fejy/docker-compose-stack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding dozzle

Browse Source 
Cleaning up all compose files:
  consistent labels
  remove exposed ports
  move synapse to wildcard cert
  remove commented out lines
Switch qbit to libtorrentv1 tag
This commit is contained in:
jeff@nearfuture.industries
2026-04-08 18:35:51 +00:00
parent 7732ed22a7
commit 686fff045b
15 changed files with 64 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
apprise-api/compose.yml
View File

@@ -6,10 +6,8 @@ services:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
- APPRISE_ATTACH_SIZE=0 #optional
volumes:
- /home/fejy/docker/apprise-api/config:/config
- /home/fejy/docker/apprise-api/attachments:/attachments #optional
ports:
- 8006:8000
restart: unless-stopped
@@ -24,4 +22,3 @@ services:
networks:
proxy:
external: true

11
arr/compose.yml
View File

@@ -8,8 +8,6 @@ services:
- TZ=Etc/UTC
volumes:
- /home/fejy/docker/prowlarr/data:/config
ports:
- 9696:9696
restart: unless-stopped
networks:
- proxy
@@ -30,8 +28,6 @@ services:
- /home/fejy/docker/radarr:/config
- /mnt/LUXURIA/Share:/Share
- /mnt/AVARITIA/Share:/Avaritia/Share
ports:
- 7878:7878
restart: unless-stopped
networks:
- proxy
@@ -52,8 +48,6 @@ services:
- /home/fejy/docker/sonarr:/config
- /mnt/LUXURIA/Share:/Share
- /mnt/AVARITIA/Share:/Avaritia/Share
ports:
- 8989:8989
restart: unless-stopped
networks:
- proxy
@@ -74,8 +68,6 @@ services:
- /home/fejy/docker/lidarr:/config
- /mnt/LUXURIA/Share:/Share
- /mnt/AVARITIA/Share:/Avaritia/Share
ports:
- 8686:8686
restart: unless-stopped
networks:
- proxy
@@ -92,8 +84,6 @@ services:
- TZ=Etc/UTC
volumes:
- /home/fejy/docker/overseerr:/app/config
ports:
- 5055:5055
restart: unless-stopped
networks:
- proxy
@@ -109,4 +99,3 @@ services:
networks:
proxy:
external: true

7
authentik/compose.yml
View File

@@ -36,9 +36,6 @@ services:
AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required}
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2026.2.2-rc2}
container_name: authentik-server
ports:
- 9001:9000
- ${COMPOSE_PORT_HTTPS:-9443}:9443
restart: unless-stopped
shm_size: 512mb
volumes:
@@ -86,10 +83,6 @@ services:
networks:
- authentik
#volumes:
#database:
#driver: local
networks:
proxy:
external: true

8
cross-seed/compose.yml
View File

@@ -3,8 +3,6 @@ services:
image: ghcr.io/cross-seed/cross-seed:6
container_name: cross-seed
user: 1029:1000 # this must match your torrent client (cross-seed does not support using PGID and PUID)
ports:
- "2468:2468"
volumes:
- /home/fejy/docker/cross-seed:/config
- /mnt/LUXURIA/Share:/Share
@@ -22,8 +20,6 @@ services:
image: ghcr.io/cross-seed/cross-seed:6
container_name: cross-seed2
user: 1029:1000 # this must match your torrent client (cross-seed does not support using PGID and PUID)
ports:
- "2469:2468"
volumes:
- /home/fejy/docker/cross-seed2:/config
- /mnt/LUXURIA/Share:/Share
@@ -41,8 +37,6 @@ services:
image: ghcr.io/cross-seed/cross-seed:6
container_name: cross-seed3
user: 1029:1000 # this must match your torrent client (cross-seed does not support using PGID and PUID)
ports:
- "2470:2468"
volumes:
- /home/fejy/docker/cross-seed3:/config
- /mnt/AVARITIA/Share:/Avaritia/Share/
@@ -60,8 +54,6 @@ services:
image: ghcr.io/cross-seed/cross-seed:6
container_name: cross-seed-priv
user: 1029:1000 # this must match your torrent client (cross-seed does not support using PGID and PUID)
ports:
- "2471:2468"
volumes:
- /home/fejy/docker/cross-seed-priv:/config
- /mnt/LUXURIA/Private:/mnt/LUXURIA/Private

23
dozzle/compose.yml Normal file
View File

@@ -0,0 +1,23 @@
services:
dozzle:
image: amir20/dozzle:latest
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /home/fejy/docker/dozzle_data:/data
environment:
- DOZZLE_ENABLE_ACTIONS=true
- DOZZLE_AUTH_PROVIDER=forward-proxy
- DOZZLE_AUTH_HEADER_USER=X-Authentik-Email
- DOZZLE_AUTH_HEADER_EMAIL=X-Authentik-Name
- DOZZLE_AUTH_HEADER_NAME=X-Authentik-Username
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.dozzle.rule=Host(`dozzle.nearfuture`)"
- "traefik.http.routers.dozzle.entrypoints=web"
- "traefik.http.routers.dozzle.middlewares=authentik@file"
networks:
proxy:
external: true

2
excalidraw/compose.yml
View File

@@ -5,8 +5,6 @@ services:
environment:
- PUID=1029
- PGID=1000
ports:
- "3030:80"
restart: on-failure
networks:
- proxy

8
homepage/compose.yml
View File

@@ -4,15 +4,13 @@ services:
container_name: homepage
env_file: ".env"
environment:
PUID: 1029 # optional, your user id
PGID: 994 # optional, your group id
PUID: 1029
PGID: 1000
HOMEPAGE_ALLOWED_HOSTS: home.nearfuture
ports:
- 3069:3000
volumes:
- /home/fejy/docker/homepage/config:/app/config
- /home/fejy/docker/homepage/icons:/app/public/icons
- /var/run/docker.sock:/var/run/docker.sock:ro # optional, for docker integrations
# - /var/run/docker.sock:/var/run/docker.sock:ro
restart: unless-stopped
networks:
- proxy

3
matrix-bots/compose.yml
View File

@@ -11,14 +11,11 @@ services:
volumes:
- /home/fejy/docker/matrix-bots/matrix-registration-bot/:/data/
maubot:
image: dock.mau.dev/maubot/maubot
container_name: maubot
volumes:
- /home/fejy/docker/matrix-bots/maubot/:/data:z
ports:
- 29316:29316
environment:
R34_API_KEY: ${R34_API_KEY}
R34_UID: ${R34_UID}

36
pirate-ship/compose.yml
View File

@@ -2,8 +2,6 @@ services:
gluetun:
image: qmcgaw/gluetun
container_name: gluetun
# line above must be uncommented to allow external containers to connect.
# See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun
cap_add:
- NET_ADMIN
devices:
@@ -17,7 +15,6 @@ services:
volumes:
- /home/fejy/docker/gluetun:/gluetun
environment:
# See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup
- VPN_SERVICE_PROVIDER=airvpn
- VPN_TYPE=wireguard
- FIREWALL_VPN_INPUT_PORTS=${qbit_portfw}
@@ -39,6 +36,11 @@ services:
# Traefik
- "traefik.enable=true"
- "traefik.docker.network=proxy"
# Gluetun
- "traefik.http.routers.gluetun.rule=Host(`gluetun.nearfuture`)"
- "traefik.http.routers.gluetun.entrypoints=web"
- "traefik.http.routers.gluetun.service=gluetun"
- "traefik.http.services.gluetun.loadbalancer.server.port=8000"
# Qbittorrent
- "traefik.http.routers.qbit.rule=Host(`qbit.nearfuture`)"
- "traefik.http.routers.qbit.entrypoints=web"
@@ -59,11 +61,16 @@ services:
- "traefik.http.routers.qbit-priv.entrypoints=web"
- "traefik.http.routers.qbit-priv.service=qbit-priv"
- "traefik.http.services.qbit-priv.loadbalancer.server.port=8069"
# Mousehole
- "traefik.http.routers.mousehole.rule=Host(`mousehole.nearfuture`)"
- "traefik.http.routers.mousehole.entrypoints=web"
- "traefik.http.routers.mousehole.service=mousehole"
- "traefik.http.services.mousehole.loadbalancer.server.port=5010"
# Watchtower
- "com.centurylinklabs.watchtower.scope=watch"
qbittorrent:
image: lscr.io/linuxserver/qbittorrent:latest
image: lscr.io/linuxserver/qbittorrent:libtorrentv1
container_name: qbittorrent
environment:
- PUID=1029
@@ -78,10 +85,10 @@ services:
depends_on:
gluetun:
condition: service_healthy
#restart: unless-stopped
restart: on-failure:2
qbittorrent2:
image: lscr.io/linuxserver/qbittorrent:latest
image: lscr.io/linuxserver/qbittorrent:libtorrentv1
container_name: qbittorrent2
environment:
- PUID=1029
@@ -96,10 +103,10 @@ services:
depends_on:
gluetun:
condition: service_healthy
#restart: unless-stopped
restart: on-failure:2
qbittorrent3:
image: lscr.io/linuxserver/qbittorrent:latest
image: lscr.io/linuxserver/qbittorrent:libtorrentv1
container_name: qbittorrent3
environment:
- PUID=1029
@@ -113,11 +120,10 @@ services:
depends_on:
gluetun:
condition: service_healthy
#restart: unless-stopped
restart: on-failure:2
qbittorrent_priv:
image: lscr.io/linuxserver/qbittorrent:latest
image: lscr.io/linuxserver/qbittorrent:libtorrentv1
container_name: qbittorrent_priv
environment:
- PUID=1029
@@ -133,16 +139,16 @@ services:
depends_on:
gluetun:
condition: service_healthy
#restart: unless-stopped
restart: on-failure:2
mousehole:
image: tmmrtn/mousehole:latest
container_name: mousehole
network_mode: "service:gluetun"
environment:
TZ: Etc/UTC # Set to your timezone for localization
TZ: Etc/UTC
volumes:
# persist cookie data across container restarts
- "/home/fejy/docker/mousehole:/srv/mousehole"
- /home/fejy/docker/mousehole:/srv/mousehole
depends_on:
gluetun:
condition: service_healthy

4
privatebin/compose.yml
View File

@@ -2,9 +2,6 @@ services:
privatebin:
container_name: privatebin
image: privatebin/nginx-fpm-alpine:1.7.4
ports:
- 1992:8080/tcp
# read_only: true
volumes:
- /home/fejy/docker/privatebin/conf/conf.php:/srv/cfg/conf.php:ro
- /home/fejy/docker/privatebin/data:/srv/data
@@ -24,7 +21,6 @@ services:
- "traefik.http.routers.privatebin-ssl.tls=true"
- "traefik.http.routers.privatebin-ssl-ext.rule=Host(`privatebin.nearfuture.industries`)"
- "traefik.http.routers.privatebin-ssl-ext.entrypoints=websecure"
- "traefik.http.routers.privatebin-ssl-ext.tls=true"
- "com.centurylinklabs.watchtower.scope=watch"
networks:

63
synapse/compose.yml
View File

@@ -4,71 +4,40 @@
services:
synapse:
#build:
#context: ../..
#dockerfile: docker/Dockerfile
image: docker.io/matrixdotorg/synapse:latest
container_name: synapse
# Since synapse does not retry to connect to the database, restart upon
# failure
restart: unless-stopped
# See the readme for a full documentation of the environment settings
# NOTE: You must edit homeserver.yaml to use postgres, it defaults to sqlite
environment:
- SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
volumes:
# You may either store all the files in a local folder
- /home/fejy/docker/synapse:/data
# .. or you may split this between different storage points
# - ./files:/data
# - /path/to/ssd:/data/uploads
# - /path/to/large_hdd:/data/media
depends_on:
- synapse_db
networks:
- proxy
# In order to expose Synapse, remove one of the following, you might for
# instance expose the TLS port directly:
ports:
- 8448:8448/tcp
# ... or use a reverse proxy, here is an example for traefik:
labels:
# The following lines are valid for Traefik version 1.x:
#- traefik.enable=true
#- traefik.frontend.rule=Host:my.matrix.Host
#- traefik.port=8008
# Alternatively, for Traefik version 2.0:
- traefik.enable=true
- traefik.http.routers.http-synapse.entryPoints=web
- traefik.http.routers.http-synapse.rule=Host(`synapse.nearfuture.industries`)
- traefik.http.middlewares.https_redirect.redirectscheme.scheme=https
- traefik.http.middlewares.https_redirect.redirectscheme.permanent=true
- traefik.http.routers.http-synapse.middlewares=https_redirect
- traefik.http.routers.https-synapse.entryPoints=websecure
- traefik.http.routers.https-synapse.rule=Host(`synapse.nearfuture.industries`)
- traefik.http.routers.https-synapse.service=synapse
- traefik.http.routers.https-synapse.tls=true
- traefik.http.routers.https-synapse.tls.certresolver=myresolver
- traefik.http.services.synapse.loadbalancer.server.port=8008
- "traefik.enable=true"
- "traefik.http.routers.http-synapse.entryPoints=web"
- "traefik.http.routers.http-synapse.rule=Host(`synapse.nearfuture.industries`)"
- "traefik.http.routers.http-synapse.middlewares=https_redirect"
- "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.https_redirect.redirectscheme.permanent=true"
- "traefik.http.routers.https-synapse.entryPoints=websecure"
- "traefik.http.routers.https-synapse.rule=Host(`synapse.nearfuture.industries`)"
- "traefik.http.routers.https-synapse.service=synapse"
- "traefik.http.services.synapse.loadbalancer.server.port=8008"
synapse_db:
image: docker.io/postgres:14-alpine
container_name: synapse_db
# Change that password, of course!
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=${POSTGRES_PASS}
# ensure the database gets created correctly
# https://element-hq.github.io/synapse/latest/postgres.html#set-up-database
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
networks:
- proxy
volumes:
# You may store the database tables in a local folder..
- /home/fejy/docker/synapse-db/:/var/lib/postgresql/data
# .. or store them on some high performance storage for better results
# - /path/to/ssd/storage:/var/lib/postgresql/data
nginx:
image: nginx:1.12-alpine
@@ -77,14 +46,10 @@ services:
networks:
- proxy
labels:
- traefik.enable=true
- traefik.http.services.matrix.loadbalancer.server.port=80
- traefik.http.routers.matrix.rule=Host(`nearfuture.industries`)
- traefik.http.routers.matrix.entrypoints=websecure
- traefik.http.routers.matrix.service=matrix
- traefik.http.routers.matrix.tls=true
- traefik.http.routers.matrix.tls.certresolver=myresolver
- "traefik.enable=true"
- "traefik.http.services.matrix.loadbalancer.server.port=80"
- "traefik.http.routers.matrix.rule=Host(`nearfuture.industries`)"
- "traefik.http.routers.matrix.entrypoints=websecure"
volumes:
- ./nginx/matrix.conf:/etc/nginx/conf.d/matrix.conf
- ./nginx/www:/var/www/

2
tautulli/compose.yml
View File

@@ -8,8 +8,6 @@ services:
- PUID=1029
- PGID=1000
- TZ=Etc/UTC
ports:
- 8181:8181
restart: unless-stopped
networks:
- proxy

2
thelounge/compose.yml
View File

@@ -8,8 +8,6 @@ services:
- TZ=Etc/UTC
volumes:
- /home/fejy/docker/thelounge/config:/config
ports:
- 9000:9000
restart: unless-stopped
networks:
- proxy

8
traefik/compose.yml
View File

@@ -2,11 +2,6 @@ services:
traefik:
image: traefik
container_name: traefik
# command:
#- "--api.insecure=true"
#- "--providers.docker=true"
#- "--providers.docker.exposedbydefault=false"
#- "--entrypoints.web.address=:80"
restart: unless-stopped
environment:
- NAMECHEAP_API_USER=${NAMECHEAP_USER}
@@ -14,7 +9,6 @@ services:
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /home/fejy/docker/traefik:/etc/traefik
@@ -27,7 +21,7 @@ services:
- "traefik.http.routers.api.service=api@internal"
- "traefik.http.routers.api.rule=Host(`traefik.nearfuture`)"
- "traefik.http.routers.api.entrypoints=web"
- "traefik.http.services.api.loadbalancer.server.port=8080 # The port value doesn't matter"
- "traefik.http.services.api.loadbalancer.server.port=8080"
- "com.centurylinklabs.watchtower.scope=watch"
networks:

4
watchtower/compose.yml
View File

@@ -3,10 +3,10 @@ services:
watchtower:
image: containrrr/watchtower
container_name: watchtower
#command: --run-once --scope watch
command: --cleanup=true --scope watch
restart: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels: [ "com.centurylinklabs.watchtower.scope=watch" ]
labels:
- "com.centurylinklabs.watchtower.scope=watch"