Skip to content

Instantly share code, notes, and snippets.

@Darkflib
Forked from anonymous/access.txt
Created June 19, 2019 22:08
Show Gist options
  • Save Darkflib/c7ffdcda18977aa82e20b2126c5884a9 to your computer and use it in GitHub Desktop.
Save Darkflib/c7ffdcda18977aa82e20b2126c5884a9 to your computer and use it in GitHub Desktop.
username
password
version: '2.1'
networks:
default:
ipam:
driver: default
services:
plex:
container_name: plex
image: plexinc/pms-docker
restart: unless-stopped
environment:
TZ: 'Europe/London'
PLEX_CLAIM: <ENTER CLAIM ID HERE>
network_mode: host
volumes:
- /mnt/user/config/plex:/config
- /tmp:/transcode
- /mnt/user/media:/data
transmission:
image: linuxserver/transmission:48
depends_on:
- vpn
environment:
TZ: 'Europe/London'
PGID: 1000
PUID: 1000
network_mode: "service:vpn"
tmpfs:
- /tmp
restart: unless-stopped
stdin_open: true
tty: true
volumes:
- /mnt/user/config/transmission:/config
- /mnt/user/media/downloads:/downloads
jackett:
image: linuxserver/jackett
depends_on:
- vpn
restart: always
network_mode: "service:vpn"
environment:
PGID: 1000
PUID: 1000
TZ: Europe/London
volumes:
- /mnt/user/config/jackett:/config
- /mnt/user/media/downloads/jackett:/downloads
radarr:
image: linuxserver/radarr
depends_on:
- vpn
restart: always
network_mode: "service:vpn"
environment:
PGID: 1000
PUID: 1000
TZ: Europe/London
volumes:
- /mnt/user/config/radarr:/config
- /mnt/user/media/downloads/complete:/downloads
- /mnt/user/media/movies:/movies
sonarr:
image: linuxserver/sonarr
depends_on:
- vpn
restart: always
network_mode: "service:vpn"
environment:
PGID: 1000
PUID: 1000
TZ: Europe/London
volumes:
- /mnt/user/config/sonarr:/config
- /mnt/user/media/downloads/complete:/downloads
- /mnt/user/media/tvshows:/tv
# muximux:
# image: linuxserver/muximux
# depends_on:
# - vpn
# restart: always
# network_mode: "service:vpn"
# environment:
# PGID: 1000
# PUID: 1000
# TZ: Europe/London
# ports:
# - 6262:80
# volumes:
# - /mnt/user/config/muximux:/config
vpn:
image: dperson/openvpn-client
cap_add:
- net_admin
dns:
- 8.8.4.4
- 8.8.8.8
environment:
TZ: 'Europe/London'
read_only: true
tmpfs:
- /tmp
restart: unless-stopped
security_opt:
- label:disable
stdin_open: true
tty: true
volumes:
- /dev/net:/dev/net:z
- /mnt/user/config/vpn:/vpn
web:
image: nginx
depends_on:
- transmission
- sonarr
- jackett
- radarr
# - muximux
environment:
TZ: 'Europe/London'
IPV6: 0
links:
- vpn:transmission
- vpn:sonarr
- vpn:jackett
- vpn:radarr
# - vpn:muximux
ports:
- "8080:80"
- "443:443"
read_only: true
volumes:
- /mnt/user/config/nginx/nginx.conf:/etc/nginx/conf.d/main.conf:ro
- /mnt/user/config/nginx/ssl:/etc/nginx/ssl:ro
tmpfs:
- /run
- /tmp
- /var/cache/nginx
restart: unless-stopped
stdin_open: true
tty: true
# HTTPS server
#
server {
listen 443 ssl http2;
root /srv/www;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
# Make site accessible from http://localhost/
server_name sonarr.example.com;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
error_log stderr;
location / {
proxy_pass http://sonarr:8989;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
## Required for websockets
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_read_timeout 600s;
## Optional: Do not log, get it at the destination
access_log off;
}
}
server {
listen 443 ssl http2;
root /srv/www;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
# Make site accessible from http://localhost/
server_name radarr.example.com;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
error_log stderr;
location / {
proxy_pass http://radarr:7878;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
## Required for websockets
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_read_timeout 600s;
## Optional: Do not log, get it at the destination
access_log off;
}
}
server {
listen 443 ssl http2;
root /srv/www;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
# Make site accessible from http://localhost/
server_name jackett.example.com;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
error_log stderr;
location / {
proxy_pass http://jackett:9117;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
## Required for websockets
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_read_timeout 600s;
## Optional: Do not log, get it at the destination
access_log off;
}
}
server {
listen 443 ssl http2;
root /srv/www;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
# Make site accessible from http://localhost/
server_name transmission.example.com;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
error_log stderr;
location / {
proxy_pass http://transmission:9091;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
## Required for websockets
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_read_timeout 600s;
## Optional: Do not log, get it at the destination
access_log off;
}
}
server {
listen 443 ssl http2;
root /srv/www;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
# Make site accessible from http://localhost/
server_name muximux.example.com;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
error_log stderr;
location / {
proxy_pass http://muximux:6262;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
## Required for websockets
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_read_timeout 600s;
## Optional: Do not log, get it at the destination
access_log off;
}
}
server {
listen 80;
root /srv/www;
# Make site accessible from http://localhost/
server_name sonarr.example.com;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
error_log stderr notice;
location / {
proxy_pass http://sonarr:8989;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
## Required for websockets
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_read_timeout 600s;
## Optional: Do not log, get it at the destination
access_log off;
}
}
server {
listen 80;
root /srv/www;
# Make site accessible from http://localhost/
server_name radarr.example.com;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
error_log stderr notice;
location / {
proxy_pass http://radarr:7878;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
## Required for websockets
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_read_timeout 600s;
## Optional: Do not log, get it at the destination
access_log off;
}
}
server {
listen 80;
root /srv/www;
# Make site accessible from http://localhost/
server_name jackett.example.com;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
error_log stderr notice;
location / {
proxy_pass http://jackett:9117;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
## Required for websockets
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_read_timeout 600s;
## Optional: Do not log, get it at the destination
access_log off;
}
}
server {
listen 80;
root /srv/www;
# Make site accessible from http://localhost/
server_name transmission.example.com;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
error_log stderr notice;
location / {
proxy_pass http://transmission:9091;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
## Required for websockets
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_read_timeout 600s;
## Optional: Do not log, get it at the destination
access_log off;
}
}
server {
listen 80;
root /srv/www;
# Make site accessible from http://localhost/
server_name tv.example.com;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
error_log stderr notice;
location / {
proxy_pass http://muximux:6262;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
## Required for websockets
proxy_http_version 1.1;
proxy_set_header Connection "upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_read_timeout 600s;
## Optional: Do not log, get it at the destination
access_log off;
}
}
client
dev tun
proto udp
remote kiv-c01.ipvanish.com 443
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
ca /vpn/ca.ipvanish.com.crt
verify-x509-name kiv-c01.ipvanish.com name
auth-user-pass /vpn/access.txt
comp-lzo
verb 3
auth SHA256
cipher AES-256-CBC
keysize 256
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment