From dc8cd9c4d15e0f5a93ab2937ec45e76c36be3140 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Kucharczyk?= Date: Tue, 5 Dec 2023 10:55:22 +0100 Subject: [PATCH] improve networking --- docker-compose.yml | 118 ++++++++++++++++++++------------------- services/bazarr.yml | 3 +- services/jellyfin.yml | 3 +- services/jelu.yml | 3 +- services/komga.yml | 3 +- services/miniflux.yml | 4 +- services/radarr.yml | 3 +- services/sonarr.yml | 6 +- services/uptime-kuma.yml | 3 +- 9 files changed, 80 insertions(+), 66 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index febcdfd..2f2f54d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -29,8 +29,8 @@ services: - "/www/notes:/srv/notes" - "timetracker-static:/srv/timetracker" networks: - - public - - caddy + public: + ipv4_address: 192.168.240.2 profiles: - infra - base @@ -54,8 +54,8 @@ services: depends_on: - caddy networks: - - caddy - - public + public: + ipv4_address: 192.168.240.3 profiles: - base restart: unless-stopped @@ -71,7 +71,8 @@ services: ports: - "${TRILIUM_EXTERNAL_PORT}:${TRILIUM_INTERNAL_PORT}" networks: - - public + public: + ipv4_address: 192.168.240.4 profiles: - base @@ -89,7 +90,8 @@ services: ports: - "${NTFY_EXTERNAL_PORT}:${NTFY_INTERNAL_PORT}" networks: - - public + public: + ipv4_address: 192.168.240.5 profiles: - base - infra @@ -110,7 +112,8 @@ services: ports: - "${AUDIOBOOKSHELF_EXTERNAL_PORT}:${AUDIOBOOKSHELF_INTERNAL_PORT}" networks: - - public + public: + ipv4_address: 192.168.240.6 profiles: - disabled restart: unless-stopped @@ -129,7 +132,8 @@ services: ports: - 8337:8337 networks: - - public + public: + ipv4_address: 192.168.240.7 profiles: - base restart: unless-stopped @@ -148,7 +152,8 @@ services: ports: - ${MEALIE_EXTERNAL_PORT}:${MEALIE_INTERNAL_PORT} networks: - - public + public: + ipv4_address: 192.168.240.8 restart: unless-stopped rtorrent: @@ -170,7 +175,8 @@ services: - "8118:8118" - "6881:6881" networks: - - public + public: + ipv4_address: 192.168.240.9 profiles: - base restart: unless-stopped @@ -188,7 +194,8 @@ services: ports: - "${WEBHOOK_EXTERNAL_PORT}:${WEBHOOK_INTERNAL_PORT}" networks: - - public + public: + ipv4_address: 192.168.240.10 profiles: - base - infra @@ -207,7 +214,8 @@ services: cap_add: - SYS_NICE networks: - - public + public: + ipv4_address: 192.168.240.11 profiles: - disabled restart: unless-stopped @@ -222,7 +230,8 @@ services: - 26900-26902:26900-26902/udp - 18500:8080 networks: - - public + public: + ipv4_address: 192.168.240.12 profiles: - disabled restart: unless-stopped @@ -263,7 +272,8 @@ services: ## Where to store binary blob data (scene covers, images) - "${DOCKER_STORAGE_PATH}/stash/blobs:/blobs" networks: - - public + public: + ipv4_address: 192.168.240.13 profiles: - base restart: unless-stopped @@ -280,7 +290,8 @@ services: - "${DOCKER_STORAGE_PATH}/navidrome:/data" - "${STORAGE_PATH}/media/music2:/music" networks: - - public + public: + ipv4_address: 192.168.240.14 profiles: - base restart: unless-stopped @@ -296,7 +307,8 @@ services: volumes: - "${DOCKER_STORAGE_PATH}/maloja:/data" networks: - - public + public: + ipv4_address: 192.168.240.15 profiles: - base restart: unless-stopped @@ -305,7 +317,8 @@ services: container_name: redis image: docker.io/library/redis:7 networks: - - redis + public: + ipv4_address: 192.168.240.30 restart: unless-stopped volumes: - "${DOCKER_STORAGE_PATH}/redis:/data" @@ -321,10 +334,8 @@ services: ports: - "${PAPERLESS_EXTERNAL_PORT}:${PAPERLESS_INTERNAL_PORT}" networks: - - public - - redis - - tika - - gotenberg + public: + ipv4_address: 192.168.240.16 profiles: - base healthcheck: @@ -358,7 +369,8 @@ services: image: docker.io/gotenberg/gotenberg:7.6 restart: unless-stopped networks: - - gotenberg + public: + ipv4_address: 192.168.240.17 # The gotenberg chromium route is used to convert .eml files. We do not # want to allow external content like tracking pixels or even javascript. profiles: @@ -371,7 +383,8 @@ services: tika: image: ghcr.io/paperless-ngx/tika:latest networks: - - tika + public: + ipv4_address: 192.168.240.18 profiles: - base restart: unless-stopped @@ -382,7 +395,8 @@ services: ports: - "${HOMER_EXTERNAL_PORT}:${HOMER_INTERNAL_PORT}" networks: - - public + public: + ipv4_address: 192.168.240.19 profiles: - base volumes: @@ -410,13 +424,15 @@ services: profiles: - base networks: - - public + public: + ipv4_address: 192.168.240.20 mediawiki: container_name: mediawiki image: mediawiki networks: - - public + public: + ipv4_address: 192.168.240.21 depends_on: - mariadb ports: @@ -433,8 +449,8 @@ services: container_name: photoprism image: docker.io/photoprism/photoprism networks: - - mariadb - - public + public: + ipv4_address: 192.168.240.22 ports: - "${PHOTOPRISM_EXTERNAL_PORT}:${PHOTOPRISM_INTERNAL_PORT}" depends_on: @@ -453,8 +469,8 @@ services: container_name: mariadb image: linuxserver/mariadb networks: - - mariadb - - public + public: + ipv4_address: 192.168.240.23 ports: - "${MARIADB_EXTERNAL_PORT}:${MARIADB_INTERNAL_PORT}" volumes: @@ -469,8 +485,8 @@ services: container_name: baserow image: baserow/baserow:latest networks: - - public - - postgres + public: + ipv4_address: 192.168.240.24 depends_on: - postgres env_file: @@ -485,7 +501,8 @@ services: container_name: postgres image: postgres:latest networks: - - postgres + public: + ipv4_address: 192.168.240.25 volumes: - "${DOCKER_STORAGE_PATH}/postgres:/var/lib/postgresql/data" restart: unless-stopped @@ -497,9 +514,8 @@ services: container_name: gitea image: ${REGISTRY_URL}/gitea:latest networks: - - public - - postgres - - gitea + public: + ipv4_address: 192.168.240.26 depends_on: - postgres ports: @@ -519,7 +535,8 @@ services: - "${DOCKER_STORAGE_PATH}/gitearunner/data:/data" - /var/run/docker.sock:/var/run/docker.sock networks: - - gitea + public: + ipv4_address: 192.168.240.27 environment: - GITEA_INSTANCE_URL=https://git.${DOMAIN} - CONFIG_FILE=/config/config.yaml @@ -538,9 +555,8 @@ services: image: linkace/linkace:simple container_name: linkace networks: - - public - - mariadb - - redis + public: + ipv4_address: 192.168.240.28 depends_on: - mariadb - redis @@ -581,7 +597,8 @@ services: image: vaultwarden/server:latest container_name: vaultwarden networks: - - public + public: + ipv4_address: 192.168.240.29 ports: - "${VAULTWARDEN_EXTERNAL_PORT}:${VAULTWARDEN_INTERNAL_PORT}" environment: @@ -598,23 +615,12 @@ services: networks: - caddy: - attachable: true - internal: true - redis: - internal: true - tika: - internal: true - gotenberg: - internal: true public: attachable: true - postgres: - external: true - mariadb: - attachable: true - gitea: - external: false + ipam: + config: + # 192.168.240.1 - 192.168.240.254 + - subnet: "192.168.240.0/24" volumes: timetracker-static: diff --git a/services/bazarr.yml b/services/bazarr.yml index dd0694d..7c5c91a 100644 --- a/services/bazarr.yml +++ b/services/bazarr.yml @@ -6,7 +6,8 @@ services: ports: - "${BAZARR_EXTERNAL_PORT}:${BAZARR_INTERNAL_PORT}" networks: - - public + public: + ipv4_address: 192.168.240.31 volumes: - "${DOCKER_STORAGE_PATH}/bazarr:/config" - "${MOVIE_PATH}:/movies" diff --git a/services/jellyfin.yml b/services/jellyfin.yml index c43f080..6b94fe6 100644 --- a/services/jellyfin.yml +++ b/services/jellyfin.yml @@ -8,7 +8,8 @@ services: - "1900:1900/udp" - "7359:7359/udp" networks: - - public + public: + ipv4_address: 192.168.240.32 volumes: - "${DOCKER_STORAGE_PATH}/jellyfin:/config" - "${MEDIA_PATH}:/data/media" diff --git a/services/jelu.yml b/services/jelu.yml index 3226e79..d858d31 100644 --- a/services/jelu.yml +++ b/services/jelu.yml @@ -10,7 +10,8 @@ services: - ${DOCKER_STORAGE_PATH}/jelu/files/imports:/files/imports - /etc/timezone:/etc/timezone:ro networks: - - public + public: + ipv4_address: 192.168.240.33 environment: SERVER_PORT: 80 SPRING_DATASOURCE_USERNAME: lukas diff --git a/services/komga.yml b/services/komga.yml index 241e2cc..c9d4b89 100644 --- a/services/komga.yml +++ b/services/komga.yml @@ -6,7 +6,8 @@ services: ports: - "6080:25600" networks: - - public + public: + ipv4_address: 192.168.240.34 volumes: - "${DOCKER_STORAGE_PATH}/komga:/config" - "${COMIC_PATH}:/data" diff --git a/services/miniflux.yml b/services/miniflux.yml index d4d61af..e888369 100644 --- a/services/miniflux.yml +++ b/services/miniflux.yml @@ -6,8 +6,8 @@ services: ports: - "8282:8080" networks: - - public - - postgres + public: + ipv4_address: 192.168.240.35 environment: - BASE_URL=https://miniflux.${DOMAIN} - DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres/miniflux?sslmode=disable diff --git a/services/radarr.yml b/services/radarr.yml index 798d533..5dd13e7 100644 --- a/services/radarr.yml +++ b/services/radarr.yml @@ -6,7 +6,8 @@ services: ports: - 7878:7878 networks: - - public + public: + ipv4_address: 192.168.240.36 volumes: - "${DOCKER_STORAGE_PATH}/radarr:/config" - "${NZB_DOWNLOADS_PATH}:/downloads" diff --git a/services/sonarr.yml b/services/sonarr.yml index fe102db..c6a86fe 100644 --- a/services/sonarr.yml +++ b/services/sonarr.yml @@ -4,7 +4,8 @@ services: container_name: sonarr_tv_standard image: linuxserver/sonarr:develop networks: - - public + public: + ipv4_address: 192.168.240.38 ports: - "${SONARR_TV_STANDARD_EXTERNAL_PORT}:${SONARR_INTERNAL_PORT}" environment: @@ -26,7 +27,8 @@ services: container_name: sonarr_anime image: linuxserver/sonarr:develop networks: - - public + public: + ipv4_address: 192.168.240.37 ports: - "${SONARR_ANIME_EXTERNAL_PORT}:${SONARR_INTERNAL_PORT}" environment: diff --git a/services/uptime-kuma.yml b/services/uptime-kuma.yml index c1ab18e..2e1d4f5 100644 --- a/services/uptime-kuma.yml +++ b/services/uptime-kuma.yml @@ -7,7 +7,8 @@ services: - "${DOCKER_STORAGE_PATH}/uptimekuma:/app/data" - "/var/run/docker.sock:/var/run/docker.sock" networks: - - public + public: + ipv4_address: 192.168.240.39 profiles: - base restart: unless-stopped \ No newline at end of file