  - 1900:1900/udp #optional | ||||||
|  |     #devices: uncomment these and amend if you require GPU accelerated transcoding | ||||||
|  |     #  - /dev/dri/renderD128:/dev/dri/renderD128 | ||||||
|  |     #  - /dev/dri/card0:/dev/dri/card0 | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   pihole: | ||||||
|  |     container_name: pihole | ||||||
|  |     image: pihole/pihole:latest | ||||||
|  |     # For DHCP it is recommended to remove these ports and instead add: network_mode: "host" | ||||||
|  |     # Edit the file at /etc/systemd/resolved.conf and change the line DNSStubListener=yes to no, then use command sudo service systemd-resolved restart | ||||||
|  |     ports: | ||||||
|  |       - "53:53/tcp" | ||||||
|  |       - "53:53/udp" | ||||||
|  |     #  - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server | ||||||
|  |       - "85:80/tcp" # leave open to access for the first time | ||||||
|  |     environment: | ||||||
|  |       TZ: 'Europe/London' | ||||||
|  |       WEBPASSWORD: 'arrghh!' | ||||||
|  |     # Volumes store your data between container upgrades | ||||||
|  |     networks: | ||||||
|  |       proxy: | ||||||
|  |       wg-easy: | ||||||
|  |         ipv4_address: 10.8.1.2 | ||||||
|  |     volumes: | ||||||
|  |       - '/home/ubuntu/docker/arr-stack/pihole/etc-pihole:/etc/pihole' | ||||||
|  |       - '/home/ubuntu/docker/arr-stack/pihole/etc-dnsmasq.d:/etc/dnsmasq.d' | ||||||
|  |     #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities | ||||||
|  |     #cap_add: | ||||||
|  |     #  - NET_ADMIN # Required if you are using Pi-hole as your DHCP server, else not needed | ||||||
|  |     restart: unless-stopped | ||||||
|  |     labels: | ||||||
|  |       - "traefik.enable=true" | ||||||
|  |       - "traefik.docker.network=proxy" | ||||||
|  |       - "traefik.http.routers.pihole-arr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.pihole-arr.rule=Host(`pihole-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.pihole-arr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.pihole-arr.middlewares=pihole-arr-https-redirect" | ||||||
|  |       - "traefik.http.routers.pihole-arr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.pihole-arr-secure.rule=Host(`pihole-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.pihole-arr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.pihole-arr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.pihole-arr-secure.service=pihole-arr" | ||||||
|  |       - "traefik.http.services.pihole-arr.loadbalancer.server.port=80" | ||||||
|  | 
 | ||||||
|  |   wg-easy: | ||||||
|  |     environment: | ||||||
|  |       # Change Language: | ||||||
|  |       # (Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi, ja, si) | ||||||
|  |       - LANG=en | ||||||
|  |       # ?? Required: | ||||||
|  |       # Change this to your host's public address | ||||||
|  |       - WG_HOST=raspberrypi.local | ||||||
|  | 
 | ||||||
|  |       # Optional: | ||||||
|  |       # - PASSWORD_HASH=$$2y$$10$$hBCoykrB95WSzuV4fafBzOHWKu9sbyVa34GJr8VV5R/pIelfEMYyG # (needs double $$, hash of 'foobar123'; see "How_to_generate_an_bcrypt_hash.md" for generate the hash) | ||||||
|  |       # - PORT=51821 | ||||||
|  |       # - WG_PORT=51820 | ||||||
|  |       # - WG_CONFIG_PORT=92820 | ||||||
|  |       - WG_DEFAULT_ADDRESS=10.8.0.x | ||||||
|  |       - WG_DEFAULT_DNS=10.8.1.2 | ||||||
|  |       # - WG_MTU=1420 | ||||||
|  |       # - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24 | ||||||
|  |       # - WG_PERSISTENT_KEEPALIVE=25 | ||||||
|  |       # - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt | ||||||
|  |       # - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt | ||||||
|  |       # - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt | ||||||
|  |       # - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt | ||||||
|  |       # - UI_TRAFFIC_STATS=true | ||||||
|  |       # - UI_CHART_TYPE=0 # (0 Charts disabled, 1 # Line chart, 2 # Area chart, 3 # Bar chart) | ||||||
|  |       # - WG_ENABLE_ONE_TIME_LINKS=true | ||||||
|  |       # - UI_ENABLE_SORT_CLIENTS=true | ||||||
|  |       # - WG_ENABLE_EXPIRES_TIME=true | ||||||
|  |       # - ENABLE_PROMETHEUS_METRICS=false | ||||||
|  |       # - PROMETHEUS_METRICS_PASSWORD=$$2a$$12$$vkvKpeEAHD78gasyawIod.1leBMKg8sBwKW.pQyNsq78bXV3INf2G # (needs double $$, hash of 'prometheus_password'; see "How_to_generate_an_bcrypt_hash.md" for generate the hash) | ||||||
|  | 
 | ||||||
|  |     image: ghcr.io/wg-easy/wg-easy | ||||||
|  |     container_name: wg-easy | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/wireguard-easy/etc_wireguard:/etc/wireguard | ||||||
|  |     ports: | ||||||
|  |       - "51820:51820/udp" | ||||||
|  |     #  - "51821:51821/tcp" | ||||||
|  |     restart: unless-stopped | ||||||
|  |     networks: | ||||||
|  |         proxy: | ||||||
|  |         wg-easy: | ||||||
|  |           ipv4_address: 10.8.1.3 | ||||||
|  |     cap_add: | ||||||
|  |       - NET_ADMIN | ||||||
|  |       - SYS_MODULE | ||||||
|  |       # - NET_RAW # ?? Uncomment if using Podman | ||||||
|  |     sysctls: | ||||||
|  |       - net.ipv4.ip_forward=1 | ||||||
|  |       - net.ipv4.conf.all.src_valid_mark=1 | ||||||
|  |     labels: | ||||||
|  |       - "traefik.enable=true" | ||||||
|  |       - "traefik.docker.network=proxy" | ||||||
|  |       - "traefik.http.routers.wireguard-arr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.wireguard-arr.rule=Host(`wireguard-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.wireguard-arr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.wireguard-arr.middlewares=wireguard-arr-https-redirect" | ||||||
|  |       - "traefik.http.routers.wireguard-arr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.wireguard-arr-secure.rule=Host(`wireguard-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.wireguard-arr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.wireguard-arr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.wireguard-arr-secure.service=wireguard-arr" | ||||||
|  |       - "traefik.http.services.wireguard-arr.loadbalancer.server.port=51821" | ||||||
|  | 
 | ||||||
|  | networks: | ||||||
|  |   proxy: | ||||||
|  |     external: true | ||||||
|  |   wg-easy: | ||||||
|  |     ipam: | ||||||
|  |       config: | ||||||
|  |         - subnet: 10.8.1.0/24 | ||||||
|  | @ -0,0 +1,227 @@ | ||||||
|  | services: | ||||||
|  |   gluetun: | ||||||
|  |     image: qmcgaw/gluetun | ||||||
|  |     # container_name: gluetun | ||||||
|  |     # line above must be uncommented to allow external containers to connect. | ||||||
|  |     # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun | ||||||
|  |     env_file: | ||||||
|  |       - .env # should default to .env | ||||||
|  |     cap_add: | ||||||
|  |       - NET_ADMIN | ||||||
|  |     devices: | ||||||
|  |       - /dev/net/tun:/dev/net/tun | ||||||
|  |     ports: | ||||||
|  |       - 8888:8888/tcp # HTTP proxy | ||||||
|  |       - 8388:8388/tcp # Shadowsocks | ||||||
|  |       - 8388:8388/udp # Shadowsocks | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/gluetun:/gluetun | ||||||
|  |     environment: | ||||||
|  |       # See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup | ||||||
|  |       - VPN_SERVICE_PROVIDER=nordvpn | ||||||
|  |       - VPN_TYPE=wireguard | ||||||
|  |       # OpenVPN: | ||||||
|  |       # - OPENVPN_USER= | ||||||
|  |       # - OPENVPN_PASSWORD= | ||||||
|  |       # Wireguard: | ||||||
|  |       - WIREGUARD_PRIVATE_KEY=${WIREGUARD_TOKEN} | ||||||
|  |       - WIREGUARD_ADDRESSES=10.5.0.2/16 | ||||||
|  |       - SERVER_COUNTRIES=UNITED KINGDOM | ||||||
|  |       # Timezone for accurate log times | ||||||
|  |       - TZ=Europe/London | ||||||
|  |       # Server list updater | ||||||
|  |       # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list | ||||||
|  |       - UPDATER_PERIOD=24h | ||||||
|  |     networks: | ||||||
|  |       - proxy | ||||||
|  |     labels: | ||||||
|  |       - "traefik.enable=true" | ||||||
|  |       - "traefik.docker.network=proxy" | ||||||
|  |       - "traefik.http.routers.qbittorrent.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.qbittorrent.rule=Host(`qbittorrent.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.qbittorrent-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.qbittorrent.middlewares=qbittorrent-https-redirect" | ||||||
|  |       - "traefik.http.routers.qbittorrent-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.qbittorrent-secure.rule=Host(`qbittorrent.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.qbittorrent-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.qbittorrent-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.qbittorrent-secure.service=qbittorrent" | ||||||
|  |       - "traefik.http.services.qbittorrent.loadbalancer.server.port=8085" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.jackett.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.jackett.rule=Host(`jackett.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.jackett-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.jackett.middlewares=jackett-https-redirect" | ||||||
|  |       - "traefik.http.routers.jackett-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.jackett-secure.rule=Host(`jackett.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.jackett-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.jackett-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.jackett-secure.service=jackett" | ||||||
|  |       - "traefik.http.services.jackett.loadbalancer.server.port=9117" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.sonarr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.sonarr.rule=Host(`sonarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.sonarr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.sonarr.middlewares=sonarr-https-redirect" | ||||||
|  |       - "traefik.http.routers.sonarr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.sonarr-secure.rule=Host(`sonarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.sonarr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.sonarr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.sonarr-secure.service=sonarr" | ||||||
|  |       - "traefik.http.services.sonarr.loadbalancer.server.port=8989" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.prowlarr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.prowlarr.rule=Host(`prowlarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.prowlarr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.prowlarr.middlewares=prowlarr-https-redirect" | ||||||
|  |       - "traefik.http.routers.prowlarr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.prowlarr-secure.rule=Host(`prowlarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.prowlarr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.prowlarr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.prowlarr-secure.service=prowlarr" | ||||||
|  |       - "traefik.http.services.prowlarr.loadbalancer.server.port=9696" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.radarr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.radarr.rule=Host(`radarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.radarr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.radarr.middlewares=radarr-https-redirect" | ||||||
|  |       - "traefik.http.routers.radarr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.radarr-secure.rule=Host(`radarr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.radarr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.radarr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.radarr-secure.service=radarr" | ||||||
|  |       - "traefik.http.services.radarr.loadbalancer.server.port=7878" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.homepage-arr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.homepage-arr.rule=Host(`homepage-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.homepage-arr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.homepage-arr.middlewares=homepage-arr-https-redirect" | ||||||
|  |       - "traefik.http.routers.homepage-arr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.homepage-arr-secure.rule=Host(`homepage-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.homepage-arr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.homepage-arr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.homepage-arr-secure.service=homepage-arr" | ||||||
|  |       - "traefik.http.services.homepage-arr.loadbalancer.server.port=3000" | ||||||
|  | 
 | ||||||
|  |       - "traefik.http.routers.jellyfin-arr.entrypoints=http" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr.rule=Host(`jellyfin-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.middlewares.jellyfin-arr-https-redirect.redirectscheme.scheme=https" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr.middlewares=jellyfin-arr-https-redirect" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr-secure.entrypoints=https" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr-secure.rule=Host(`jellyfin-arr.jimsgarage.co.uk`)" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr-secure.tls=true" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr-secure.tls.certresolver=cloudflare" | ||||||
|  |       - "traefik.http.routers.jellyfin-arr-secure.service=jellyfin-arr" | ||||||
|  |       - "traefik.http.services.jellyfin-arr.loadbalancer.server.port=8096" | ||||||
|  | 
 | ||||||
|  |   qbittorrent: | ||||||
|  |     image: lscr.io/linuxserver/qbittorrent | ||||||
|  |     container_name: qbittorrent | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Europe/London | ||||||
|  |       - WEBUI_PORT=8085 | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/qbittorrent:/config | ||||||
|  |       - /home/ubuntu/docker/arr-stack/qbittorrent/downloads:/downloads | ||||||
|  |     depends_on: | ||||||
|  |       - gluetun | ||||||
|  |     restart: always | ||||||
|  | 
 | ||||||
|  |   jackett: | ||||||
|  |     image: lscr.io/linuxserver/jackett:latest | ||||||
|  |     container_name: jackett | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Etc/UTC | ||||||
|  |       - AUTO_UPDATE=true #optional | ||||||
|  |       - RUN_OPTS= #optional | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/jackett/data:/config | ||||||
|  |       - /home/ubuntu/docker/arr-stack/jackett/blackhole:/downloads | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   sonarr: | ||||||
|  |     image: lscr.io/linuxserver/sonarr:latest | ||||||
|  |     container_name: sonarr | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Etc/UTC | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/sonarr/data:/config | ||||||
|  |       - /home/ubuntu/docker/arr-stack/sonarr/tvseries:/tv #optional | ||||||
|  |       - /home/ubuntu/docker/arr-stack/sonarr/downloadclient-downloads:/downloads #optional | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   prowlarr: | ||||||
|  |     image: lscr.io/linuxserver/prowlarr:latest | ||||||
|  |     container_name: prowlarr | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Etc/UTC | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/prowlarr/data:/config | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   radarr: | ||||||
|  |     image: lscr.io/linuxserver/radarr:latest | ||||||
|  |     container_name: radarr | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       - PUID=1000 | ||||||
|  |       - PGID=1000 | ||||||
|  |       - TZ=Etc/UTC | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/radarr/data:/config | ||||||
|  |       # - /path/to/movies:/movies #optional | ||||||
|  |       - /home/ubuntu/docker/arr-stack/qbittorrent/downloads:/downloads #optional | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   homepage: | ||||||
|  |     image: ghcr.io/gethomepage/homepage:latest | ||||||
|  |     container_name: homepage | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     environment: | ||||||
|  |       PUID: 1000 # optional, your user id | ||||||
|  |       PGID: 1000 # optional, your group id | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/homepage:/app/config # Make sure your local config directory exists | ||||||
|  |       - /var/run/docker.sock:/var/run/docker.sock:ro # optional, for docker integrations | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  |   jellyfin: | ||||||
|  |     image: jellyfin/jellyfin | ||||||
|  |     container_name: jellyfin | ||||||
|  |     network_mode: "service:gluetun" | ||||||
|  |     #group_add: | ||||||
|  |     #  - '109'  # This needs to be the group id of running `stat -c '%g' /dev/dri/renderD128` on the docker host | ||||||
|  |     environment: | ||||||
|  |       - TZ=Europe/London | ||||||
|  |     volumes: | ||||||
|  |       - /home/ubuntu/docker/arr-stack/jellyfin/config:/config | ||||||
|  |       - /home/ubuntu/docker/arr-stack/jellyfin/cache:/cache | ||||||
|  |       # - /home/ubuntu/YOUR_NAS/Films:/Films:ro | ||||||
|  |       # - /home/ubuntu/YOUR_NAS/TVShows:/TVShows:ro | ||||||
|  |       # - /home/ubuntu/YOUR_NAS/Audiobooks:/Audiobooks:ro | ||||||
|  |       # - /home/ubuntu/YOUR_NAS/Music:/Music:ro | ||||||
|  |     #ports: You will need to uncomment if you aren't running through a proxy | ||||||
|  |     #  - 8096:8096 | ||||||
|  |     #  - 8920:8920 #optional | ||||||
|  |     #  - 7359:7359/udp #optional | ||||||
|  |     #  - 1900:1900/udp #optional | ||||||
|  |     #devices: uncomment these and amend if you require GPU accelerated transcoding | ||||||
|  |     #  - /dev/dri/renderD128:/dev/dri/renderD128 | ||||||
|  |     #  - /dev/dri/card0:/dev/dri/card0 | ||||||
|  |     restart: unless-stopped | ||||||
|  | 
 | ||||||
|  | networks: | ||||||
|  |   proxy: | ||||||
|  |     external: true | ||||||
|  | @ -0,0 +1 @@ | ||||||
|  | see: https://youtu.be/CmUzMi5QLzI & https://github.com/JamesTurland/JimsGarage/tree/main/Traefikv3 | ||||||
		Loading…
	
		Reference in New Issue
	
	 James Turland
						James Turland