Skip to content

Instantly share code, notes, and snippets.

@D3strukt0r

D3strukt0r/ddclient$ddclient.conf

Last active November 21, 2021 23:51
Show Gist options
  • Save D3strukt0r/d0e52c8b30f8c1d3f63db39cca008ee5 to your computer and use it in GitHub Desktop.
Save D3strukt0r/d0e52c8b30f8c1d3f63db39cca008ee5 to your computer and use it in GitHub Desktop.
Download ZIP
Server config
Raw
ddclient$ddclient.conf
######################################################################
##
## Define default global variables with lines like:
## var=value [, var=value]*
## These values will be used for each following host unless overridden
## with a local variable definition.
##
## Define local variables for one or more hosts with:
## var=value [, var=value]* host.and.domain[,host2.and.domain...]
##
## Lines can be continued on the following line by ending the line
## with a \
##
##
## Warning: not all supported routers or dynamic DNS services
## are mentioned here.
##
######################################################################
daemon=600 # check every 600 seconds
syslog=yes # log update msgs to syslog
#mail=root # mail all msgs to root
#mail-failure=root # mail failed update msgs to root
pid=/var/run/ddclient/ddclient.pid # record PID in file.
ssl=yes # use ssl-support. Works with
# ssl-library
# postscript=script # run script after updating. The
# new IP is added as argument.
#
#use=watchguard-soho, fw=192.168.111.1:80 # via Watchguard's SOHO FW
#use=netopia-r910, fw=192.168.111.1:80 # via Netopia R910 FW
#use=smc-barricade, fw=192.168.123.254:80 # via SMC's Barricade FW
#use=netgear-rt3xx, fw=192.168.0.1:80 # via Netgear's internet FW
#use=linksys, fw=192.168.1.1:80 # via Linksys's internet FW
#use=maxgate-ugate3x00, fw=192.168.0.1:80 # via MaxGate's UGATE-3x00 FW
#use=elsa-lancom-dsl10, fw=10.0.0.254:80 # via ELSA LanCom DSL/10 DSL Router
#use=elsa-lancom-dsl10-ch01, fw=10.0.0.254:80 # via ELSA LanCom DSL/10 DSL Router
#use=elsa-lancom-dsl10-ch02, fw=10.0.0.254:80 # via ELSA LanCom DSL/10 DSL Router
#use=alcatel-stp, fw=10.0.0.138:80 # via Alcatel Speed Touch Pro
#use=xsense-aero, fw=192.168.1.1:80 # via Xsense Aero Router
#use=allnet-1298, fw=192.168.1.1:80 # via AllNet 1298 DSL Router
#use=3com-oc-remote812, fw=192.168.0.254:80 # via 3com OfficeConnect Remote 812
#use=e-tech, fw=192.168.1.1:80 # via E-tech Router
#use=cayman-3220h, fw=192.168.0.1:1080 # via Cayman 3220-H DSL Router
#
#fw-login=admin, fw-password=XXXXXX # FW login and password
#
## To obtain an IP address from FW status page (using fw-login, fw-password)
#use=fw, fw=192.168.1.254/status.htm, fw-skip='IP Address' # found after IP Address
#
## To obtain an IP address from Web status page (using the proxy if defined)
## by default, checkip.dyndns.org is used if you use the dyndns protocol.
## Using use=web is enough to get it working.
## WARNING: set deamon at least to 600 seconds if you use checkip or you could
## get banned from their service.
#use=web, web=checkip.dyndns.org/, web-skip='IP Address' # found after IP Address
#use=web, web=checkip.dyndns.org/, web-skip='Current IP Address: '
use=web, web=api.ipify.org,
#
#use=ip, ip=127.0.0.1 # via static IP's
#use=if, if=eth0 # via interfaces
#use=web # via web
#use=cmd, cmd=/config/checkip.sh, cmd-skip='IP Address' # found after IP Address
#
#protocol=dyndns2 # default protocol
#proxy=fasthttp.sympatico.ca:80 # default proxy
#server=members.dyndns.org # default server
#server=members.dyndns.org:8245 # default server (bypassing proxies)
#login=your-login # default login
#password=test # default password
#mx=mx.for.your.host # default MX
#backupmx=yes|no # host is primary MX?
#wildcard=yes|no # add wildcard CNAME?
##
## CloudFlare (www.cloudflare.com)
##
protocol=cloudflare, \
zone=REPLACE_ME, \
ttl=1, \
login=REPLACE_ME, \
password=REPLACE_ME \
example.com, sub.example.com
protocol=cloudflare, \
zone=REPLACE_ME, \
ttl=1, \
login=REPLACE_ME, \
password=REPLACE_ME \
example2.com
Raw
ddclient$docker-compose.yml
version: "2"
# Update dynamic IP address on Cloudflare
services:
ddclient:
container_name: ddclient
image: linuxserver/ddclient
restart: always
dns:
- 1.1.1.1
- 1.0.0.1
volumes:
- ./ddclient.conf:/config/ddclient.conf:ro
environment:
- TZ=Europe/Zurich
Raw
mail$docker-compose.yml
# This file is auto-generated by the Mailu configuration wizard.
# Please read the documentation before attempting any change.
# Generated for compose flavor
version: '2.2'
services:
# External dependencies
redis:
image: redis:alpine
restart: always
networks:
- default
- internal
volumes:
- "./redis:/data"
db:
image: mariadb
command:
- --character-set-server=utf8mb4
- --collation-server=utf8mb4_unicode_ci
healthcheck:
# https://github.com/docker-library/healthcheck/blob/master/mysql/docker-healthcheck
test: mysqladmin -u${DB_USERNAME:-root} --password=REPLACE_ME --silent ping >/dev/null || exit 1
interval: 10s
timeout: 5s
retries: 3
restart: always
networks:
- default
- internal
volumes:
- ./database:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: l2TNdvIRlgAa557oTBpe
MYSQL_USER: mail
MYSQL_PASSWORD: Tqi9ZeiGQotba6fC4NXE
MYSQL_DATABASE: mail
# Core services
front:
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}nginx:${MAILU_VERSION:-1.7}
restart: always
env_file: mailu.env
networks:
- default
- internal
- traefik_proxy
logging:
driver: json-file
ports:
- "25:25"
- "465:465"
- "587:587"
- "110:110"
- "995:995"
- "143:143"
- "993:993"
volumes:
- "./certs:/certs"
- "./overrides/nginx:/overrides"
labels:
- traefik.enable=true
- traefik.http.services.mail.loadbalancer.server.port=80
- traefik.http.routers.mail0.entrypoints=http
- traefik.http.routers.mail0.rule=Host(`REPLACE_ME`)
- traefik.http.routers.mail0.middlewares=to_https
- traefik.http.routers.mail.entrypoints=https
- traefik.http.routers.mail.rule=Host(`REPLACE_ME`)
- traefik.http.routers.mail.tls=true
- traefik.http.routers.mail.tls.certresolver=le
# - traefik.http.routers.mail.tls.domains[0].main=REPLACE_ME
# - traefik.http.routers.mail.tls.domains[0].sans=REPLACE_ME
certdumper:
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}traefik-certdumper:${MAILU_VERSION:-master}
restart: always
environment:
# Make sure this is the same as the main=-domain in traefik.toml
DOMAIN: REPLACE_ME
TRAEFIK_VERSION: v2
networks:
- default
- internal
volumes:
# Folder, which contains the acme.json
- "../traefik/acme.json:/traefik/acme.json:ro"
# Folder, where cert.pem and key.pem will be written
- "./certs:/output"
resolver:
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}unbound:${MAILU_VERSION:-1.7}
env_file: mailu.env
restart: always
networks:
- default
- internal
networks:
default:
ipv4_address: 10.5.0.254
dns:
- 1.1.1.1
- 1.0.0.1
admin:
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}admin:${MAILU_VERSION:-1.7}
restart: always
env_file: mailu.env
networks:
- default
- internal
volumes:
- "./data:/data"
- "./dkim:/dkim"
depends_on:
- redis
imap:
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}dovecot:${MAILU_VERSION:-1.7}
restart: always
env_file: mailu.env
networks:
- default
- internal
volumes:
- "./mail:/mail"
- "./overrides:/overrides"
depends_on:
- front
smtp:
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}postfix:${MAILU_VERSION:-1.7}
restart: always
env_file: mailu.env
networks:
- default
- internal
volumes:
- "./overrides:/overrides"
depends_on:
- front
- resolver
dns:
- 10.5.0.254
antispam:
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rspamd:${MAILU_VERSION:-1.7}
restart: always
env_file: mailu.env
networks:
- default
- internal
volumes:
- "./filter:/var/lib/rspamd"
- "./dkim:/dkim"
- "./overrides/rspamd:/etc/rspamd/override.d"
depends_on:
- front
- resolver
dns:
- 10.5.0.254
# Optional services
antivirus:
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}clamav:${MAILU_VERSION:-1.7}
restart: always
env_file: mailu.env
networks:
- default
- internal
volumes:
- "./filter:/data"
depends_on:
- resolver
dns:
- 10.5.0.254
webdav:
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}radicale:${MAILU_VERSION:-1.7}
restart: always
env_file: mailu.env
networks:
- default
- internal
volumes:
- "./dav:/data"
fetchmail:
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}fetchmail:${MAILU_VERSION:-1.7}
restart: always
env_file: mailu.env
networks:
- default
- internal
depends_on:
- resolver
dns:
- 10.5.0.254
# Webmail
webmail:
image: ${DOCKER_ORG:-mailu}/${DOCKER_PREFIX:-}rainloop:${MAILU_VERSION:-1.7}
restart: always
env_file: mailu.env
networks:
- default
- internal
volumes:
- "./webmail:/data"
depends_on:
- imap
networks:
default:
driver: bridge
ipam:
driver: default
config:
# - subnet: 192.168.200.0/24
- subnet: 10.5.0.0/16
internal:
external: false
traefik_proxy:
external: true
Raw
mail$mailu.env
# Mailu main configuration file
#
# This file is autogenerated by the configuration management wizard for compose flavor.
# For a detailed list of configuration variables, see the documentation at
# https://mailu.io
###################################
# Common configuration variables
###################################
# Set to a randomly generated 16 bytes string
SECRET_KEY=REPLACE_ME
# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)
SUBNET=10.5.0.0/16
# Main mail domain
DOMAIN=example.com
# Hostnames for this server, separated with comas
HOSTNAMES=isp-reverse-domain.com,example.com,example2.com
# Postmaster local part (will append the main mail domain)
POSTMASTER=admin
# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
TLS_FLAVOR=mail
# Authentication rate limit (per source IP address)
AUTH_RATELIMIT=10/minute;1000/hour
# Opt-out of statistics, replace with "True" to opt out
DISABLE_STATISTICS=False
###################################
# Optional features
###################################
# Expose the admin interface (value: true, false)
ADMIN=true
# Choose which webmail to run if any (values: roundcube, rainloop, none)
WEBMAIL=rainloop
# Dav server implementation (value: radicale, none)
WEBDAV=radicale
# Antivirus solution (value: clamav, none)
ANTIVIRUS=clamav
# docker-compose exec admin flask mailu admin admin example.com PASSWORD
# The first part of the e-mail address (ROOT@example.com)
# INITIAL_ADMIN_ACCOUNT=admin
# The domain appendix. Most probably identical to the DOMAIN variable
# INITIAL_ADMIN_DOMAIN=example.com
# The chosen password for the user
# INITIAL_ADMIN_PW="y7xyr2hMietoZORcBb05"
###################################
# Mail settings
###################################
# Message size limit in bytes
# Default: accept messages up to 50MB
# Max attachment size will be 33% smaller
MESSAGE_SIZE_LIMIT=50000000
# Networks granted relay permissions
# Use this with care, all hosts in this networks will be able to send mail without authentication!
RELAYNETS=
# Will relay all outgoing mails if configured
RELAYHOST=
# Fetchmail delay
FETCHMAIL_DELAY=600
# Recipient delimiter, character used to delimiter localpart from custom address part
RECIPIENT_DELIMITER=+
# DMARC rua and ruf email
DMARC_RUA=admin
DMARC_RUF=admin
# Welcome email, enable and set a topic and body if you wish to send welcome
# emails to all users.
WELCOME=false
WELCOME_SUBJECT=Welcome to your new email account
WELCOME_BODY=Welcome to your new email account, if you can read this, then it is configured properly!
# Maildir Compression
# choose compression-method, default: none (value: bz2, gz)
COMPRESSION=
# change compression-level, default: 6 (value: 1-9)
COMPRESSION_LEVEL=
###################################
# Web settings
###################################
# Path to redirect / to
WEBROOT_REDIRECT=/webmail
# Path to the admin interface if enabled
WEB_ADMIN=/admin
# Path to the webmail if enabled
WEB_WEBMAIL=/webmail
# Website name
SITENAME=Mail
# Linked Website URL
WEBSITE=https://REPLACE_ME
###################################
# Advanced settings
###################################
# Log driver for front service. Possible values:
# json-file (default)
# journald (On systemd platforms, useful for Fail2Ban integration)
# syslog (Non systemd platforms, Fail2Ban integration. Disables `docker-compose log` for front!)
# LOG_DRIVER=json-file
# Docker-compose project name, this will prepended to containers names.
COMPOSE_PROJECT_NAME=mailu
# Default password scheme used for newly created accounts and changed passwords
# (value: BLF-CRYPT, SHA512-CRYPT, SHA256-CRYPT, MD5-CRYPT, CRYPT)
PASSWORD_SCHEME=BLF-CRYPT
# Header to take the real ip from
REAL_IP_HEADER=
# IPs for nginx set_real_ip_from (CIDR list separated by commas)
REAL_IP_FROM=
# choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no)
REJECT_UNLISTED_RECIPIENT=
# Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
LOG_LEVEL=WARNING
###################################
# Database settings
###################################
DB_FLAVOR=mysql
DB_USER=mail
DB_PW=REPLACE_ME
DB_HOST=db
DB_NAME=mail
Raw
ouroboros$docker-compose.yml
version: "2"
# Auto Update containers when new version is available
services:
ouroboros:
container_name: ouroboros
image: pyouroboros/ouroboros
restart: always
hostname: ouroboros
dns:
- 1.1.1.1
- 1.0.0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- CLEANUP=true
- INTERVAL=300
- LOG_LEVEL=info
- SELF_UPDATE=true
- IGNORE=mongo influxdb postgres mariadb
- TZ=Europe/Zurich
Raw
pihole$.env
PI_HOLE_PASSWORD=REPLACE_ME
Raw
pihole$docker-compose.yml
version: "2"
# Manage local blocked domain list
# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/
services:
pihole:
container_name: pihole
image: pihole/pihole
restart: always
networks:
- traefik_proxy
volumes:
- ./pihole/:/etc/pihole/
- ./dnsmasq.d/:/etc/dnsmasq.d/
ports:
- 53:53/tcp
- 53:53/udp
- 67:67/udp
dns:
- 127.0.0.1
environment:
TZ: "Europe/Zurich"
WEBPASSWORD: ${PI_HOLE_PASSWORD}
DNS1: 1.1.1.1
DNS2: 1.0.0.1
VIRTUAL_HOST: example.com
# DNSSEC: "true"
# IPv6: "true"
labels:
- traefik.enable=true
- traefik.http.services.pihole.loadbalancer.server.port=80
- traefik.http.routers.pihole0.entrypoints=http
- traefik.http.routers.pihole0.rule=Host(`example.com`)
- traefik.http.routers.pihole0.middlewares=to_https
- traefik.http.routers.pihole.entrypoints=https
- traefik.http.routers.pihole.rule=Host(`example.com`)
- traefik.http.routers.pihole.tls=true
- traefik.http.routers.pihole.tls.certresolver=le
- traefik.http.routers.pihole.middlewares=pihole-prefix
- traefik.http.middlewares.pihole-prefix.addprefix.prefix=/admin
networks:
traefik_proxy:
external: true
Raw
portainer$docker-compose.yml
version: "2"
# Manage docker containers
services:
portainer:
container_name: portainer
image: portainer/portainer-ce:alpine
restart: always
networks:
- traefik_proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./data/:/data/
labels:
- traefik.enable=true
- traefik.http.services.portainer.loadbalancer.server.port=9000
- traefik.http.routers.portainer0.entrypoints=http
- traefik.http.routers.portainer0.rule=Host(`example.com`)
- traefik.http.routers.portainer0.middlewares=to_https
- traefik.http.routers.portainer.entrypoints=https
- traefik.http.routers.portainer.rule=Host(`example.com`)
- traefik.http.routers.portainer.tls=true
- traefik.http.routers.portainer.tls.certresolver=le
networks:
traefik_proxy:
external: true
Raw
traefik$.env
ACME_EMAIL=REPLACE_ME
CLOUDFLARE_EMAIL=REPLACE_ME
CLOUDFLARE_API_KEY=REPLACE_ME
PILOT_TOKEN=GIVEN_BY_TRAEFIK
TRAEFIK_USERS=admin:GENERATE_ME
TRAEFIK_URL=example.com
Raw
traefik$docker-compose.yml
version: "2"
# Manage domain access to services
services:
traefik:
container_name: traefik
image: traefik
command:
- --api.dashboard=true
- --certificatesresolvers.le.acme.email=${ACME_EMAIL}
- --certificatesresolvers.le.acme.storage=acme.json
# - --certificatesresolvers.le.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.le.acme.dnschallenge=true
- --certificatesresolvers.le.acme.dnschallenge.provider=cloudflare
- --entrypoints.http.address=:80
- --entrypoints.https.address=:443
- --global.sendAnonymousUsage
- --log.level=INFO
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --providers.docker.network=traefik_proxy
- --pilot.token=${PILOT_TOKEN}
restart: always
networks:
- traefik_proxy
ports:
- "80:80"
- "443:443"
dns:
- 1.1.1.1
- 1.0.0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./acme.json:/acme.json
# - ./acme-staging.json:/acme.json
environment:
CF_API_EMAIL: ${CLOUDFLARE_EMAIL}
CF_API_KEY: ${CLOUDFLARE_API_KEY}
labels:
- traefik.enable=true
- traefik.http.routers.traefik0.entrypoints=http
- traefik.http.routers.traefik0.rule=Host(`${TRAEFIK_URL}`)
- traefik.http.routers.traefik0.middlewares=to_https
- traefik.http.routers.traefik.entrypoints=https
- traefik.http.routers.traefik.rule=Host(`${TRAEFIK_URL}`)
- traefik.http.routers.traefik.middlewares=traefik_auth
- traefik.http.routers.traefik.tls=true
- traefik.http.routers.traefik.tls.certresolver=le
- traefik.http.routers.traefik.service=api@internal
# Declaring the user list
#
# Note: all dollar signs in the hash need to be doubled for escaping.
# To create user:password pair, it's possible to use this command:
# echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g
- traefik.http.middlewares.traefik_auth.basicauth.users=${TRAEFIK_USERS}
# Standard middleware for other containers to use
- traefik.http.middlewares.to_https.redirectscheme.scheme=https
- traefik.http.middlewares.to_https_perm.redirectscheme.scheme=https
- traefik.http.middlewares.to_https_perm.redirectscheme.permanent=true
networks:
traefik_proxy:
external: true
Raw
unifi-controller$docker-compose.yml
version: "2.2"
services:
mongo:
image: mongo:3.6
restart: always
networks:
- default
volumes:
- ./database:/data/db
- ./database-config:/data/configdb
controller:
image: jacobalberty/unifi:${TAG:-latest}
restart: always
depends_on:
- mongo
networks:
- default
dns:
- 1.1.1.1
- 1.0.0.1
init: true
volumes:
- ./unifi:/unifi
environment:
DB_URI: mongodb://mongo/unifi
STATDB_URI: mongodb://mongo/unifi_stat
DB_NAME:
RUNAS_UID0: "false"
UNIFI_UID: 1000
UNIFI_GID: 1000
TZ: Europe/Zurich
ports:
- 3478:3478/udp # STUN
- 6789:6789/tcp # Speed test
- 8080:8080/tcp # Device/ controller comm.
- 8443:8443/tcp # Controller GUI/API as seen in a web browser
- 8880:8880/tcp # HTTP portal redirection
- 8843:8843/tcp # HTTPS portal redirection
- 10001:10001/udp # AP discovery
logs:
image: bash
command: bash -c 'tail -F /unifi/log/*.log'
restart: always
depends_on:
- controller
volumes:
- ./unifi/log:/unifi/log
# networks:
# internal:
# external: false
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment