From 0b61143bc96d1a10233d9ddaa470cec86899097d Mon Sep 17 00:00:00 2001 From: Jeff Near Date: Sat, 4 Apr 2026 20:11:13 +0000 Subject: [PATCH] Overseer switched to seer Added thelounge Added watchtower Added authentik Moved excalidraw behind authentik SSO Removed unused services --- apprise-api/compose.yml | 1 + arr/compose.yml | 47 ++++++++++---------- authentik/compose.yml | 96 +++++++++++++++++++++++++++++++++++++++++ cross-seed/compose.yml | 9 +++- excalidraw/compose.yml | 5 ++- homepage/compose.yml | 1 + overseerr/compose.yml | 27 ------------ pirate-ship/compose.yml | 6 +-- privatebin/compose.yml | 2 +- prowlarr/compose.yml | 25 ----------- radarr/compose.yml | 25 ----------- sonarr/compose.yml | 25 ----------- tautulli/compose.yml | 1 + thelounge/compose.yml | 25 +++++++++++ traefik/compose.yml | 1 + wastebin/compose.yml | 23 ---------- watchtower/compose.yml | 12 ++++++ whisparr/compose.yml | 25 ----------- 18 files changed, 176 insertions(+), 180 deletions(-) create mode 100644 authentik/compose.yml delete mode 100644 overseerr/compose.yml delete mode 100644 prowlarr/compose.yml delete mode 100644 radarr/compose.yml delete mode 100644 sonarr/compose.yml create mode 100644 thelounge/compose.yml delete mode 100644 wastebin/compose.yml create mode 100644 watchtower/compose.yml delete mode 100644 whisparr/compose.yml diff --git a/apprise-api/compose.yml b/apprise-api/compose.yml index c3b67dc..90f3fcd 100644 --- a/apprise-api/compose.yml +++ b/apprise-api/compose.yml @@ -19,6 +19,7 @@ services: - "traefik.enable=true" - "traefik.http.routers.apprise.rule=Host(`apprise.nearfuture`)" - "traefik.http.routers.apprise.entrypoints=web" + - "com.centurylinklabs.watchtower.scope=watch" networks: proxy: diff --git a/arr/compose.yml b/arr/compose.yml index d6b0731..503ba87 100644 --- a/arr/compose.yml +++ b/arr/compose.yml @@ -17,6 +17,7 @@ services: - "traefik.enable=true" - "traefik.http.routers.prowlarr.rule=Host(`prowlarr.nearfuture`)" - "traefik.http.routers.prowlarr.entrypoints=web" + - "com.centurylinklabs.watchtower.scope=watch" radarr: image: lscr.io/linuxserver/radarr:latest @@ -38,6 +39,7 @@ services: - "traefik.enable=true" - "traefik.http.routers.radarr.rule=Host(`radarr.nearfuture`)" - "traefik.http.routers.radarr.entrypoints=web" + - "com.centurylinklabs.watchtower.scope=watch" sonarr: image: lscr.io/linuxserver/sonarr:latest @@ -59,28 +61,7 @@ services: - "traefik.enable=true" - "traefik.http.routers.sonarr.rule=Host(`sonarr.nearfuture`)" - "traefik.http.routers.sonarr.entrypoints=web" - - overseerr: - image: lscr.io/linuxserver/overseerr:latest - container_name: overseerr - environment: - - PUID=1029 - - PGID=1000 - - TZ=Etc/UTC - volumes: - - /home/fejy/docker/overseerr:/config - ports: - - 5055:5055 - restart: unless-stopped - networks: - - proxy - labels: - - "traefik.enable=true" - - "traefik.http.routers.overseerr.rule=Host(`overseerr.nearfuture`)" - - "traefik.http.routers.overseerr.entrypoints=web" - - "traefik.http.routers.overseerr-ssl.rule=Host(`overseerr.nearfuture`)" - - "traefik.http.routers.overseerr-ssl.entrypoints=websecure" - - "traefik.http.routers.overseerr-ssl.tls=true" + - "com.centurylinklabs.watchtower.scope=watch" lidarr: image: lscr.io/linuxserver/lidarr:latest @@ -102,6 +83,28 @@ services: - "traefik.enable=true" - "traefik.http.routers.lidarr.rule=Host(`lidarr.nearfuture`)" - "traefik.http.routers.lidarr.entrypoints=web" + - "com.centurylinklabs.watchtower.scope=watch" + + seerr: + image: ghcr.io/seerr-team/seerr:latest + container_name: seerr + environment: + - TZ=Etc/UTC + volumes: + - /home/fejy/docker/overseerr:/app/config + ports: + - 5055:5055 + restart: unless-stopped + networks: + - proxy + labels: + - "traefik.enable=true" + - "traefik.http.routers.overseerr.rule=Host(`overseerr.nearfuture`)" + - "traefik.http.routers.overseerr.entrypoints=web" + - "traefik.http.routers.overseerr-ssl.rule=Host(`overseerr.nearfuture`)" + - "traefik.http.routers.overseerr-ssl.entrypoints=websecure" + - "traefik.http.routers.overseerr-ssl.tls=true" + - "com.centurylinklabs.watchtower.scope=watch" networks: proxy: diff --git a/authentik/compose.yml b/authentik/compose.yml new file mode 100644 index 0000000..be7a2d7 --- /dev/null +++ b/authentik/compose.yml @@ -0,0 +1,96 @@ +services: + postgresql: + env_file: + - .env + environment: + POSTGRES_DB: ${PG_DB:-authentik} + POSTGRES_PASSWORD: ${PG_PASS:?database password required} + POSTGRES_USER: ${PG_USER:-authentik} + healthcheck: + interval: 30s + retries: 5 + start_period: 20s + test: + - CMD-SHELL + - pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER} + timeout: 5s + image: docker.io/library/postgres:16-alpine + restart: unless-stopped + volumes: + - /home/fejy/docker/authentik/database:/var/lib/postgresql/data + networks: + - authentik + + authentik-server: + command: server + depends_on: + postgresql: + condition: service_healthy + env_file: + - .env + environment: + AUTHENTIK_POSTGRESQL__HOST: postgresql + AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} + AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} + AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} + AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required} + image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2026.2.2-rc2} + container_name: authentik-server + ports: + - 9001:9000 + - ${COMPOSE_PORT_HTTPS:-9443}:9443 + restart: unless-stopped + shm_size: 512mb + volumes: + - /home/fejy/docker/authentik/data:/data + - /home/fejy/docker/authentik/custom-templates:/templates + labels: + - "traefik.enable=true" + - "traefik.docker.network=proxy" + - "traefik.http.routers.https-auth.entryPoints=websecure" + - "traefik.http.routers.https-auth.rule=Host(`auth.nearfuture.industries`) || HostRegexp(`{subdomain:[a-z0-9-]+}.nearfuture.industries`) && PathPrefix(`/outpost.goauthentik.io/`)" + - "traefik.http.routers.https-auth.tls=true" + - "traefik.http.routers.https-auth.tls.certresolver=myresolver" + - "traefik.http.routers.https-auth.priority=50" + - "traefik.http.routers.https-auth.service=https-auth" + - "traefik.http.services.https-auth.loadbalancer.server.port=9000" + - "com.centurylinklabs.watchtower.scope=watch" + networks: + - proxy + - authentik + + worker: + command: worker + depends_on: + postgresql: + condition: service_healthy + env_file: + - .env + environment: + AUTHENTIK_POSTGRESQL__HOST: postgresql + AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} + AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} + AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} + AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required} + image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2026.2.2-rc2} + restart: unless-stopped + shm_size: 512mb + user: root + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /home/fejy/docker/authentik/data:/data + - /home/fejy/docker/authentik/certs:/certs + - /home/fejy/docker/authentik/custom-templates:/templates + labels: + - "com.centurylinklabs.watchtower.scope=watch" + networks: + - authentik + +#volumes: + #database: + #driver: local + +networks: + proxy: + external: true + authentik: diff --git a/cross-seed/compose.yml b/cross-seed/compose.yml index 146090c..c261d2c 100644 --- a/cross-seed/compose.yml +++ b/cross-seed/compose.yml @@ -16,6 +16,8 @@ services: - "traefik.enable=true" - "traefik.http.routers.cross-seed.rule=Host(`cross-seed.nearfuture`)" - "traefik.http.routers.cross-seed.entrypoints=web" + - "com.centurylinklabs.watchtower.scope=watch" + cross-seed2: image: ghcr.io/cross-seed/cross-seed:6 container_name: cross-seed2 @@ -33,6 +35,8 @@ services: - "traefik.enable=true" - "traefik.http.routers.cross-seed2.rule=Host(`cross-seed2.nearfuture`)" - "traefik.http.routers.cross-seed2.entrypoints=web" + - "com.centurylinklabs.watchtower.scope=watch" + cross-seed3: image: ghcr.io/cross-seed/cross-seed:6 container_name: cross-seed3 @@ -50,6 +54,8 @@ services: - "traefik.enable=true" - "traefik.http.routers.cross-seed3.rule=Host(`cross-seed3.nearfuture`)" - "traefik.http.routers.cross-seed3.entrypoints=web" + - "com.centurylinklabs.watchtower.scope=watch" + cross-seed-priv: image: ghcr.io/cross-seed/cross-seed:6 container_name: cross-seed-priv @@ -67,9 +73,8 @@ services: - "traefik.enable=true" - "traefik.http.routers.cross-seed-priv.rule=Host(`cross-seed-priv.nearfuture`)" - "traefik.http.routers.cross-seed-priv.entrypoints=web" - + - "com.centurylinklabs.watchtower.scope=watch" networks: proxy: external: true - diff --git a/excalidraw/compose.yml b/excalidraw/compose.yml index 9f50715..230ab63 100644 --- a/excalidraw/compose.yml +++ b/excalidraw/compose.yml @@ -20,8 +20,9 @@ services: - "traefik.http.routers.ex-ssl-ext.rule=Host(`excalidraw.nearfuture.industries`)" - "traefik.http.routers.ex-ssl-ext.entrypoints=websecure" - "traefik.http.routers.ex-ssl-ext.tls=true" - - + - "traefik.http.routers.ex-ssl-ext.tls.certresolver=myresolver" + - "traefik.http.routers.ex-ssl-ext.middlewares=authentik@file" + - "com.centurylinklabs.watchtower.scope=watch" networks: proxy: external: true diff --git a/homepage/compose.yml b/homepage/compose.yml index aaa6e3f..11d9348 100644 --- a/homepage/compose.yml +++ b/homepage/compose.yml @@ -20,6 +20,7 @@ services: - "traefik.enable=true" - "traefik.http.routers.homepage.rule=Host(`home.nearfuture`)" - "traefik.http.routers.homepage.entrypoints=web" + - "com.centurylinklabs.watchtower.scope=watch" networks: proxy: diff --git a/overseerr/compose.yml b/overseerr/compose.yml deleted file mode 100644 index 236e198..0000000 --- a/overseerr/compose.yml +++ /dev/null @@ -1,27 +0,0 @@ -services: - overseerr: - image: lscr.io/linuxserver/overseerr:latest - container_name: overseerr - environment: - - PUID=1029 - - PGID=1000 - - TZ=Etc/UTC - volumes: - - /home/fejy/docker/overseerr:/config - ports: - - 5055:5055 - restart: unless-stopped - networks: - - proxy - labels: - - "traefik.enable=true" - - "traefik.http.routers.overseerr.rule=Host(`overseerr.nearfuture`)" - - "traefik.http.routers.overseerr.entrypoints=web" - - "traefik.http.routers.overseerr-ssl.rule=Host(`overseerr.nearfuture`)" - - "traefik.http.routers.overseerr-ssl.entrypoints=websecure" - - "traefik.http.routers.overseerr-ssl.tls=true" - -networks: - proxy: - external: true - diff --git a/pirate-ship/compose.yml b/pirate-ship/compose.yml index 6fdf775..523bfc0 100644 --- a/pirate-ship/compose.yml +++ b/pirate-ship/compose.yml @@ -63,6 +63,8 @@ services: - "traefik.http.routers.qbit-priv.entrypoints=web" - "traefik.http.routers.qbit-priv.service=qbit-priv" - "traefik.http.services.qbit-priv.loadbalancer.server.port=8069" + # Watchtower + - "com.centurylinklabs.watchtower.scope=watch" qbittorrent: image: lscr.io/linuxserver/qbittorrent:latest @@ -75,7 +77,6 @@ services: volumes: - /home/fejy/docker/qbittorrent:/config - /mnt/LUXURIA/Share:/Share - - /mnt/LUXURIA/Private:/Private - /mnt/downloads:/downloads/ network_mode: "service:gluetun" depends_on: @@ -94,7 +95,6 @@ services: volumes: - /home/fejy/docker/qbittorrent2:/config - /mnt/LUXURIA/Share:/Share - - /mnt/LUXURIA/Private:/Private - /mnt/downloads:/downloads/ network_mode: "service:gluetun" depends_on: @@ -131,7 +131,7 @@ services: volumes: - /home/fejy/docker/qbittorrent_priv:/config - /mnt/LUXURIA/Share:/mnt/LUXURIA/Share - - /mnt/LUXURIA/Private:/mnt/LUXURIA/Private + - /mnt/AVARITIA/Private:/mnt/LUXURIA/Private - /mnt/downloads:/downloads/ network_mode: "service:gluetun" depends_on: diff --git a/privatebin/compose.yml b/privatebin/compose.yml index 96b34e9..3343978 100644 --- a/privatebin/compose.yml +++ b/privatebin/compose.yml @@ -25,7 +25,7 @@ services: - "traefik.http.routers.privatebin-ssl-ext.rule=Host(`privatebin.nearfuture.industries`)" - "traefik.http.routers.privatebin-ssl-ext.entrypoints=websecure" - "traefik.http.routers.privatebin-ssl-ext.tls=true" - + - "com.centurylinklabs.watchtower.scope=watch" networks: proxy: diff --git a/prowlarr/compose.yml b/prowlarr/compose.yml deleted file mode 100644 index 9eabafe..0000000 --- a/prowlarr/compose.yml +++ /dev/null @@ -1,25 +0,0 @@ -services: - prowlarr: - image: lscr.io/linuxserver/prowlarr:latest - container_name: prowlarr - environment: - - PUID=1029 - - PGID=1000 - - TZ=Etc/UTC - volumes: - - /home/fejy/docker/prowlarr/data:/config - ports: - - 9696:9696 - restart: unless-stopped - networks: - - proxy - labels: - - "traefik.enable=true" - - "traefik.http.routers.prowlarr.rule=Host(`prowlarr.nearfuture`)" - - "traefik.http.routers.prowlarr.entrypoints=web" - - -networks: - proxy: - external: true - diff --git a/radarr/compose.yml b/radarr/compose.yml deleted file mode 100644 index 9832873..0000000 --- a/radarr/compose.yml +++ /dev/null @@ -1,25 +0,0 @@ -services: - radarr: - image: lscr.io/linuxserver/radarr:latest - container_name: radarr - environment: - - PUID=1029 - - PGID=1000 - - TZ=Etc/UTC - volumes: - - /home/fejy/docker/radarr:/config - - /mnt/LUXURIA/Share:/Share - ports: - - 7878:7878 - restart: unless-stopped - networks: - - proxy - labels: - - "traefik.enable=true" - - "traefik.http.routers.radarr.rule=Host(`radarr.nearfuture`)" - - "traefik.http.routers.radarr.entrypoints=web" - -networks: - proxy: - external: true - diff --git a/sonarr/compose.yml b/sonarr/compose.yml deleted file mode 100644 index 62d2166..0000000 --- a/sonarr/compose.yml +++ /dev/null @@ -1,25 +0,0 @@ -services: - sonarr: - image: lscr.io/linuxserver/sonarr:latest - container_name: sonarr - environment: - - PUID=1029 - - PGID=1000 - - TZ=Etc/UTC - volumes: - - /home/fejy/docker/sonarr:/config - - /mnt/LUXURIA/Share:/Share - ports: - - 8989:8989 - restart: unless-stopped - networks: - - proxy - labels: - - "traefik.enable=true" - - "traefik.http.routers.sonarr.rule=Host(`sonarr.nearfuture`)" - - "traefik.http.routers.sonarr.entrypoints=web" - -networks: - proxy: - external: true - diff --git a/tautulli/compose.yml b/tautulli/compose.yml index 82c3d57..8e08c00 100644 --- a/tautulli/compose.yml +++ b/tautulli/compose.yml @@ -17,6 +17,7 @@ services: - "traefik.enable=true" - "traefik.http.routers.tautulli.rule=Host(`tautulli.nearfuture`)" - "traefik.http.routers.tautulli.entrypoints=web" + - "com.centurylinklabs.watchtower.scope=watch" networks: proxy: diff --git a/thelounge/compose.yml b/thelounge/compose.yml new file mode 100644 index 0000000..a65af20 --- /dev/null +++ b/thelounge/compose.yml @@ -0,0 +1,25 @@ +services: + thelounge: + image: lscr.io/linuxserver/thelounge:latest + container_name: thelounge + environment: + - PUID=1029 + - PGID=1000 + - TZ=Etc/UTC + volumes: + - /home/fejy/docker/thelounge/config:/config + ports: + - 9000:9000 + restart: unless-stopped + networks: + - proxy + labels: + - "traefik.enable=true" + - "traefik.http.routers.thelounge.rule=Host(`thelounge.nearfuture`)" + - "traefik.http.routers.thelounge.entrypoints=web" + - "com.centurylinklabs.watchtower.scope=watch" + +networks: + proxy: + external: true + diff --git a/traefik/compose.yml b/traefik/compose.yml index d15bb8d..dc5ba76 100644 --- a/traefik/compose.yml +++ b/traefik/compose.yml @@ -28,6 +28,7 @@ services: - "traefik.http.routers.api.rule=Host(`traefik.nearfuture`)" - "traefik.http.routers.api.entrypoints=web" - "traefik.http.services.api.loadbalancer.server.port=8080 # The port value doesn't matter" + - "com.centurylinklabs.watchtower.scope=watch" networks: proxy: diff --git a/wastebin/compose.yml b/wastebin/compose.yml deleted file mode 100644 index 835e4ec..0000000 --- a/wastebin/compose.yml +++ /dev/null @@ -1,23 +0,0 @@ -services: - wastebin: - image: 'quxfoo/wastebin:latest' - container_name: wastebin - environment: - - WASTEBIN_DATABASE_PATH=/data/state.db - user: "1029:1000" - ports: - - "9020:8088" - volumes: - - '/home/fejy/docker/wastebin:/data' - labels: - - "traefik.enable=true" - - "traefik.http.routers.bin.rule=Host(`bin.nearfuture`)" - - "traefik.http.routers.bin.entrypoints=web" - - networks: - - proxy - -networks: - proxy: - external: true - diff --git a/watchtower/compose.yml b/watchtower/compose.yml new file mode 100644 index 0000000..30a2aad --- /dev/null +++ b/watchtower/compose.yml @@ -0,0 +1,12 @@ +version: '3' +services: + watchtower: + image: containrrr/watchtower + container_name: watchtower + #command: --run-once --scope watch + command: --cleanup=true --scope watch + restart: always + volumes: + - /var/run/docker.sock:/var/run/docker.sock + labels: [ "com.centurylinklabs.watchtower.scope=watch" ] + diff --git a/whisparr/compose.yml b/whisparr/compose.yml deleted file mode 100644 index 98dba7a..0000000 --- a/whisparr/compose.yml +++ /dev/null @@ -1,25 +0,0 @@ -services: - whisparr: - image: ghcr.io/thespad/whisparr:latest - container_name: whisparr - environment: - - PUID=1029 - - PGID=1000 - - TZ=Etc/UTC - volumes: - - /home/fejy/docker/whisparr:/config - - /mnt/LUXURIA/Private:/Private - ports: - - 6969:6969 - restart: unless-stopped - networks: - - proxy - labels: - - "traefik.enable=true" - - "traefik.http.routers.whisparr.rule=Host(`whisparr.nearfuture`)" - - "traefik.http.routers.whisparr.entrypoints=web" - -networks: - proxy: - external: true - -- 2.49.0