1
0
Fork 0

improve networking

This commit is contained in:
Lukáš Kucharczyk 2023-12-05 10:55:22 +01:00
parent a4ceafd5f0
commit dc8cd9c4d1
Signed by: lukas
SSH Key Fingerprint: SHA256:vMuSwvwAvcT6htVAioMP7rzzwMQNi3roESyhv+nAxeg
9 changed files with 80 additions and 66 deletions

View File

@ -29,8 +29,8 @@ services:
- "/www/notes:/srv/notes" - "/www/notes:/srv/notes"
- "timetracker-static:/srv/timetracker" - "timetracker-static:/srv/timetracker"
networks: networks:
- public public:
- caddy ipv4_address: 192.168.240.2
profiles: profiles:
- infra - infra
- base - base
@ -54,8 +54,8 @@ services:
depends_on: depends_on:
- caddy - caddy
networks: networks:
- caddy public:
- public ipv4_address: 192.168.240.3
profiles: profiles:
- base - base
restart: unless-stopped restart: unless-stopped
@ -71,7 +71,8 @@ services:
ports: ports:
- "${TRILIUM_EXTERNAL_PORT}:${TRILIUM_INTERNAL_PORT}" - "${TRILIUM_EXTERNAL_PORT}:${TRILIUM_INTERNAL_PORT}"
networks: networks:
- public public:
ipv4_address: 192.168.240.4
profiles: profiles:
- base - base
@ -89,7 +90,8 @@ services:
ports: ports:
- "${NTFY_EXTERNAL_PORT}:${NTFY_INTERNAL_PORT}" - "${NTFY_EXTERNAL_PORT}:${NTFY_INTERNAL_PORT}"
networks: networks:
- public public:
ipv4_address: 192.168.240.5
profiles: profiles:
- base - base
- infra - infra
@ -110,7 +112,8 @@ services:
ports: ports:
- "${AUDIOBOOKSHELF_EXTERNAL_PORT}:${AUDIOBOOKSHELF_INTERNAL_PORT}" - "${AUDIOBOOKSHELF_EXTERNAL_PORT}:${AUDIOBOOKSHELF_INTERNAL_PORT}"
networks: networks:
- public public:
ipv4_address: 192.168.240.6
profiles: profiles:
- disabled - disabled
restart: unless-stopped restart: unless-stopped
@ -129,7 +132,8 @@ services:
ports: ports:
- 8337:8337 - 8337:8337
networks: networks:
- public public:
ipv4_address: 192.168.240.7
profiles: profiles:
- base - base
restart: unless-stopped restart: unless-stopped
@ -148,7 +152,8 @@ services:
ports: ports:
- ${MEALIE_EXTERNAL_PORT}:${MEALIE_INTERNAL_PORT} - ${MEALIE_EXTERNAL_PORT}:${MEALIE_INTERNAL_PORT}
networks: networks:
- public public:
ipv4_address: 192.168.240.8
restart: unless-stopped restart: unless-stopped
rtorrent: rtorrent:
@ -170,7 +175,8 @@ services:
- "8118:8118" - "8118:8118"
- "6881:6881" - "6881:6881"
networks: networks:
- public public:
ipv4_address: 192.168.240.9
profiles: profiles:
- base - base
restart: unless-stopped restart: unless-stopped
@ -188,7 +194,8 @@ services:
ports: ports:
- "${WEBHOOK_EXTERNAL_PORT}:${WEBHOOK_INTERNAL_PORT}" - "${WEBHOOK_EXTERNAL_PORT}:${WEBHOOK_INTERNAL_PORT}"
networks: networks:
- public public:
ipv4_address: 192.168.240.10
profiles: profiles:
- base - base
- infra - infra
@ -207,7 +214,8 @@ services:
cap_add: cap_add:
- SYS_NICE - SYS_NICE
networks: networks:
- public public:
ipv4_address: 192.168.240.11
profiles: profiles:
- disabled - disabled
restart: unless-stopped restart: unless-stopped
@ -222,7 +230,8 @@ services:
- 26900-26902:26900-26902/udp - 26900-26902:26900-26902/udp
- 18500:8080 - 18500:8080
networks: networks:
- public public:
ipv4_address: 192.168.240.12
profiles: profiles:
- disabled - disabled
restart: unless-stopped restart: unless-stopped
@ -263,7 +272,8 @@ services:
## Where to store binary blob data (scene covers, images) ## Where to store binary blob data (scene covers, images)
- "${DOCKER_STORAGE_PATH}/stash/blobs:/blobs" - "${DOCKER_STORAGE_PATH}/stash/blobs:/blobs"
networks: networks:
- public public:
ipv4_address: 192.168.240.13
profiles: profiles:
- base - base
restart: unless-stopped restart: unless-stopped
@ -280,7 +290,8 @@ services:
- "${DOCKER_STORAGE_PATH}/navidrome:/data" - "${DOCKER_STORAGE_PATH}/navidrome:/data"
- "${STORAGE_PATH}/media/music2:/music" - "${STORAGE_PATH}/media/music2:/music"
networks: networks:
- public public:
ipv4_address: 192.168.240.14
profiles: profiles:
- base - base
restart: unless-stopped restart: unless-stopped
@ -296,7 +307,8 @@ services:
volumes: volumes:
- "${DOCKER_STORAGE_PATH}/maloja:/data" - "${DOCKER_STORAGE_PATH}/maloja:/data"
networks: networks:
- public public:
ipv4_address: 192.168.240.15
profiles: profiles:
- base - base
restart: unless-stopped restart: unless-stopped
@ -305,7 +317,8 @@ services:
container_name: redis container_name: redis
image: docker.io/library/redis:7 image: docker.io/library/redis:7
networks: networks:
- redis public:
ipv4_address: 192.168.240.30
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- "${DOCKER_STORAGE_PATH}/redis:/data" - "${DOCKER_STORAGE_PATH}/redis:/data"
@ -321,10 +334,8 @@ services:
ports: ports:
- "${PAPERLESS_EXTERNAL_PORT}:${PAPERLESS_INTERNAL_PORT}" - "${PAPERLESS_EXTERNAL_PORT}:${PAPERLESS_INTERNAL_PORT}"
networks: networks:
- public public:
- redis ipv4_address: 192.168.240.16
- tika
- gotenberg
profiles: profiles:
- base - base
healthcheck: healthcheck:
@ -358,7 +369,8 @@ services:
image: docker.io/gotenberg/gotenberg:7.6 image: docker.io/gotenberg/gotenberg:7.6
restart: unless-stopped restart: unless-stopped
networks: networks:
- gotenberg public:
ipv4_address: 192.168.240.17
# The gotenberg chromium route is used to convert .eml files. We do not # The gotenberg chromium route is used to convert .eml files. We do not
# want to allow external content like tracking pixels or even javascript. # want to allow external content like tracking pixels or even javascript.
profiles: profiles:
@ -371,7 +383,8 @@ services:
tika: tika:
image: ghcr.io/paperless-ngx/tika:latest image: ghcr.io/paperless-ngx/tika:latest
networks: networks:
- tika public:
ipv4_address: 192.168.240.18
profiles: profiles:
- base - base
restart: unless-stopped restart: unless-stopped
@ -382,7 +395,8 @@ services:
ports: ports:
- "${HOMER_EXTERNAL_PORT}:${HOMER_INTERNAL_PORT}" - "${HOMER_EXTERNAL_PORT}:${HOMER_INTERNAL_PORT}"
networks: networks:
- public public:
ipv4_address: 192.168.240.19
profiles: profiles:
- base - base
volumes: volumes:
@ -410,13 +424,15 @@ services:
profiles: profiles:
- base - base
networks: networks:
- public public:
ipv4_address: 192.168.240.20
mediawiki: mediawiki:
container_name: mediawiki container_name: mediawiki
image: mediawiki image: mediawiki
networks: networks:
- public public:
ipv4_address: 192.168.240.21
depends_on: depends_on:
- mariadb - mariadb
ports: ports:
@ -433,8 +449,8 @@ services:
container_name: photoprism container_name: photoprism
image: docker.io/photoprism/photoprism image: docker.io/photoprism/photoprism
networks: networks:
- mariadb public:
- public ipv4_address: 192.168.240.22
ports: ports:
- "${PHOTOPRISM_EXTERNAL_PORT}:${PHOTOPRISM_INTERNAL_PORT}" - "${PHOTOPRISM_EXTERNAL_PORT}:${PHOTOPRISM_INTERNAL_PORT}"
depends_on: depends_on:
@ -453,8 +469,8 @@ services:
container_name: mariadb container_name: mariadb
image: linuxserver/mariadb image: linuxserver/mariadb
networks: networks:
- mariadb public:
- public ipv4_address: 192.168.240.23
ports: ports:
- "${MARIADB_EXTERNAL_PORT}:${MARIADB_INTERNAL_PORT}" - "${MARIADB_EXTERNAL_PORT}:${MARIADB_INTERNAL_PORT}"
volumes: volumes:
@ -469,8 +485,8 @@ services:
container_name: baserow container_name: baserow
image: baserow/baserow:latest image: baserow/baserow:latest
networks: networks:
- public public:
- postgres ipv4_address: 192.168.240.24
depends_on: depends_on:
- postgres - postgres
env_file: env_file:
@ -485,7 +501,8 @@ services:
container_name: postgres container_name: postgres
image: postgres:latest image: postgres:latest
networks: networks:
- postgres public:
ipv4_address: 192.168.240.25
volumes: volumes:
- "${DOCKER_STORAGE_PATH}/postgres:/var/lib/postgresql/data" - "${DOCKER_STORAGE_PATH}/postgres:/var/lib/postgresql/data"
restart: unless-stopped restart: unless-stopped
@ -497,9 +514,8 @@ services:
container_name: gitea container_name: gitea
image: ${REGISTRY_URL}/gitea:latest image: ${REGISTRY_URL}/gitea:latest
networks: networks:
- public public:
- postgres ipv4_address: 192.168.240.26
- gitea
depends_on: depends_on:
- postgres - postgres
ports: ports:
@ -519,7 +535,8 @@ services:
- "${DOCKER_STORAGE_PATH}/gitearunner/data:/data" - "${DOCKER_STORAGE_PATH}/gitearunner/data:/data"
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
networks: networks:
- gitea public:
ipv4_address: 192.168.240.27
environment: environment:
- GITEA_INSTANCE_URL=https://git.${DOMAIN} - GITEA_INSTANCE_URL=https://git.${DOMAIN}
- CONFIG_FILE=/config/config.yaml - CONFIG_FILE=/config/config.yaml
@ -538,9 +555,8 @@ services:
image: linkace/linkace:simple image: linkace/linkace:simple
container_name: linkace container_name: linkace
networks: networks:
- public public:
- mariadb ipv4_address: 192.168.240.28
- redis
depends_on: depends_on:
- mariadb - mariadb
- redis - redis
@ -581,7 +597,8 @@ services:
image: vaultwarden/server:latest image: vaultwarden/server:latest
container_name: vaultwarden container_name: vaultwarden
networks: networks:
- public public:
ipv4_address: 192.168.240.29
ports: ports:
- "${VAULTWARDEN_EXTERNAL_PORT}:${VAULTWARDEN_INTERNAL_PORT}" - "${VAULTWARDEN_EXTERNAL_PORT}:${VAULTWARDEN_INTERNAL_PORT}"
environment: environment:
@ -598,23 +615,12 @@ services:
networks: networks:
caddy:
attachable: true
internal: true
redis:
internal: true
tika:
internal: true
gotenberg:
internal: true
public: public:
attachable: true attachable: true
postgres: ipam:
external: true config:
mariadb: # 192.168.240.1 - 192.168.240.254
attachable: true - subnet: "192.168.240.0/24"
gitea:
external: false
volumes: volumes:
timetracker-static: timetracker-static:

View File

@ -6,7 +6,8 @@ services:
ports: ports:
- "${BAZARR_EXTERNAL_PORT}:${BAZARR_INTERNAL_PORT}" - "${BAZARR_EXTERNAL_PORT}:${BAZARR_INTERNAL_PORT}"
networks: networks:
- public public:
ipv4_address: 192.168.240.31
volumes: volumes:
- "${DOCKER_STORAGE_PATH}/bazarr:/config" - "${DOCKER_STORAGE_PATH}/bazarr:/config"
- "${MOVIE_PATH}:/movies" - "${MOVIE_PATH}:/movies"

View File

@ -8,7 +8,8 @@ services:
- "1900:1900/udp" - "1900:1900/udp"
- "7359:7359/udp" - "7359:7359/udp"
networks: networks:
- public public:
ipv4_address: 192.168.240.32
volumes: volumes:
- "${DOCKER_STORAGE_PATH}/jellyfin:/config" - "${DOCKER_STORAGE_PATH}/jellyfin:/config"
- "${MEDIA_PATH}:/data/media" - "${MEDIA_PATH}:/data/media"

View File

@ -10,7 +10,8 @@ services:
- ${DOCKER_STORAGE_PATH}/jelu/files/imports:/files/imports - ${DOCKER_STORAGE_PATH}/jelu/files/imports:/files/imports
- /etc/timezone:/etc/timezone:ro - /etc/timezone:/etc/timezone:ro
networks: networks:
- public public:
ipv4_address: 192.168.240.33
environment: environment:
SERVER_PORT: 80 SERVER_PORT: 80
SPRING_DATASOURCE_USERNAME: lukas SPRING_DATASOURCE_USERNAME: lukas

View File

@ -6,7 +6,8 @@ services:
ports: ports:
- "6080:25600" - "6080:25600"
networks: networks:
- public public:
ipv4_address: 192.168.240.34
volumes: volumes:
- "${DOCKER_STORAGE_PATH}/komga:/config" - "${DOCKER_STORAGE_PATH}/komga:/config"
- "${COMIC_PATH}:/data" - "${COMIC_PATH}:/data"

View File

@ -6,8 +6,8 @@ services:
ports: ports:
- "8282:8080" - "8282:8080"
networks: networks:
- public public:
- postgres ipv4_address: 192.168.240.35
environment: environment:
- BASE_URL=https://miniflux.${DOMAIN} - BASE_URL=https://miniflux.${DOMAIN}
- DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres/miniflux?sslmode=disable - DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres/miniflux?sslmode=disable

View File

@ -6,7 +6,8 @@ services:
ports: ports:
- 7878:7878 - 7878:7878
networks: networks:
- public public:
ipv4_address: 192.168.240.36
volumes: volumes:
- "${DOCKER_STORAGE_PATH}/radarr:/config" - "${DOCKER_STORAGE_PATH}/radarr:/config"
- "${NZB_DOWNLOADS_PATH}:/downloads" - "${NZB_DOWNLOADS_PATH}:/downloads"

View File

@ -4,7 +4,8 @@ services:
container_name: sonarr_tv_standard container_name: sonarr_tv_standard
image: linuxserver/sonarr:develop image: linuxserver/sonarr:develop
networks: networks:
- public public:
ipv4_address: 192.168.240.38
ports: ports:
- "${SONARR_TV_STANDARD_EXTERNAL_PORT}:${SONARR_INTERNAL_PORT}" - "${SONARR_TV_STANDARD_EXTERNAL_PORT}:${SONARR_INTERNAL_PORT}"
environment: environment:
@ -26,7 +27,8 @@ services:
container_name: sonarr_anime container_name: sonarr_anime
image: linuxserver/sonarr:develop image: linuxserver/sonarr:develop
networks: networks:
- public public:
ipv4_address: 192.168.240.37
ports: ports:
- "${SONARR_ANIME_EXTERNAL_PORT}:${SONARR_INTERNAL_PORT}" - "${SONARR_ANIME_EXTERNAL_PORT}:${SONARR_INTERNAL_PORT}"
environment: environment:

View File

@ -7,7 +7,8 @@ services:
- "${DOCKER_STORAGE_PATH}/uptimekuma:/app/data" - "${DOCKER_STORAGE_PATH}/uptimekuma:/app/data"
- "/var/run/docker.sock:/var/run/docker.sock" - "/var/run/docker.sock:/var/run/docker.sock"
networks: networks:
- public public:
ipv4_address: 192.168.240.39
profiles: profiles:
- base - base
restart: unless-stopped restart: unless-stopped