Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Voorbeeldje
version: "2"
services:
portainer:
image: portainer/portainer
container_name: portainer
ports:
- 9000:9000
labels:
- "traefik.http.routers.portainer.rule=Host(`portainer.example.com`)"
- "traefik.http.routers.portainer.tls=true"
- "traefik.http.routers.portainer.tls.certresolver=certresolver1"
- "traefik.http.services.portainer.loadbalancer.server.port=9000"
- "traefik.http.middlewares.portainer.redirectscheme.scheme=https"
- "traefik.http.middlewares.portainer.redirectscheme.permanent=true"
volumes:
- /volume1/docker/portainer:/data
- /var/run/docker.sock:/var/run/docker.sock
restart: always
heimdall:
image: linuxserver/heimdall
container_name: heimdall
environment:
- PUID=1024
- PGID=101
- TZ=Europe/Brussels
labels:
- "traefik.http.routers.portal.rule=Host(`portal.example.com`)"
- "traefik.http.routers.portal.tls=true"
- "traefik.http.routers.portal.tls.certresolver=certresolver1"
- "traefik.http.middlewares.portal.redirectscheme.scheme=https"
- "traefik.http.middlewares.portal.redirectscheme.permanent=true"
volumes:
- /volume1/docker/heimdall/config:/config
restart: unless-stopped
reverse-proxy:
# The official v2.0 Traefik docker image
image: traefik:v2.2
container_name: proxy
command:
- --entrypoints.web.address=:80
- --entrypoints.web-secure.address=:443
- --certificatesResolvers.certresolver1.acme.dnsChallenge=true
- --certificatesResolvers.certresolver1.acme.dnsChallenge.resolvers=1.1.1.1:53,8.8.8.8:53
- --certificatesResolvers.certresolver1.acme.email=tim@wannabes.be
- --certificatesResolvers.certresolver1.acme.storage=/acme.json
- --certificatesresolvers.certresolver1.acme.dnschallenge.provider=route53
- --certificatesResolvers.certresolver1.acme.dnsChallenge.delayBeforeCheck=0
- --api.insecure=true
- --providers.docker
- --providers.file.directory=/configuration/
- --providers.file.watch=true
- --log.filePath=/logs/traefik.log
- --log.level=INFO
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "/volume1/docker/traefik/configuration/:/configuration/"
- "/volume1/docker/traefik/logs/:/logs/"
- /var/run/docker.sock:/var/run/docker.sock
environment:
- AWS_ACCESS_KEY_ID=xxx
- AWS_SECRET_ACCESS_KEY=xx
- AWS_REGION=eu-west-1
- AWS_HOSTED_ZONE_ID=xxx
labels:
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# global redirect to https
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
- "traefik.http.routers.traefik.tls.domains[0].main=example.com"
- "traefik.http.routers.traefik.tls.domains[0].sans=*.example.com"
extra_hosts:
- host.docker.internal:192.168.1.2
plex:
image: linuxserver/plex:latest
container_name: "plex"
volumes:
- "/volume1/docker/plex:/config:rw"
- "/volume1/docker/plex/transcode:/transcode:rw"
- "/volume1/Personal\ Movies:/other-videos:rw"
environment:
- VERSION=latest
- PGID=1024
- PUID=101
- TZ=Europe/Brussels
- PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
- HOME=/root
- LANGUAGE=en_US.UTF-8
- LANG=en_US.UTF-8
- TERM=xterm
- NVIDIA_DRIVER_CAPABILITIES=compute,video,utility
- DEBIAN_FRONTEND=noninteractive
- PLEX_DOWNLOAD=https://downloads.plex.tv/plex-media-server-new
- PLEX_ARCH=amd64
- PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR=/config/Library/Application Support
- PLEX_MEDIA_SERVER_HOME=/usr/lib/plexmediaserver
- PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS=6
- PLEX_MEDIA_SERVER_INFO_VENDOR=docker
- PLEX_MEDIA_SERVER_INFO_DEVICE=Docker Container (LinuxServer.io)
- PLEX_CLAIM=claim-
labels:
- "traefik.http.routers.plex.rule=Host(`plex.example.com`)"
- "traefik.http.routers.plex.tls=true"
- "traefik.http.routers.plex.tls.certresolver=certresolver1"
- "traefik.http.services.plex.loadbalancer.server.port=32400"
- "traefik.http.middlewares.plex.redirectscheme.scheme=https"
- "traefik.http.middlewares.plex.redirectscheme.permanent=true"
devices:
- "/dev/dri/card0:/dev/dri/card0"
- "/dev/dri/renderD128:/dev/dri/renderD128"
privileged: true
network_mode: "host"
restart: always
watchtower:
image: v2tec/watchtower
container_name: watchtower
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
- "WATCHTOWER_POLL_INTERVAL=7200"
route53-dynamic-dns:
image: sjmayotte/route53-dynamic-dns:v1.1
container_name: route53-dynamic-dns
environment:
- AWS_ACCESS_KEY_ID=x
- AWS_SECRET_ACCESS_KEY=x
- AWS_REGION=eu-west-1
- ROUTE53_HOSTED_ZONE_ID=x
- ROUTE53_DOMAIN=example.com
- ROUTE53_TYPE=A
- ROUTE53_TTL=60
- SEND_EMAIL_SES=true
- SES_TO_ADDRESS=tim@wannabes.be
- SES_FROM_ADDRESS=tim@wannabes.be
- UPDATE_FREQUENCY=60000
pihole:
container_name: pihole
image: pihole/pihole:v5.2.1
networks:
pihole_network:
ipv4_address: 192.168.1.4
volumes:
- "/volume1/docker/pihole/config:/etc/pihole/"
- "/volume1/docker/pihole/dnsmasq.d/:/etc/dnsmasq.d/"
dns:
- 127.0.0.1
- 8.8.8.8
ports:
- 443/tcp
- 53/tcp
- 53/udp
- 67/udp
- 80/tcp
environment:
TZ: Europe/Brussels
WEBPASSWORD: xxxx
ServerIP: 192.168.1.4
restart: unless-stopped
networks:
pihole_network:
driver: macvlan
driver_opts:
parent: eth0
ipam:
config:
- subnet: 192.168.1.0/24
gateway: 192.168.1.1
ip_range: 192.168.1.4/24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment