Last active
January 6, 2021 08:24
-
-
Save TimBroddin/7b6f5fe87ad627228bd89105c744a25c to your computer and use it in GitHub Desktop.
Voorbeeldje
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: "2" | |
services: | |
portainer: | |
image: portainer/portainer | |
container_name: portainer | |
ports: | |
- 9000:9000 | |
labels: | |
- "traefik.http.routers.portainer.rule=Host(`portainer.example.com`)" | |
- "traefik.http.routers.portainer.tls=true" | |
- "traefik.http.routers.portainer.tls.certresolver=certresolver1" | |
- "traefik.http.services.portainer.loadbalancer.server.port=9000" | |
- "traefik.http.middlewares.portainer.redirectscheme.scheme=https" | |
- "traefik.http.middlewares.portainer.redirectscheme.permanent=true" | |
volumes: | |
- /volume1/docker/portainer:/data | |
- /var/run/docker.sock:/var/run/docker.sock | |
restart: always | |
heimdall: | |
image: linuxserver/heimdall | |
container_name: heimdall | |
environment: | |
- PUID=1024 | |
- PGID=101 | |
- TZ=Europe/Brussels | |
labels: | |
- "traefik.http.routers.portal.rule=Host(`portal.example.com`)" | |
- "traefik.http.routers.portal.tls=true" | |
- "traefik.http.routers.portal.tls.certresolver=certresolver1" | |
- "traefik.http.middlewares.portal.redirectscheme.scheme=https" | |
- "traefik.http.middlewares.portal.redirectscheme.permanent=true" | |
volumes: | |
- /volume1/docker/heimdall/config:/config | |
restart: unless-stopped | |
reverse-proxy: | |
# The official v2.0 Traefik docker image | |
image: traefik:v2.2 | |
container_name: proxy | |
command: | |
- --entrypoints.web.address=:80 | |
- --entrypoints.web-secure.address=:443 | |
- --certificatesResolvers.certresolver1.acme.dnsChallenge=true | |
- --certificatesResolvers.certresolver1.acme.dnsChallenge.resolvers=1.1.1.1:53,8.8.8.8:53 | |
- --certificatesResolvers.certresolver1.acme.email=tim@wannabes.be | |
- --certificatesResolvers.certresolver1.acme.storage=/acme.json | |
- --certificatesresolvers.certresolver1.acme.dnschallenge.provider=route53 | |
- --certificatesResolvers.certresolver1.acme.dnsChallenge.delayBeforeCheck=0 | |
- --api.insecure=true | |
- --providers.docker | |
- --providers.file.directory=/configuration/ | |
- --providers.file.watch=true | |
- --log.filePath=/logs/traefik.log | |
- --log.level=INFO | |
ports: | |
- "80:80" | |
- "443:443" | |
- "8080:8080" | |
volumes: | |
- "/volume1/docker/traefik/configuration/:/configuration/" | |
- "/volume1/docker/traefik/logs/:/logs/" | |
- /var/run/docker.sock:/var/run/docker.sock | |
environment: | |
- AWS_ACCESS_KEY_ID=xxx | |
- AWS_SECRET_ACCESS_KEY=xx | |
- AWS_REGION=eu-west-1 | |
- AWS_HOSTED_ZONE_ID=xxx | |
labels: | |
# middleware redirect | |
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" | |
# global redirect to https | |
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)" | |
- "traefik.http.routers.redirs.entrypoints=web" | |
- "traefik.http.routers.redirs.middlewares=redirect-to-https" | |
- "traefik.http.routers.traefik.tls.domains[0].main=example.com" | |
- "traefik.http.routers.traefik.tls.domains[0].sans=*.example.com" | |
extra_hosts: | |
- host.docker.internal:192.168.1.2 | |
plex: | |
image: linuxserver/plex:latest | |
container_name: "plex" | |
volumes: | |
- "/volume1/docker/plex:/config:rw" | |
- "/volume1/docker/plex/transcode:/transcode:rw" | |
- "/volume1/Personal\ Movies:/other-videos:rw" | |
environment: | |
- VERSION=latest | |
- PGID=1024 | |
- PUID=101 | |
- TZ=Europe/Brussels | |
- PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin | |
- HOME=/root | |
- LANGUAGE=en_US.UTF-8 | |
- LANG=en_US.UTF-8 | |
- TERM=xterm | |
- NVIDIA_DRIVER_CAPABILITIES=compute,video,utility | |
- DEBIAN_FRONTEND=noninteractive | |
- PLEX_DOWNLOAD=https://downloads.plex.tv/plex-media-server-new | |
- PLEX_ARCH=amd64 | |
- PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR=/config/Library/Application Support | |
- PLEX_MEDIA_SERVER_HOME=/usr/lib/plexmediaserver | |
- PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS=6 | |
- PLEX_MEDIA_SERVER_INFO_VENDOR=docker | |
- PLEX_MEDIA_SERVER_INFO_DEVICE=Docker Container (LinuxServer.io) | |
- PLEX_CLAIM=claim- | |
labels: | |
- "traefik.http.routers.plex.rule=Host(`plex.example.com`)" | |
- "traefik.http.routers.plex.tls=true" | |
- "traefik.http.routers.plex.tls.certresolver=certresolver1" | |
- "traefik.http.services.plex.loadbalancer.server.port=32400" | |
- "traefik.http.middlewares.plex.redirectscheme.scheme=https" | |
- "traefik.http.middlewares.plex.redirectscheme.permanent=true" | |
devices: | |
- "/dev/dri/card0:/dev/dri/card0" | |
- "/dev/dri/renderD128:/dev/dri/renderD128" | |
privileged: true | |
network_mode: "host" | |
restart: always | |
watchtower: | |
image: v2tec/watchtower | |
container_name: watchtower | |
restart: always | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock | |
labels: | |
- "WATCHTOWER_POLL_INTERVAL=7200" | |
route53-dynamic-dns: | |
image: sjmayotte/route53-dynamic-dns:v1.1 | |
container_name: route53-dynamic-dns | |
environment: | |
- AWS_ACCESS_KEY_ID=x | |
- AWS_SECRET_ACCESS_KEY=x | |
- AWS_REGION=eu-west-1 | |
- ROUTE53_HOSTED_ZONE_ID=x | |
- ROUTE53_DOMAIN=example.com | |
- ROUTE53_TYPE=A | |
- ROUTE53_TTL=60 | |
- SEND_EMAIL_SES=true | |
- SES_TO_ADDRESS=tim@wannabes.be | |
- SES_FROM_ADDRESS=tim@wannabes.be | |
- UPDATE_FREQUENCY=60000 | |
pihole: | |
container_name: pihole | |
image: pihole/pihole:v5.2.1 | |
networks: | |
pihole_network: | |
ipv4_address: 192.168.1.4 | |
volumes: | |
- "/volume1/docker/pihole/config:/etc/pihole/" | |
- "/volume1/docker/pihole/dnsmasq.d/:/etc/dnsmasq.d/" | |
dns: | |
- 127.0.0.1 | |
- 8.8.8.8 | |
ports: | |
- 443/tcp | |
- 53/tcp | |
- 53/udp | |
- 67/udp | |
- 80/tcp | |
environment: | |
TZ: Europe/Brussels | |
WEBPASSWORD: xxxx | |
ServerIP: 192.168.1.4 | |
restart: unless-stopped | |
networks: | |
pihole_network: | |
driver: macvlan | |
driver_opts: | |
parent: eth0 | |
ipam: | |
config: | |
- subnet: 192.168.1.0/24 | |
gateway: 192.168.1.1 | |
ip_range: 192.168.1.4/24 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment