homeserver/opt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add docker compose files

Browse Source
This commit is contained in:
Rik Veenboer
2024-11-14 14:10:22 +01:00
commit 749e9898e2
34 changed files with 717 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
docker-compose.authentik.yml Normal file
View File

@@ -0,0 +1,80 @@
services:
authentik-postgresql:
image: docker.io/library/postgres:16-alpine
container_name: authentik-postgresql
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
volumes:
- /opt/authentik/database:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: ${PG_PASS}
POSTGRES_USER: ${PG_USER:-authentik}
POSTGRES_DB: ${PG_DB:-authentik}
env_file:
- /opt/authentik/.env
authentik-redis:
image: docker.io/library/redis:alpine
container_name: authentik-redis
command: --save 60 1 --loglevel warning
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
volumes:
- /opt/authentik/redis:/data
authentik-server:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.10.1}
container_name: authentik-server
restart: unless-stopped
command: server
environment:
AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY}
AUTHENTIK_REDIS__HOST: authentik-redis
AUTHENTIK_POSTGRESQL__HOST: authentik-postgresql
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
volumes:
- /opt/authentik/media:/media
- /opt/authentik/templates:/templates
env_file:
- /opt/authentik/.env
ports:
- "${COMPOSE_PORT_HTTP:-9000}:9000"
- "${COMPOSE_PORT_HTTPS:-9443}:9443"
depends_on:
- authentik-postgresql
- authentik-redis
extra_hosts:
- host:192.168.2.200
authentik-worker:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.10.1}
container_name: authentik-worker
restart: unless-stopped
command: worker
environment:
AUTHENTIK_REDIS__HOST: authentik-redis
AUTHENTIK_POSTGRESQL__HOST: authentik-postgresql
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
volumes:
- /opt/authentik/media:/media
- /opt/authentik/certs:/certs
- /opt/authentik/templates:/templates
env_file:
- /opt/authentik/.env
depends_on:
- authentik-postgresql
- authentik-redis

17
docker-compose.bazarr.yml Normal file
View File

@@ -0,0 +1,17 @@
services:
bazarr:
container_name: bazarr
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Amsterdam
extra_hosts:
- host:192.168.2.200
image: linuxserver/bazarr:1.4.2
ports:
- 16767:6767
restart: unless-stopped
volumes:
- /opt/bazarr:/config
- /mnt/yotta/krypton/Movies:/movies
- /mnt/yotta/krypton/Shows:/tv

20
docker-compose.borgmatic.yml Normal file
View File

@@ -0,0 +1,20 @@
services:
borgmatic:
container_name: borgmatic
environment:
- TZ=Europe/Amsterdam
- BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK=yes
image: b3vis/borgmatic:v1.1.10-1.4.21
privileged: true
restart: unless-stopped
volumes:
- /opt/borgmatic/config/crontab.txt:/etc/borgmatic.d/crontab.txt
- /opt/borgmatic/config:/config
- /opt/borgmatic/keys:/keys
- /opt/borgmatic/cache:/cache
- /opt/borgmatic/log:/log
- /root/.ssh:/root/.ssh
- /mnt/yotta/xenon/borg:/repo
- /mnt/yotta/xenon/manual:/manual
- /:/shuttle
- /dev/fuse:/dev/fuse

21
docker-compose.caddy.yml Normal file
View File

@@ -0,0 +1,21 @@
services:
caddy:
build:
context: /opt/caddy/
container_name: caddy
depends_on:
- nginx
environment:
- AWS_ACCESS_KEY_ID="${AWS_ACCESS_KEY_ID:?}"
- AWS_SECRET_ACCESS_KEY="${AWS_SECRET_ACCESS_KEY:?}"
image: caddy
links:
- nginx
ports:
- 444:443
restart: unless-stopped
volumes:
- /opt/caddy/Caddyfile:/etc/caddy/Caddyfile
- /opt/caddy/data:/data
extra_hosts:
- host:192.168.2.200

20
docker-compose.dns-ad-blocker.yml Normal file
View File

@@ -0,0 +1,20 @@
services:
dns-ad-blocker:
container_name: dns-ad-blocker
environment:
- AUTO_UPDATE=1
- BRANCH=master
- DNSCRYPT=1
- DNSCRYPT_PROVIDER_NAME=2.dnscrypt-cert.ns0.dnscrypt.nl
- DNSCRYPT_RESOLVER_ADDR=45.76.35.212
- DNSCRYPT_PROVIDER_KEY=4C84:FB8C:0511:5DFA:5F97:C5ED:0329:1370:C78A:BCD6:4E15:DD53:AB08:DE72:FB84:4ACA
- WHITELIST=api.segment.io,www.googleapis.com,analytics.google.com
image: oznu/dns-ad-blocker:latest
ports:
- 192.168.2.201:53:53/udp
restart: unless-stopped
volumes:
- /opt/dns-ad-blocker/config:/config
- /opt/dns-ad-blocker/run:/etc/services.d/dnsmasq/run
- /opt/dns-ad-blocker/var/log:/var/log
- /opt/dns-ad-blocker/dnsmasq.hosts:/etc/dnsmasq.hosts

10
docker-compose.droppy.yml Normal file
View File

@@ -0,0 +1,10 @@
services:
droppy:
container_name: droppy
image: silverwind/droppy:11.1.0
ports:
- 8989:8989
restart: unless-stopped
volumes:
- /opt/droppy:/config
- /media/scratch/droppy:/files

29
docker-compose.dsmr.yml Normal file
View File

@@ -0,0 +1,29 @@
services:
dsmr:
container_name: dsmr
depends_on:
- dsmrdb
- influxdb
environment:
- DSMRREADER_ADMIN_USER="${DSMRREADER_USER:?}"
- DSMRREADER_ADMIN_PASSWORD="${DSMRREADER_PASSWORD:?}"
image: xirixiz/dsmr-reader-docker:5.10.3-2023.04.02
links:
- dsmrdb:dsmrreader
ports:
- 8888:80
restart: unless-stopped
volumes:
- /opt/dsmr/backups:/home/dsmr/app/backups
dsmrdb:
container_name: dsmrdb
environment:
- POSTGRES_DB="${DSMRDB_DATABASE:?}"
- POSTGRES_USER="${DSMRDB_USER:?}"
- POSTGRES_PASSWORD="${DSMRDB_PASSWORD:?}"
image: postgres:13.7
ports:
- 5432:5432
restart: unless-stopped
volumes:
- /opt/dsmr/data:/var/lib/postgresql/data

10
docker-compose.esphome.yml Normal file
View File

@@ -0,0 +1,10 @@
services:
esphome:
container_name: esphome
image: esphome/esphome:2022.12.8
network_mode: host
restart: unless-stopped
volumes:
- /opt/esphome:/config:rw
- /opt/esphome/log:/log:rw
- /etc/localtime:/etc/localtime:ro

14
docker-compose.filebrowser.yml Normal file
View File

@@ -0,0 +1,14 @@
services:
filebrowser:
container_name: filebrowser
image: filebrowser/filebrowser:v2.1.0
ports:
- 8002:80
restart: unless-stopped
volumes:
- /opt/filebrowser/.filebrowser.json:/.filebrowser.json
- /opt/filebrowser/database.db:/database.db
- /mnt/yotta/helium/personal:/host/media/Personal
- /mnt/yotta/helium/shared:/host/media/Shared
- /mnt/yotta/neon:/host/media/Other
- /mnt/yotta/krypton:/host/media/Video

9
docker-compose.grafana.yml Normal file
View File

@@ -0,0 +1,9 @@
services:
grafana:
container_name: grafana
image: grafana/grafana:9.0.2
ports:
- 3333:3000
restart: unless-stopped
volumes:
- /opt/grafana:/var/lib/grafana

14
docker-compose.homarr.yml Normal file
View File

@@ -0,0 +1,14 @@
services:
homarr:
container_name: homarr
environment:
- TZ=Europe/Amsterdam
image: ghcr.io/ajnart/homarr:0.15.2
ports:
- 17575:7575
restart: unless-stopped
volumes:
- /opt/homarr/data:/data
- /opt/homarr/configs:/app/data/configs
- /opt/homarr/icons:/app/public/icons
- /var/run/docker.sock:/var/run/docker.sock

10
docker-compose.homeassistant.yml Normal file
View File

@@ -0,0 +1,10 @@
services:
homeassistant:
container_name: homeassistant
image: homeassistant/home-assistant:2024.10
network_mode: host
privileged: true
restart: unless-stopped
volumes:
- /opt/homeassistant:/config
- /etc/localtime:/etc/localtime:ro

10
docker-compose.influxdb.yml Normal file
View File

@@ -0,0 +1,10 @@
services:
influxdb:
container_name: influxdb
image: influxdb:2.3.0
ports:
- 8086:8086
restart: unless-stopped
volumes:
- /mnt/mezzo/scratch/influxdb:/var/lib/influxdb2
- /opt/gw2pvo:/opt/gw2pvo

16
docker-compose.jackett.yml Normal file
View File

@@ -0,0 +1,16 @@
services:
jackett:
container_name: jackett
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Amsterdam
external_links:
- transmission
- qbittorrent
image: linuxserver/jackett:0.20.216
ports:
- 9117:9117
restart: unless-stopped
volumes:
- /opt/jackett:/config

19
docker-compose.jellyfin.yml Normal file
View File

@@ -0,0 +1,19 @@
services:
jellyfin:
container_name: jellyfin
devices:
- /dev/dri/renderD128:/dev/dri/renderD128
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Amsterdam
image: linuxserver/jellyfin:10.10.1
ports:
- 8097:8097
restart: unless-stopped
volumes:
- /opt/jellyfin/config:/config
- /opt/cache:/cache
- /mnt/yotta/krypton/Movies:/host/srv/movies
- /mnt/yotta/krypton/Shows:/host/srv/shows
- /mnt/yotta/neon/Music/Albums:/host/srv/music

11
docker-compose.jellyseerr.yml Normal file
View File

@@ -0,0 +1,11 @@
services:
jellyseerr:
container_name: jellyseerr
environment:
- TZ=Europe/Amsterdam
image: fallenbagel/jellyseerr:1.5.0
ports:
- 15055:5055
restart: unless-stopped
volumes:
- /opt/jellyseerr:/app/config

10
docker-compose.lighttpd.yml Normal file
View File

@@ -0,0 +1,10 @@
services:
lighttpd:
container_name: lighttpd
image: sebp/lighttpd:1.4.64-r0
ports:
- 80:80
restart: unless-stopped
tty: true
volumes:
- /home/user/www:/var/www/localhost/htdocs

21
docker-compose.minio.yml Normal file
View File

@@ -0,0 +1,21 @@
services:
minio:
command: server /data --console-address ":9001"
container_name: minio
environment:
- MINIO_ROOT_USER="${MINIO_ROOT_USER:?}
- MINIO_ROOT_PASSWORD="${MINIO_ROOT_PASSWORD:?}
healthcheck:
interval: 30s
retries: 3
test:
- CMD
- curl
- -f
- http://localhost:9000/minio/health/live
timeout: 20s
image: minio/minio
ports:
- 9000:9000
- 9001:9001
restart: unless-stopped

12
docker-compose.mosquitto.yml Normal file
View File

@@ -0,0 +1,12 @@
services:
mosquitto:
container_name: mosquitto
image: eclipse-mosquitto:2.0.15
ports:
- 1883:1883
- 1884:1884
restart: unless-stopped
volumes:
- /opt/mosquitto/config:/mosquitto/config
- /opt/mosquitto/data:/mosquitto/data
- /opt/mosquitto/log:/mosquitto/log

15
docker-compose.nginx.yml Normal file
View File

@@ -0,0 +1,15 @@
services:
nginx:
container_name: nginx
extra_hosts:
- host:192.168.2.200
image: nginx:1.25.4
ports:
- 20080:80
restart: unless-stopped
volumes:
- /opt/nginx/etc/.htpasswd:/host/etc/.htpasswd
- /opt/nginx/etc/nginx/conf:/etc/nginx/conf
- /opt/nginx/etc/nginx/conf.d:/etc/nginx/conf.d
- /opt/nginx/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
- /opt/nginx/var/log/nginx:/var/log/nginx

16
docker-compose.openvpn-server.yml Normal file
View File

@@ -0,0 +1,16 @@
services:
openvpn-server:
cap_add:
- NET_ADMIN
container_name: openvpn-server
extra_hosts:
- host:192.168.2.200
image: kylemanna/openvpn:2.4
network_mode: bridge
ports:
- 443:443
privileged: true
restart: unless-stopped
volumes:
- /opt/openvpn-server:/etc/openvpn
- /opt/openvpn-server/logrotate.d/openvpn:/etc/logrotate.d/openvpn

13
docker-compose.pgadmin.yml Normal file
View File

@@ -0,0 +1,13 @@
services:
pgadmin:
container_name: pgadmin
environment:
- PGADMIN_DEFAULT_EMAIL="${PGADMIN_EMAIL:?}"
- PGADMIN_DEFAULT_PASSWORD=${PGADMIN_PASSWORD:?}"
image: dpage/pgadmin4:7.5
ports:
- 5050:80
restart: unless-stopped
volumes:
- /opt/pgadmin/var:/var/lib/pgadmin
- /opt/pgadmin/log:/var/log/pgadmin

55
docker-compose.photoprism.yml Normal file
View File

@@ -0,0 +1,55 @@
services:
photoprism:
container_name: photoprism
devices:
- /dev/dri:/dev/dri
environment:
- PHOTOPRISM_ADMIN_PASSWORD="${PHOTOPRISM_ADMIN_PASSWORD:?}"
- PHOTOPRISM_AUTH_MODE=password
- PHOTOPRISM_SITE_URL=http://localhost:2342/
- PHOTOPRISM_ORIGINALS_LIMIT=5000
- PHOTOPRISM_HTTP_COMPRESSION=gzip
- PHOTOPRISM_LOG_LEVEL=info
- PHOTOPRISM_READONLY=true
- PHOTOPRISM_EXPERIMENTAL=false
- PHOTOPRISM_DISABLE_CHOWN=true
- PHOTOPRISM_DISABLE_WEBDAV=true
- PHOTOPRISM_DISABLE_SETTINGS=false
- PHOTOPRISM_DISABLE_TENSORFLOW=false
- PHOTOPRISM_DISABLE_FACES=false
- PHOTOPRISM_DISABLE_CLASSIFICATION=false
- PHOTOPRISM_DISABLE_RAW=true
- PHOTOPRISM_RAW_PRESETS=false
- PHOTOPRISM_JPEG_QUALITY=85
- PHOTOPRISM_DETECT_NSFW=false
- PHOTOPRISM_UPLOAD_NSFW=true
- PHOTOPRISM_DATABASE_DRIVER=sqlite
- PHOTOPRISM_UID=1000
- PHOTOPRISM_GID=1000
image: photoprism/photoprism:230719
ports:
- 2342:2342
restart: unless-stopped
security_opt:
- seccomp:unconfined
- apparmor:unconfined
volumes:
- /opt/photoprism:/photoprism/storage
- /opt/photoprism/originals:/photoprism/originals/
- /mnt/yotta/radon/photoprism:/photoprism/storage/cache
- /mnt/yotta/helium/shared/Photographs/Vakantie/Peter + Monique + Rik + Bram/Denemarken
2022:/photoprism/originals/Shared/Vakantie/Peter + Monique + Rik + Bram/Denemarken
2022
- /mnt/yotta/helium/shared/Photographs/Vakantie/Familie/Ierland 2022:/photoprism/originals/Shared/Vakantie/Familie/Ierland
2022
- /mnt/yotta/helium/shared/Photographs/Vakantie/Peter + Monique + Rik + Bram/Schotland
2022:/photoprism/originals/Shared/Vakantie/Peter + Monique + Rik + Bram/Schotland
2022
- /mnt/yotta/helium/shared/Photographs/Vakantie/Bram + Rik + Sanne/Kroatie
2023:/photoprism/originals/Shared/Vakantie/Bram + Rik + Sanne/Kroatie
2023
- /mnt/yotta/helium/shared/Photographs/Vakantie/Peter + Monique + Rik + Bram/Zweden
2023:/photoprism/originals/Vakantie/Peter + Monique + Rik + Bram/Zweden
2023
- /mnt/yotta/helium/shared/Photographs/Vakantie/Bram + Rik/Athene 2023:/photoprism/originals/Vakantie/Bram
+ Rik/Athene 2023

13
docker-compose.postgis.yml Normal file
View File

@@ -0,0 +1,13 @@
services:
postgis:
container_name: postgis
environment:
- POSTGRES_DB="${POSTGIS_DATABASE:?}"
- POSTGRES_USER="${POSTGIS_USER:?}"
- POSTGRES_PASSWORD="${POSTGIS_PASSWORD:?}"
image: postgis/postgis:14-3.2
ports:
- 7654:5432
restart: unless-stopped
volumes:
- /opt/postgis:/var/lib/postgresql/data

16
docker-compose.qbittorrent.yml Normal file
View File

@@ -0,0 +1,16 @@
services:
qbittorrent:
container_name: qbittorrent
image: linuxserver/qbittorrent:5.0.1
depends_on:
- surfshark
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Amsterdam
- WEBUI_PORT=9092
network_mode: service:surfshark
restart: unless-stopped
volumes:
- /opt/qbittorrent:/config
- /media/scratch/qbittorrent:/downloads

22
docker-compose.radarr.yml Normal file
View File

@@ -0,0 +1,22 @@
services:
radarr:
container_name: radarr
image: linuxserver/radarr:5.14.0
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Amsterdam
external_links:
- transmission
- qbittorrent
extra_hosts:
- transmission:192.168.2.200
- qbittorrent:192.168.2.200
ports:
- 17878:7878
restart: unless-stopped
volumes:
- /opt/radarr:/config
- /media/scratch/transmission:/downloads/transmission
- /media/scratch/qbittorrent:/downloads/qbittorrent
- /mnt/yotta/krypton/Movies:/movies

14
docker-compose.rsnapshot.yml Normal file
View File

@@ -0,0 +1,14 @@
services:
rsnapshot:
container_name: rsnapshot
image: linuxserver/rsnapshot:1.4.4
restart: unless-stopped
volumes:
- /opt/rsnapshot/etc:/etc/rsnapshot
- /opt/rsnapshot/var/log:/var/log
- /opt/rsnapshot/var/run:/var/run
- /opt/rsnapshot/var/spool:/var/spool
- /opt/rsnapshot/usr:/host/usr
- /opt/host_aliases:/host/etc/host_aliases
- /mnt/yotta/xenon/rsnapshot:/host/scratch
- /root/.ssh:/root/.ssh

14
docker-compose.seafile.yml Normal file
View File

@@ -0,0 +1,14 @@
services:
seafile:
container_name: seafile
environment:
- MODE=autorun
image: gronis/seafile:10.0.1
ports:
- 8100:8000
- 8180:8080
- 8182:8082
restart: unless-stopped
volumes:
- /opt/seafile:/seafile
- /media/sync/seafile:/seafile/seafile-data

19
docker-compose.sonarr.yml Normal file
View File

@@ -0,0 +1,19 @@
services:
sonarr:
image: linuxserver/sonarr:4.0.10
container_name: sonarr
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Amsterdam
external_links:
- transmission
extra_hosts:
- transmission:192.168.2.200
ports:
- 18989:8989
restart: unless-stopped
volumes:
- /opt/sonarr:/config
- /media/scratch/transmission:/downloads
- /mnt/yotta/krypton/Shows:/tv

24
docker-compose.surfshark.yml Normal file
View File

@@ -0,0 +1,24 @@
services:
surfshark:
cap_add:
- NET_ADMIN
container_name: surfshark
devices:
- /dev/net/tun
dns:
- 1.1.1.1
environment:
- SURFSHARK_USER=${SURFSHARK_USER:?}
- SURFSHARK_PASSWORD=${SURFSHARK_PASSWORD:?}
- SURFSHARK_COUNTRY=nl
- SURFSHARK_CITY=ams
- CONNECTION_TYPE=udp
- LAN_NETWORK=
image: ilteoood/docker-surfshark:1.7.2
ports:
- 1080:1080
- 9091:9091
- 9092:9092
- 6881:6881
- 6881:6881/udp
restart: unless-stopped

12
docker-compose.timescaledb.yml Normal file
View File

@@ -0,0 +1,12 @@
services:
timescaledb:
container_name: timescaledb
environment:
- POSTGRES_USER="${TIMESCALEDB_USER:?}"
- POSTGRES_PASSWORD="${TIMESCALEDB_PASSWORD:?}"
image: timescale/timescaledb:2.7.1-pg14
ports:
- 6543:5432
restart: unless-stopped
volumes:
- /mnt/mezzo/scratch/timescaledb:/var/lib/postgresql/data

16
docker-compose.transmission.yml Normal file
View File

@@ -0,0 +1,16 @@
services:
transmission:
container_name: transmission
image: linuxserver/transmission:4.0.6
depends_on:
- surfshark
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Amsterdam
network_mode: service:surfshark
restart: unless-stopped
volumes:
- /opt/transmission:/config
- /media/scratch/torrents:/watch
- /media/scratch/transmission:/downloads

58
docker-compose.vouch.yml Normal file
View File

@@ -0,0 +1,58 @@
services:
vouch:
image: quay.io/vouch/vouch-proxy:alpine-0.41.0
container_name: vouch
ports:
- 9090:9090
environment:
# Google
# - OAUTH_PROVIDER=google
# - OAUTH_CLIENT_ID=889676430308-ivr6b4fmneivn70ri2ugm1gkbgoh5qdq.apps.googleusercontent.com
# - OAUTH_CLIENT_SECRET=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
# - https://www.googleapis.com/oauth2/v3/userinfo
# Google
# - OAUTH_PROVIDER=oidc
# - OAUTH_CLIENT_ID=889676430308-ivr6b4fmneivn70ri2ugm1gkbgoh5qdq.apps.googleusercontent.com
# - OAUTH_CLIENT_SECRET=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
# - OAUTH_AUTH_URL=https://accounts.google.com/o/oauth2/auth
# - OAUTH_TOKEN_URL=https://accounts.google.com/o/oauth2/token
# - OAUTH_USER_INFO_URL=https://www.googleapis.com/oauth2/v3/userinfo
# Amazon
# - OAUTH_PROVIDER=oidc
# - OAUTH_CLIENT_ID=793k18vvmiooosv5j4dd0bkqi
# - OAUTH_CLIENT_SECRET=ccpsr589kufadbmi7ac6kgi3gaftc4cqkm3pi627tsidmbsk1lj
# - OAUTH_AUTH_URL=https://veenboer.auth.eu-central-1.amazoncognito.com/oauth2/authorize
# - OAUTH_TOKEN_URL=https://veenboer.auth.eu-central-1.amazoncognito.com/oauth2/token
# - OAUTH_USER_INFO_URL=https://veenboer.auth.eu-central-1.amazoncognito.com/oauth2/userInfo
# Microsoft
# - OAUTH_PROVIDER=oidc
# - OAUTH_CLIENT_ID=2483d0ed-95a1-4ca1-ae72-a79ca6defd96
# - OAUTH_CLIENT_SECRET=x8V8Q~vklpp75~xwMRzAuNa4NQ7K8gNEAAsx-cTZ
# - OAUTH_AUTH_URL=https://login.microsoftonline.com/common/oauth2/v2.0/authorize
# - OAUTH_TOKEN_URL=https://login.microsoftonline.com/common/oauth2/v2.0/token
# - OAUTH_USER_INFO_URL=https://graph.microsoft.com/oidc/userinfo
# Authentik
- OAUTH_PROVIDER=oidc
- OAUTH_CLIENT_ID=MJJ44TzracJ8J24xVsUvO12KvAbzxiev9G0t9sYl
- OAUTH_CLIENT_SECRET=vrUGfNfqzooKujOyvTLDZffOTakEgNeCIlILaBU2aF9QtaDHJWaYVY3MLGlkF2jlFFn4W0a1eSJcZpJMxojO4i7U6b9CqbdTr5Al2LvK3FQnFbViUn2MN0qKibv8VVO1
- OAUTH_AUTH_URL=https://authentik.rik.veenboer.xyz/application/o/authorize/
- OAUTH_TOKEN_URL=https://authentik.rik.veenboer.xyz/application/o/token/
- OAUTH_USER_INFO_URL=https://authentik.rik.veenboer.xyz/application/o/userinfo/
# General
- OAUTH_CALLBACK_URL=https://vouch.rik.veenboer.xyz/auth
- OAUTH_SCOPES=openid,profile,email
- VOUCH_COOKIE_DOMAIN=veenboer.xyz
- VOUCH_ALLOWALLUSERS=true
- VOUCH_HEADERS_CLAIMS=email,preferred_username
# Unused
# - VOUCH_COOKIE_SECURE=false
# - VOUCH_HEADERS_CLAIMS=sub,name,email
# - OAUTH_CLAIMS=sub,name,email
# - VOUCH_HEADERS_IDTOKEN=X-Vouch-IdP-IdToken
restart: unless-stopped

57
docker-compose.yml Normal file
View File

@@ -0,0 +1,57 @@
include:
# Web
- docker-compose.caddy.yml
- docker-compose.lighttpd.yml
- docker-compose.nginx.yml
# Authentication
- docker-compose.authentik.yml
- docker-compose.vouch.yml
# Other
- docker-compose.homarr.yml
- docker-compose.homeassistant.yml
- docker-compose.grafana.yml
- docker-compose.photoprism.yml
# Download
- docker-compose.jackett.yml
- docker-compose.transmission.yml
- docker-compose.qbittorrent.yml
# Media
- docker-compose.radarr.yml
- docker-compose.sonarr.yml
- docker-compose.bazarr.yml
- docker-compose.jellyseerr.yml
- docker-compose.jellyfin.yml
# Networking
- docker-compose.surfshark.yml
- docker-compose.openvpn-server.yml
- docker-compose.dns-ad-blocker.yml
# Backup
- docker-compose.rsnapshot.yml
- docker-compose.borgmatic.yml
# Sensors
- docker-compose.dsmr.yml
- docker-compose.esphome.yml
- docker-compose.mosquitto.yml
# Storage
- docker-compose.seafile.yml
- docker-compose.filebrowser.yml
- docker-compose.droppy.yml
- docker-compose.minio.yml
# Database
- docker-compose.pgadmin.yml
- docker-compose.postgis.yml
- docker-compose.timescaledb.yml
- docker-compose.influxdb.yml
networks:
vpn:
driver: bridge