Last active
November 21, 2021 23:51
-
-
Save D3strukt0r/d0e52c8b30f8c1d3f63db39cca008ee5 to your computer and use it in GitHub Desktop.
Server config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
###################################################################### | |
## | |
## Define default global variables with lines like: | |
## var=value [, var=value]* | |
## These values will be used for each following host unless overridden | |
## with a local variable definition. | |
## | |
## Define local variables for one or more hosts with: | |
## var=value [, var=value]* host.and.domain[,host2.and.domain...] | |
## | |
## Lines can be continued on the following line by ending the line | |
## with a \ | |
## | |
## | |
## Warning: not all supported routers or dynamic DNS services | |
## are mentioned here. | |
## | |
###################################################################### | |
daemon=600 # check every 600 seconds | |
syslog=yes # log update msgs to syslog | |
#mail=root # mail all msgs to root | |
#mail-failure=root # mail failed update msgs to root | |
pid=/var/run/ddclient/ddclient.pid # record PID in file. | |
ssl=yes # use ssl-support. Works with | |
# ssl-library | |
# postscript=script # run script after updating. The | |
# new IP is added as argument. | |
# | |
#use=watchguard-soho, fw=192.168.111.1:80 # via Watchguard's SOHO FW | |
#use=netopia-r910, fw=192.168.111.1:80 # via Netopia R910 FW | |
#use=smc-barricade, fw=192.168.123.254:80 # via SMC's Barricade FW | |
#use=netgear-rt3xx, fw=192.168.0.1:80 # via Netgear's internet FW | |
#use=linksys, fw=192.168.1.1:80 # via Linksys's internet FW | |
#use=maxgate-ugate3x00, fw=192.168.0.1:80 # via MaxGate's UGATE-3x00 FW | |
#use=elsa-lancom-dsl10, fw=10.0.0.254:80 # via ELSA LanCom DSL/10 DSL Router | |
#use=elsa-lancom-dsl10-ch01, fw=10.0.0.254:80 # via ELSA LanCom DSL/10 DSL Router | |
#use=elsa-lancom-dsl10-ch02, fw=10.0.0.254:80 # via ELSA LanCom DSL/10 DSL Router | |
#use=alcatel-stp, fw=10.0.0.138:80 # via Alcatel Speed Touch Pro | |
#use=xsense-aero, fw=192.168.1.1:80 # via Xsense Aero Router | |
#use=allnet-1298, fw=192.168.1.1:80 # via AllNet 1298 DSL Router | |
#use=3com-oc-remote812, fw=192.168.0.254:80 # via 3com OfficeConnect Remote 812 | |
#use=e-tech, fw=192.168.1.1:80 # via E-tech Router | |
#use=cayman-3220h, fw=192.168.0.1:1080 # via Cayman 3220-H DSL Router | |
# | |
#fw-login=admin, fw-password=XXXXXX # FW login and password | |
# | |
## To obtain an IP address from FW status page (using fw-login, fw-password) | |
#use=fw, fw=192.168.1.254/status.htm, fw-skip='IP Address' # found after IP Address | |
# | |
## To obtain an IP address from Web status page (using the proxy if defined) | |
## by default, checkip.dyndns.org is used if you use the dyndns protocol. | |
## Using use=web is enough to get it working. | |
## WARNING: set deamon at least to 600 seconds if you use checkip or you could | |
## get banned from their service. | |
#use=web, web=checkip.dyndns.org/, web-skip='IP Address' # found after IP Address | |
#use=web, web=checkip.dyndns.org/, web-skip='Current IP Address: ' | |
use=web, web=api.ipify.org, | |
# | |
#use=ip, ip=127.0.0.1 # via static IP's | |
#use=if, if=eth0 # via interfaces | |
#use=web # via web | |
#use=cmd, cmd=/config/checkip.sh, cmd-skip='IP Address' # found after IP Address | |
# | |
#protocol=dyndns2 # default protocol | |
#proxy=fasthttp.sympatico.ca:80 # default proxy | |
#server=members.dyndns.org # default server | |
#server=members.dyndns.org:8245 # default server (bypassing proxies) | |
#login=your-login # default login | |
#password=test # default password | |
#mx=mx.for.your.host # default MX | |
#backupmx=yes|no # host is primary MX? | |
#wildcard=yes|no # add wildcard CNAME? | |
## | |
## CloudFlare (www.cloudflare.com) | |
## | |
protocol=cloudflare, \ | |
zone=REPLACE_ME, \ | |
ttl=1, \ | |
login=REPLACE_ME, \ | |
password=REPLACE_ME \ | |
example.com, sub.example.com | |
protocol=cloudflare, \ | |
zone=REPLACE_ME, \ | |
ttl=1, \ | |
login=REPLACE_ME, \ | |
password=REPLACE_ME \ | |
example2.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: "2" | |
# Update dynamic IP address on Cloudflare | |
services: | |
ddclient: | |
container_name: ddclient | |
image: linuxserver/ddclient | |
restart: always | |
dns: | |
- 1.1.1.1 | |
- 1.0.0.1 | |
volumes: | |
- ./ddclient.conf:/config/ddclient.conf:ro | |
environment: | |
- TZ=Europe/Zurich |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This file is auto-generated by the Mailu configuration wizard. | |
# Please read the documentation before attempting any change. | |
# Generated for compose flavor | |
version: '2.2' | |
services: | |
# External dependencies | |
redis: | |
image: redis:alpine | |
restart: always | |
networks: | |
- default | |
- internal | |
volumes: | |
- "./redis:/data" | |
db: | |
image: mariadb | |
command: | |
- --character-set-server=utf8mb4 | |
- --collation-server=utf8mb4_unicode_ci | |
healthcheck: | |
# https://github.com/docker-library/healthcheck/blob/master/mysql/docker-healthcheck | |
test: mysqladmin -u${DB_USERNAME:-root} --password=REPLACE_ME --silent ping >/dev/null || exit 1 | |
interval: 10s | |
timeout: 5s | |
retries: 3 | |
restart: always | |
networks: | |
- default | |
- internal | |
volumes: | |
- ./database:/var/lib/mysql | |
environment: | |
MYSQL_ROOT_PASSWORD: l2TNdvIRlgAa557oTBpe | |
MYSQL_USER: mail | |
MYSQL_PASSWORD: Tqi9ZeiGQotba6fC4NXE | |
MYSQL_DATABASE: mail | |
# Core services | |
front: | |
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-1.7} | |
restart: always | |
env_file: mailu.env | |
networks: | |
- default | |
- internal | |
- traefik_proxy | |
logging: | |
driver: json-file | |
ports: | |
- "25:25" | |
- "465:465" | |
- "587:587" | |
- "110:110" | |
- "995:995" | |
- "143:143" | |
- "993:993" | |
volumes: | |
- "./certs:/certs" | |
- "./overrides/nginx:/overrides" | |
labels: | |
- traefik.enable=true | |
- traefik.http.services.mail.loadbalancer.server.port=80 | |
- traefik.http.routers.mail0.entrypoints=http | |
- traefik.http.routers.mail0.rule=Host(`REPLACE_ME`) | |
- traefik.http.routers.mail0.middlewares=to_https | |
- traefik.http.routers.mail.entrypoints=https | |
- traefik.http.routers.mail.rule=Host(`REPLACE_ME`) | |
- traefik.http.routers.mail.tls=true | |
- traefik.http.routers.mail.tls.certresolver=le | |
# - traefik.http.routers.mail.tls.domains[0].main=REPLACE_ME | |
# - traefik.http.routers.mail.tls.domains[0].sans=REPLACE_ME | |
certdumper: | |
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}traefik-certdumper:${MAILU_VERSION:-master} | |
restart: always | |
environment: | |
# Make sure this is the same as the main=-domain in traefik.toml | |
DOMAIN: REPLACE_ME | |
TRAEFIK_VERSION: v2 | |
networks: | |
- default | |
- internal | |
volumes: | |
# Folder, which contains the acme.json | |
- "../traefik/acme.json:/traefik/acme.json:ro" | |
# Folder, where cert.pem and key.pem will be written | |
- "./certs:/output" | |
resolver: | |
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-1.7} | |
env_file: mailu.env | |
restart: always | |
networks: | |
- default | |
- internal | |
networks: | |
default: | |
ipv4_address: 10.5.0.254 | |
dns: | |
- 1.1.1.1 | |
- 1.0.0.1 | |
admin: | |
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-1.7} | |
restart: always | |
env_file: mailu.env | |
networks: | |
- default | |
- internal | |
volumes: | |
- "./data:/data" | |
- "./dkim:/dkim" | |
depends_on: | |
- redis | |
imap: | |
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-1.7} | |
restart: always | |
env_file: mailu.env | |
networks: | |
- default | |
- internal | |
volumes: | |
- "./mail:/mail" | |
- "./overrides:/overrides" | |
depends_on: | |
- front | |
smtp: | |
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-1.7} | |
restart: always | |
env_file: mailu.env | |
networks: | |
- default | |
- internal | |
volumes: | |
- "./overrides:/overrides" | |
depends_on: | |
- front | |
- resolver | |
dns: | |
- 10.5.0.254 | |
antispam: | |
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-1.7} | |
restart: always | |
env_file: mailu.env | |
networks: | |
- default | |
- internal | |
volumes: | |
- "./filter:/var/lib/rspamd" | |
- "./dkim:/dkim" | |
- "./overrides/rspamd:/etc/rspamd/override.d" | |
depends_on: | |
- front | |
- resolver | |
dns: | |
- 10.5.0.254 | |
# Optional services | |
antivirus: | |
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}clamav:${MAILU_VERSION:-1.7} | |
restart: always | |
env_file: mailu.env | |
networks: | |
- default | |
- internal | |
volumes: | |
- "./filter:/data" | |
depends_on: | |
- resolver | |
dns: | |
- 10.5.0.254 | |
webdav: | |
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}radicale:${MAILU_VERSION:-1.7} | |
restart: always | |
env_file: mailu.env | |
networks: | |
- default | |
- internal | |
volumes: | |
- "./dav:/data" | |
fetchmail: | |
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}fetchmail:${MAILU_VERSION:-1.7} | |
restart: always | |
env_file: mailu.env | |
networks: | |
- default | |
- internal | |
depends_on: | |
- resolver | |
dns: | |
- 10.5.0.254 | |
# Webmail | |
webmail: | |
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rainloop:${MAILU_VERSION:-1.7} | |
restart: always | |
env_file: mailu.env | |
networks: | |
- default | |
- internal | |
volumes: | |
- "./webmail:/data" | |
depends_on: | |
- imap | |
networks: | |
default: | |
driver: bridge | |
ipam: | |
driver: default | |
config: | |
# - subnet: 192.168.200.0/24 | |
- subnet: 10.5.0.0/16 | |
internal: | |
external: false | |
traefik_proxy: | |
external: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Mailu main configuration file | |
# | |
# This file is autogenerated by the configuration management wizard for compose flavor. | |
# For a detailed list of configuration variables, see the documentation at | |
# https://mailu.io | |
################################### | |
# Common configuration variables | |
################################### | |
# Set to a randomly generated 16 bytes string | |
SECRET_KEY=REPLACE_ME | |
# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!) | |
SUBNET=10.5.0.0/16 | |
# Main mail domain | |
DOMAIN=example.com | |
# Hostnames for this server, separated with comas | |
HOSTNAMES=isp-reverse-domain.com,example.com,example2.com | |
# Postmaster local part (will append the main mail domain) | |
POSTMASTER=admin | |
# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt) | |
TLS_FLAVOR=mail | |
# Authentication rate limit (per source IP address) | |
AUTH_RATELIMIT=10/minute;1000/hour | |
# Opt-out of statistics, replace with "True" to opt out | |
DISABLE_STATISTICS=False | |
################################### | |
# Optional features | |
################################### | |
# Expose the admin interface (value: true, false) | |
ADMIN=true | |
# Choose which webmail to run if any (values: roundcube, rainloop, none) | |
WEBMAIL=rainloop | |
# Dav server implementation (value: radicale, none) | |
WEBDAV=radicale | |
# Antivirus solution (value: clamav, none) | |
ANTIVIRUS=clamav | |
# docker-compose exec admin flask mailu admin admin example.com PASSWORD | |
# The first part of the e-mail address (ROOT@example.com) | |
# INITIAL_ADMIN_ACCOUNT=admin | |
# The domain appendix. Most probably identical to the DOMAIN variable | |
# INITIAL_ADMIN_DOMAIN=example.com | |
# The chosen password for the user | |
# INITIAL_ADMIN_PW="y7xyr2hMietoZORcBb05" | |
################################### | |
# Mail settings | |
################################### | |
# Message size limit in bytes | |
# Default: accept messages up to 50MB | |
# Max attachment size will be 33% smaller | |
MESSAGE_SIZE_LIMIT=50000000 | |
# Networks granted relay permissions | |
# Use this with care, all hosts in this networks will be able to send mail without authentication! | |
RELAYNETS= | |
# Will relay all outgoing mails if configured | |
RELAYHOST= | |
# Fetchmail delay | |
FETCHMAIL_DELAY=600 | |
# Recipient delimiter, character used to delimiter localpart from custom address part | |
RECIPIENT_DELIMITER=+ | |
# DMARC rua and ruf email | |
DMARC_RUA=admin | |
DMARC_RUF=admin | |
# Welcome email, enable and set a topic and body if you wish to send welcome | |
# emails to all users. | |
WELCOME=false | |
WELCOME_SUBJECT=Welcome to your new email account | |
WELCOME_BODY=Welcome to your new email account, if you can read this, then it is configured properly! | |
# Maildir Compression | |
# choose compression-method, default: none (value: bz2, gz) | |
COMPRESSION= | |
# change compression-level, default: 6 (value: 1-9) | |
COMPRESSION_LEVEL= | |
################################### | |
# Web settings | |
################################### | |
# Path to redirect / to | |
WEBROOT_REDIRECT=/webmail | |
# Path to the admin interface if enabled | |
WEB_ADMIN=/admin | |
# Path to the webmail if enabled | |
WEB_WEBMAIL=/webmail | |
# Website name | |
SITENAME=Mail | |
# Linked Website URL | |
WEBSITE=https://REPLACE_ME | |
################################### | |
# Advanced settings | |
################################### | |
# Log driver for front service. Possible values: | |
# json-file (default) | |
# journald (On systemd platforms, useful for Fail2Ban integration) | |
# syslog (Non systemd platforms, Fail2Ban integration. Disables `docker-compose log` for front!) | |
# LOG_DRIVER=json-file | |
# Docker-compose project name, this will prepended to containers names. | |
COMPOSE_PROJECT_NAME=mailu | |
# Default password scheme used for newly created accounts and changed passwords | |
# (value: BLF-CRYPT, SHA512-CRYPT, SHA256-CRYPT, MD5-CRYPT, CRYPT) | |
PASSWORD_SCHEME=BLF-CRYPT | |
# Header to take the real ip from | |
REAL_IP_HEADER= | |
# IPs for nginx set_real_ip_from (CIDR list separated by commas) | |
REAL_IP_FROM= | |
# choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no) | |
REJECT_UNLISTED_RECIPIENT= | |
# Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET) | |
LOG_LEVEL=WARNING | |
################################### | |
# Database settings | |
################################### | |
DB_FLAVOR=mysql | |
DB_USER=mail | |
DB_PW=REPLACE_ME | |
DB_HOST=db | |
DB_NAME=mail |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: "2" | |
# Auto Update containers when new version is available | |
services: | |
ouroboros: | |
container_name: ouroboros | |
image: pyouroboros/ouroboros | |
restart: always | |
hostname: ouroboros | |
dns: | |
- 1.1.1.1 | |
- 1.0.0.1 | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock | |
environment: | |
- CLEANUP=true | |
- INTERVAL=300 | |
- LOG_LEVEL=info | |
- SELF_UPDATE=true | |
- IGNORE=mongo influxdb postgres mariadb | |
- TZ=Europe/Zurich |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PI_HOLE_PASSWORD=REPLACE_ME |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: "2" | |
# Manage local blocked domain list | |
# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/ | |
services: | |
pihole: | |
container_name: pihole | |
image: pihole/pihole | |
restart: always | |
networks: | |
- traefik_proxy | |
volumes: | |
- ./pihole/:/etc/pihole/ | |
- ./dnsmasq.d/:/etc/dnsmasq.d/ | |
ports: | |
- 53:53/tcp | |
- 53:53/udp | |
- 67:67/udp | |
dns: | |
- 127.0.0.1 | |
environment: | |
TZ: "Europe/Zurich" | |
WEBPASSWORD: ${PI_HOLE_PASSWORD} | |
DNS1: 1.1.1.1 | |
DNS2: 1.0.0.1 | |
VIRTUAL_HOST: example.com | |
# DNSSEC: "true" | |
# IPv6: "true" | |
labels: | |
- traefik.enable=true | |
- traefik.http.services.pihole.loadbalancer.server.port=80 | |
- traefik.http.routers.pihole0.entrypoints=http | |
- traefik.http.routers.pihole0.rule=Host(`example.com`) | |
- traefik.http.routers.pihole0.middlewares=to_https | |
- traefik.http.routers.pihole.entrypoints=https | |
- traefik.http.routers.pihole.rule=Host(`example.com`) | |
- traefik.http.routers.pihole.tls=true | |
- traefik.http.routers.pihole.tls.certresolver=le | |
- traefik.http.routers.pihole.middlewares=pihole-prefix | |
- traefik.http.middlewares.pihole-prefix.addprefix.prefix=/admin | |
networks: | |
traefik_proxy: | |
external: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: "2" | |
# Manage docker containers | |
services: | |
portainer: | |
container_name: portainer | |
image: portainer/portainer-ce:alpine | |
restart: always | |
networks: | |
- traefik_proxy | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock | |
- ./data/:/data/ | |
labels: | |
- traefik.enable=true | |
- traefik.http.services.portainer.loadbalancer.server.port=9000 | |
- traefik.http.routers.portainer0.entrypoints=http | |
- traefik.http.routers.portainer0.rule=Host(`example.com`) | |
- traefik.http.routers.portainer0.middlewares=to_https | |
- traefik.http.routers.portainer.entrypoints=https | |
- traefik.http.routers.portainer.rule=Host(`example.com`) | |
- traefik.http.routers.portainer.tls=true | |
- traefik.http.routers.portainer.tls.certresolver=le | |
networks: | |
traefik_proxy: | |
external: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ACME_EMAIL=REPLACE_ME | |
CLOUDFLARE_EMAIL=REPLACE_ME | |
CLOUDFLARE_API_KEY=REPLACE_ME | |
PILOT_TOKEN=GIVEN_BY_TRAEFIK | |
TRAEFIK_USERS=admin:GENERATE_ME | |
TRAEFIK_URL=example.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: "2" | |
# Manage domain access to services | |
services: | |
traefik: | |
container_name: traefik | |
image: traefik | |
command: | |
- --api.dashboard=true | |
- --certificatesresolvers.le.acme.email=${ACME_EMAIL} | |
- --certificatesresolvers.le.acme.storage=acme.json | |
# - --certificatesresolvers.le.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory | |
- --certificatesresolvers.le.acme.dnschallenge=true | |
- --certificatesresolvers.le.acme.dnschallenge.provider=cloudflare | |
- --entrypoints.http.address=:80 | |
- --entrypoints.https.address=:443 | |
- --global.sendAnonymousUsage | |
- --log.level=INFO | |
- --providers.docker=true | |
- --providers.docker.exposedbydefault=false | |
- --providers.docker.network=traefik_proxy | |
- --pilot.token=${PILOT_TOKEN} | |
restart: always | |
networks: | |
- traefik_proxy | |
ports: | |
- "80:80" | |
- "443:443" | |
dns: | |
- 1.1.1.1 | |
- 1.0.0.1 | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock:ro | |
- ./acme.json:/acme.json | |
# - ./acme-staging.json:/acme.json | |
environment: | |
CF_API_EMAIL: ${CLOUDFLARE_EMAIL} | |
CF_API_KEY: ${CLOUDFLARE_API_KEY} | |
labels: | |
- traefik.enable=true | |
- traefik.http.routers.traefik0.entrypoints=http | |
- traefik.http.routers.traefik0.rule=Host(`${TRAEFIK_URL}`) | |
- traefik.http.routers.traefik0.middlewares=to_https | |
- traefik.http.routers.traefik.entrypoints=https | |
- traefik.http.routers.traefik.rule=Host(`${TRAEFIK_URL}`) | |
- traefik.http.routers.traefik.middlewares=traefik_auth | |
- traefik.http.routers.traefik.tls=true | |
- traefik.http.routers.traefik.tls.certresolver=le | |
- traefik.http.routers.traefik.service=api@internal | |
# Declaring the user list | |
# | |
# Note: all dollar signs in the hash need to be doubled for escaping. | |
# To create user:password pair, it's possible to use this command: | |
# echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g | |
- traefik.http.middlewares.traefik_auth.basicauth.users=${TRAEFIK_USERS} | |
# Standard middleware for other containers to use | |
- traefik.http.middlewares.to_https.redirectscheme.scheme=https | |
- traefik.http.middlewares.to_https_perm.redirectscheme.scheme=https | |
- traefik.http.middlewares.to_https_perm.redirectscheme.permanent=true | |
networks: | |
traefik_proxy: | |
external: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: "2.2" | |
services: | |
mongo: | |
image: mongo:3.6 | |
restart: always | |
networks: | |
- default | |
volumes: | |
- ./database:/data/db | |
- ./database-config:/data/configdb | |
controller: | |
image: jacobalberty/unifi:${TAG:-latest} | |
restart: always | |
depends_on: | |
- mongo | |
networks: | |
- default | |
dns: | |
- 1.1.1.1 | |
- 1.0.0.1 | |
init: true | |
volumes: | |
- ./unifi:/unifi | |
environment: | |
DB_URI: mongodb://mongo/unifi | |
STATDB_URI: mongodb://mongo/unifi_stat | |
DB_NAME: | |
RUNAS_UID0: "false" | |
UNIFI_UID: 1000 | |
UNIFI_GID: 1000 | |
TZ: Europe/Zurich | |
ports: | |
- 3478:3478/udp # STUN | |
- 6789:6789/tcp # Speed test | |
- 8080:8080/tcp # Device/ controller comm. | |
- 8443:8443/tcp # Controller GUI/API as seen in a web browser | |
- 8880:8880/tcp # HTTP portal redirection | |
- 8843:8843/tcp # HTTPS portal redirection | |
- 10001:10001/udp # AP discovery | |
logs: | |
image: bash | |
command: bash -c 'tail -F /unifi/log/*.log' | |
restart: always | |
depends_on: | |
- controller | |
volumes: | |
- ./unifi/log:/unifi/log | |
# networks: | |
# internal: | |
# external: false |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment