--- include: - services/bazarr.yml - services/jellyfin.yml - services/komga.yml - services/radarr.yml - services/miniflux.yml - services/jelu.yml - services/sonarr.yml - services/postgres.yml - services/nextcloud.yml - services/sabnzbd.yml - services/openldap.yml - services/prowlarr.yml - services/netbootxyz.yml - services/registry.yml - services/portainer.yml - services/drone/drone.yml - services/enshrouded.yml - services/7dtdserver.yml - services/gluetun.yml - services/handbrake-server.yml - services/redlib.yml services: caddy: image: caddy container_name: caddy ports: - "${TIMETRACKER_EXTERNAL_PORT}:${TIMETRACKER_INTERNAL_PORT}" - "${DENDRON_NOTES_EXTERNAL_PORT}:${DENDRON_NOTES_INTERNAL_PORT}" - 80:80 - 443:443 user: ${PUID} volumes: - "${DOCKER_STORAGE_PATH}/caddy/etc:/etc/caddy" - "${DOCKER_STORAGE_PATH}/caddy/data:/data" - "${DOCKER_STORAGE_PATH}/caddy/config:/config" - "/www/notes:/srv/notes" - "timetracker-static:/srv/timetracker" networks: public: ipv4_address: 192.168.240.2 restart: unless-stopped # cap_drop: # - ALL # cap_add: # - NET_BIND_SERVICE timetracker: image: ${REGISTRY_URL}/timetracker container_name: timetracker environment: - TZ=${TZ} - "CSRF_TRUSTED_ORIGINS=https://tracker.kucharczyk.xyz" user: ${PUID} volumes: - "${DOCKER_STORAGE_PATH}/timetracker/db.sqlite3:/home/timetracker/app/db.sqlite3" - "${DOCKER_STORAGE_PATH}/timetracker/backups:/home/timetracker/app/games/fixtures/backups" - "timetracker-static:/var/www/django/static" depends_on: - caddy networks: public: ipv4_address: 192.168.240.3 restart: unless-stopped trilium: image: zadam/trilium container_name: trilium restart: always environment: - TRILIUM_DATA_DIR=/home/node/trilium-data volumes: - ${DOCKER_STORAGE_PATH}/trilium:/home/node/trilium-data ports: - "${TRILIUM_EXTERNAL_PORT}:${TRILIUM_INTERNAL_PORT}" networks: public: ipv4_address: 192.168.240.4 ntfy: image: binwiederhier/ntfy container_name: ntfy command: - serve user: ${PUID}:${PGID} environment: - TZ=${TZ} volumes: - "${DOCKER_STORAGE_PATH}/ntfy/cache:/var/cache/ntfy" - "${DOCKER_STORAGE_PATH}/ntfy/config:/etc/ntfy" ports: - "${NTFY_EXTERNAL_PORT}:${NTFY_INTERNAL_PORT}" networks: public: ipv4_address: 192.168.240.5 restart: unless-stopped audiobookshelf: image: ghcr.io/advplyr/audiobookshelf container_name: audiobookshelf environment: - AUDIOBOOKSHELF_UID=${PUID} - AUDIOBOOKSHELF_GID=${PGID} - TZ=${TZ} volumes: - "${DOCKER_STORAGE_PATH}/audiobookshelf/audiobooks:/audiobooks" - "${DOCKER_STORAGE_PATH}/audiobookshelf/podcasts:/podcasts" - "${DOCKER_STORAGE_PATH}/audiobookshelf/config:/config" - "${DOCKER_STORAGE_PATH}/audiobookshelf/metadata:/metadata" ports: - "${AUDIOBOOKSHELF_EXTERNAL_PORT}:${AUDIOBOOKSHELF_INTERNAL_PORT}" networks: public: ipv4_address: 192.168.240.6 restart: unless-stopped beets: image: ${REGISTRY_URL}/beets:latest container_name: beets environment: - PUID=${PUID} - PGID=${PGID} - TZ=${TZ} volumes: - "${DOCKER_STORAGE_PATH}/beets:/config" - "${STORAGE_PATH}/media/music2:/music" - "${STORAGE_PATH}/download/music:/downloads" ports: - 8337:8337 networks: public: ipv4_address: 192.168.240.7 restart: unless-stopped mealie: container_name: mealie image: hkotel/mealie:v1.9.0 environment: PUID: ${PUID} PGID: ${PGID} TZ: ${TZ} env_file: - mealie.env volumes: - "${DOCKER_STORAGE_PATH}/mealie/data/:/app/data" networks: public: ipv4_address: 192.168.240.8 restart: unless-stopped rtorrent: image: binhex/arch-rtorrentvpn container_name: rtorrent volumes: - "${DOCKER_STORAGE_PATH}/rtorrent/config:/config" - "${DOCKER_STORAGE_PATH}/rtorrent/watch:/watch" - ${STORAGE_PATH}/seed:/data - /etc/localtime:/etc/localtime:ro environment: - PUID=${PUID} - PGID=${PGID} env_file: - rtorrent.env ports: - "9080:9080" - "9443:9443" - "8118:8118" - "6881:6881" networks: public: ipv4_address: 192.168.240.9 restart: unless-stopped webhook: image: ${REGISTRY_URL}/webhook container_name: webhook build: https://git.kucharczyk.xyz/containers/webhook.git#main user: ${PUID}:${PGID} environment: - TZ=${TZ} volumes: - "${DOCKER_STORAGE_PATH}/webhook/config:/config" - "${DOCKER_STORAGE_PATH}/webhook/scripts:/var/webhook" ports: - "${WEBHOOK_EXTERNAL_PORT}:${WEBHOOK_INTERNAL_PORT}" networks: public: ipv4_address: 192.168.240.10 restart: unless-stopped valheim: image: ghcr.io/lloesche/valheim-server container_name: valheim volumes: - ${DOCKER_STORAGE_PATH}/valheim/config:/config - ${DOCKER_STORAGE_PATH}/valheim/data:/opt/valheim env_file: - valheim.env ports: - ${VALHEIM_EXTERNAL_PORT}:${VALHEIM_INTERNAL_PORT} cap_add: - SYS_NICE networks: public: ipv4_address: 192.168.240.11 restart: unless-stopped stash: image: stashapp/stash:v0.27.2 container_name: stash ports: - "${STASH_EXTERNAL_PORT}:${STASH_INTERNAL_PORT}" ## If you intend to use stash's DLNA functionality uncomment the below network mode and comment out the above ports section # network_mode: host logging: driver: "json-file" options: max-file: "10" max-size: "2m" environment: - STASH_STASH=/data/ - STASH_GENERATED=/generated/ - STASH_METADATA=/metadata/ - STASH_CACHE=/cache/ - STASH_PORT=${STASH_INTERNAL_PORT} volumes: - /etc/localtime:/etc/localtime:ro ## Adjust below paths (the left part) to your liking. ## E.g. you can change ./config:/root/.stash to ./stash:/root/.stash ## Keep configs, scrapers, and plugins here. - "${DOCKER_STORAGE_PATH}/stash/config:/root/.stash" ## Point this at your collection. - "${STORAGE_PATH}/xxx:/data/" ## This is where your stash's metadata lives - "${DOCKER_STORAGE_PATH}/stash/metadata:/metadata" ## Any other cache content. - "${DOCKER_STORAGE_PATH}/stash/cache:/cache" ## Where to store generated content (screenshots,previews,transcodes,sprites) - "${DOCKER_STORAGE_PATH}/stash/generated:/generated" ## Where to store binary blob data (scene covers, images) - "${DOCKER_STORAGE_PATH}/stash/blobs:/blobs" networks: public: ipv4_address: 192.168.240.13 restart: unless-stopped navidrome: image: deluan/navidrome:0.53.3 container_name: navidrome ports: - "${NAVIDROME_EXTERNAL_PORT}:${NAVIDROME_INTERNAL_PORT}" env_file: - navidrome.env user: "${PUID}:${PGID}" volumes: - "${DOCKER_STORAGE_PATH}/navidrome:/data" - "${STORAGE_PATH}/media/music2:/music" networks: public: ipv4_address: 192.168.240.14 restart: unless-stopped maloja: image: krateng/maloja container_name: maloja ports: - "${MALOJA_EXTERNAL_PORT}:${MALOJA_INTERNAL_PORT}" env_file: - maloja.env user: "${PUID}:${PGID}" volumes: - "${DOCKER_STORAGE_PATH}/maloja:/data" networks: public: ipv4_address: 192.168.240.15 restart: unless-stopped redis: container_name: redis image: docker.io/library/redis:7 networks: public: ipv4_address: 192.168.240.30 restart: unless-stopped volumes: - "${DOCKER_STORAGE_PATH}/redis:/data" paperless-ngx: container_name: paperless-ngx image: ghcr.io/paperless-ngx/paperless-ngx:latest restart: unless-stopped depends_on: - redis - gotenberg - tika ports: - "${PAPERLESS_EXTERNAL_PORT}:${PAPERLESS_INTERNAL_PORT}" networks: public: ipv4_address: 192.168.240.16 healthcheck: test: [ "CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:8000" ] interval: 30s timeout: 10s retries: 5 volumes: - "${DOCKER_STORAGE_PATH}/paperless-ngx/data:/usr/src/paperless/data" - "${DOCKER_STORAGE_PATH}/paperless-ngx/media:/usr/src/paperless/media" - "${DOCKER_STORAGE_PATH}/paperless-ngx/export:/usr/src/paperless/export" - "${DOCKER_STORAGE_PATH}/paperless-ngx/consume:/usr/src/paperless/consume" env_file: paperless-ngx.env environment: PAPERLESS_REDIS: redis://redis:6379 PAPERLESS_TIKA_ENABLED: 1 PAPERLESS_TIKA_GOTENBERG_ENDPOINT: http://gotenberg:3000 PAPERLESS_TIKA_ENDPOINT: http://tika:9998 PAPERLESS_URL: "https://paperless.${DOMAIN}" gotenberg: image: docker.io/gotenberg/gotenberg:7.6 restart: unless-stopped networks: public: ipv4_address: 192.168.240.17 # The gotenberg chromium route is used to convert .eml files. We do not # want to allow external content like tracking pixels or even javascript. command: - "gotenberg" - "--chromium-disable-javascript=true" - "--chromium-allow-list=file:///tmp/.*" tika: image: ghcr.io/paperless-ngx/tika:latest networks: public: ipv4_address: 192.168.240.18 restart: unless-stopped homer: image: b4bz/homer container_name: homer ports: - "${HOMER_EXTERNAL_PORT}:${HOMER_INTERNAL_PORT}" networks: public: ipv4_address: 192.168.240.19 volumes: - "${DOCKER_STORAGE_PATH}/homer:/www/assets" environment: UID: ${PUID} GID: ${PGID} restart: unless-stopped syncthing: image: lscr.io/linuxserver/syncthing:latest container_name: syncthing volumes: - "${DOCKER_STORAGE_PATH}/syncthing:/config" - "${STORAGE_PATH}/docker-storage/syncthing:/general" ports: - "${SYNCTHING_EXTERNAL_PORT1}:${SYNCTHING_INTERNAL_PORT1}" - "${SYNCTHING_EXTERNAL_PORT2}:${SYNCTHING_INTERNAL_PORT2}" - "${SYNCTHING_EXTERNAL_PORT3}:${SYNCTHING_INTERNAL_PORT3}" - "${SYNCTHING_EXTERNAL_PORT4}:${SYNCTHING_INTERNAL_PORT4}" environment: - "PUID=${PUID}" - "PGID=${PGID}" restart: unless-stopped networks: public: ipv4_address: 192.168.240.20 mediawiki: container_name: mediawiki image: mediawiki networks: public: ipv4_address: 192.168.240.21 depends_on: - mariadb ports: - "${MEDIAWIKI_EXTERNAL_PORT}:${MEDIAWIKI_INTERNAL_PORT}" volumes: - "${DOCKER_STORAGE_PATH}/mediawiki/images:/var/www/html/images" - "${DOCKER_STORAGE_PATH}/mediawiki/extensions:/var/www/html/extensions" - "${DOCKER_STORAGE_PATH}/mediawiki/LocalSettings.php:/var/www/html/LocalSettings.php" restart: unless-stopped photoprism: container_name: photoprism image: docker.io/photoprism/photoprism networks: public: ipv4_address: 192.168.240.22 ports: - "${PHOTOPRISM_EXTERNAL_PORT}:${PHOTOPRISM_INTERNAL_PORT}" depends_on: - mariadb env_file: - photoprism.env volumes: - "${PHOTOS_STORAGE_PATH}/import:/photoprism/import" - "${PHOTOS_STORAGE_PATH}/originals:/photoprism/originals" - "${PHOTOS_STORAGE_PATH}/storage:/photoprism/storage" restart: unless-stopped mariadb: container_name: mariadb image: linuxserver/mariadb networks: public: ipv4_address: 192.168.240.23 ports: - "${MARIADB_EXTERNAL_PORT}:${MARIADB_INTERNAL_PORT}" volumes: - "${DOCKER_STORAGE_PATH}/mariadb:/config" - sockets:/run/mysqld/ restart: unless-stopped baserow: container_name: baserow image: baserow/baserow:latest networks: public: ipv4_address: 192.168.240.24 depends_on: - postgres env_file: - baserow.env volumes: - "${DOCKER_STORAGE_PATH}/baserow:/baserow/data" restart: unless-stopped gitea: container_name: gitea image: gitea/gitea:1.21.11 networks: public: ipv4_address: 192.168.240.26 depends_on: - postgres ports: - "${GITEA_WEBUI_EXTERNAL_PORT}:${GITEA_WEBUI_INTERNAL_PORT}" - "${GITEA_SSH_EXTERNAL_PORT}:${GITEA_SSH_INTERNAL_PORT}" volumes: - "${DOCKER_STORAGE_PATH}/gitea:/data" restart: unless-stopped gitearunner: container_name: gitearunner image: gitea/act_runner depends_on: - gitea volumes: - "${DOCKER_STORAGE_PATH}/gitearunner/config:/config" - "${DOCKER_STORAGE_PATH}/gitearunner/data:/data" - /var/run/docker.sock:/var/run/docker.sock networks: public: ipv4_address: 192.168.240.27 environment: - GITEA_INSTANCE_URL=https://git.${DOMAIN} - CONFIG_FILE=/config/config.yaml # When using Docker Secrets, it's also possible to use # GITEA_RUNNER_REGISTRATION_TOKEN_FILE to pass the location. # The env var takes precedence - GITEA_RUNNER_REGISTRATION_TOKEN=92U7bIiADtqkILwjjj9rffjz8vyNp0zo7uaOgrIG - GITEA_RUNNER_LABELS="ubuntu-latest:docker://catthehacker/ubuntu:act-latest" - GITEA_RUNNER_NAME="NAS_CONTAINER" restart: unless-stopped linkace: image: linkace/linkace:v1.15.4-simple container_name: linkace networks: public: ipv4_address: 192.168.240.28 depends_on: - mariadb - redis environment: # these env variables are instead of .env file # see https://www.linkace.org/docs/v1/setup/setup-with-docker/advanced-configuration/#using-docker-environment-variables-instead-of-the-env-file - APP_KEY=base64:X6XDR+dfqn5PM9QdmmxJoOECSsldWhkfnyi6yvohgNM= - DB_HOST=${MYSQL_HOST} - DB_DATABASE=${LINKACE_DB} - DB_USERNAME=${LINKACE_DB_USERNAME} - DB_PASSWORD=${LINKACE_DB_PASSWORD} - REDIS_HOST=redis ports: - "${LINKACE_EXTERNAL_PORT}:${LINKACE_INTERNAL_PORT}" volumes: - ${DOCKER_STORAGE_PATH}/linkace/backups:/app/storage/app/backups - ${DOCKER_STORAGE_PATH}/linkace/logs:/app/storage/logs restart: unless-stopped # ghost: # image: "ghost:latest" # container_name: ghost # environment: # - url=http://blog.kucharczyk.xyz # labels: # - "traefik.enable=true" # - "traefik.http.routers.ghost.rule=Host(`blog.kucharczyk.xyz`)" # - "traefik.http.routers.ghost.entrypoints=https" # - "traefik.http.routers.ghost.tls.certresolver=myresolver" # volumes: # - ${DOCKER_STORAGE_PATH}/ghost/content:/var/lib/ghost/content # networks: # - public vaultwarden: image: vaultwarden/server:1.32.1 container_name: vaultwarden networks: public: ipv4_address: 192.168.240.29 ports: - "${VAULTWARDEN_EXTERNAL_PORT}:${VAULTWARDEN_INTERNAL_PORT}" env_file: - ./secrets/vaultwarden.env environment: - PUSH_ENABLED=true # PUSH_INSTALLATION_ID= # PUSH_INSTALLATION_KEY= - PUSH_RELAY_URI=https://api.bitwarden.eu - PUSH_IDENTITY_URI=https://identity.bitwarden.eu - ADMIN_TOKEN=$$argon2id$$v=19$$m=65540,t=3,p=4$$aWJ2cVRvYUsySkM3M01TMTJJMnZqbUF0Wm1qRWhvd1B6Sk50Q1hwck96dz0$$FKjZ36E54pX2e0AE9OaDpiH43TyAyfVwr3IvracbqEA - SMTP_HOST=${EMAIL_HOST} - SMTP_FROM=${EMAIL_FROM} - SMTP_FROM_NAME="Bitwarden (bw.kucharczyk.xyz)" - SMTP_PORT=${EMAIL_PORT} - SMTP_USERNAME=${EMAIL_FROM} - SMTP_PASSWORD=${EMAIL_PASSWORD} volumes: - ${DOCKER_STORAGE_PATH}/vaultwarden:/data restart: unless-stopped networks: public: attachable: true ipam: config: # 192.168.240.1 - 192.168.240.254 - subnet: "192.168.240.0/24" volumes: timetracker-static: sockets: