117 lines
3.4 KiB
YAML
117 lines
3.4 KiB
YAML
x-dockge:
|
|
urls:
|
|
- https://auth.${DOMAIN}
|
|
|
|
services:
|
|
|
|
duckdns:
|
|
image: lscr.io/linuxserver/duckdns:latest
|
|
container_name: duckdns
|
|
restart: unless-stopped
|
|
environment:
|
|
- PUID=${PUID:-1000}
|
|
- PGID=${PGID:-1000}
|
|
- TZ=${TZ}
|
|
- SUBDOMAINS=${DUCKDNS_SUBDOMAINS}
|
|
- TOKEN=${DUCKDNS_TOKEN}
|
|
volumes:
|
|
- ./duckdns/config:/config
|
|
networks:
|
|
- traefik-network
|
|
|
|
traefik:
|
|
image: traefik:v3
|
|
container_name: traefik
|
|
restart: unless-stopped
|
|
command: ["--configFile=/config/traefik.yml"]
|
|
environment:
|
|
- DUCKDNS_TOKEN=${DUCKDNS_TOKEN}
|
|
ports:
|
|
- 80:80
|
|
- 443:443
|
|
- 8080:8080
|
|
volumes:
|
|
- ./traefik/config:/config
|
|
- ./traefik/letsencrypt:/letsencrypt
|
|
- ./traefik/dynamic:/dynamic
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
networks:
|
|
- traefik-network
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.traefik.rule=Host(`traefik.${DOMAIN}`)"
|
|
- "traefik.http.routers.traefik.entrypoints=websecure"
|
|
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
|
|
- "traefik.http.routers.traefik.middlewares=authelia@docker"
|
|
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
|
|
- "homelab.category=dashboards"
|
|
- "homelab.description=Personal dashboard and service overview"
|
|
- "x-dockge.url=https://traefik.${DOMAIN}"
|
|
|
|
authelia:
|
|
image: authelia/authelia:latest
|
|
container_name: authelia
|
|
restart: unless-stopped
|
|
environment:
|
|
- TZ=${TZ}
|
|
volumes:
|
|
- ./authelia/config:/config
|
|
- ./authelia/secrets:/secrets
|
|
networks:
|
|
- traefik-network
|
|
depends_on:
|
|
- traefik
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.authelia.rule=Host(`auth.${DOMAIN}`)
|
|
- traefik.http.routers.authelia.entrypoints=websecure
|
|
- traefik.http.routers.authelia.tls.certresolver=letsencrypt
|
|
- traefik.http.routers.authelia.service=authelia
|
|
- traefik.http.services.authelia.loadbalancer.server.port=9091
|
|
- traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.${DOMAIN}/
|
|
- traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=X-Secret
|
|
- traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true
|
|
- x-dockge.url=https://auth.${DOMAIN}
|
|
|
|
dockerproxy:
|
|
image: tecnativa/docker-socket-proxy:latest
|
|
container_name: dockerproxy
|
|
privileged: true
|
|
restart: unless-stopped
|
|
ports:
|
|
- 2375:2375
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
environment:
|
|
- CONTAINERS=1
|
|
- SERVICES=1
|
|
- TASKS=1
|
|
- NETWORKS=1
|
|
- NODES=1
|
|
labels:
|
|
- homelab.category=infrastructure
|
|
- homelab.description=Docker socket proxy for security
|
|
|
|
# Sablier - Lazy loading service for Docker containers
|
|
sablier-service:
|
|
image: sablierapp/sablier:latest
|
|
container_name: sablier-service
|
|
restart: unless-stopped
|
|
networks:
|
|
- traefik-network
|
|
environment:
|
|
- SABLIER_PROVIDER=docker
|
|
- SABLIER_DOCKER_API_VERSION=1.53
|
|
- SABLIER_DOCKER_NETWORK=traefik-network
|
|
- SABLIER_LOG_LEVEL=debug
|
|
- DOCKER_HOST=tcp://192.168.4.11:2375
|
|
ports:
|
|
- 10000:10000
|
|
labels:
|
|
- homelab.category=infrastructure
|
|
- homelab.description=Lazy loading service for Docker containers
|
|
|
|
networks:
|
|
traefik-network:
|
|
external: true
|