From fd083af6d3d364bd7a242bf5dd1d2fa1d7dc7faf Mon Sep 17 00:00:00 2001 From: debian Date: Fri, 19 Jul 2024 12:38:32 +0200 Subject: [PATCH] general update oon docker config --- docker-compose.yml | 24 ++++++++++-------- project/db/adminer/adminer.yml | 2 ++ project/db/lldap/lldap.yml | 5 +++- project/db/mariadb/mariadb.yml | 2 ++ project/db/pgadmin/pgadmin.yml | 2 ++ project/db/postgres/postgres.yml | 6 +++++ project/db/redis/redis.yml | 3 +++ project/infrastructure/authelia/authelia.yml | 4 ++- project/infrastructure/crowdsec/crowdsec.yml | 25 +++++-------------- project/infrastructure/homepage/homepage.yml | 2 ++ .../infrastructure/speedtest/speedtest.yml | 2 ++ .../infrastructure/syncthing/syncthing.yml | 3 +++ project/infrastructure/traefik/traefik.yml | 8 ++++++ .../uptime-kuma/uptime-kuma.yml | 16 +++++++++--- .../infrastructure/watchtower/watchtower.yml | 2 ++ .../media/audiobookshelf/audiobookshelf.yml | 4 ++- project/media/immich/immich.yml | 7 ++++-- project/media/prowlarr/prowlarr.yml | 4 ++- project/media/qbittorrent/qbittorrent.yml | 2 ++ project/media/readarr/readarr.yml | 4 ++- project/monitoring/dozzle/dozzle.yml | 2 ++ project/monitoring/grafana/grafana.yml | 2 ++ project/monitoring/prometheus/prometheus.yml | 2 ++ project/service/freshrss/freshrss.yml | 2 ++ project/service/gitea/gitea.yml | 5 ++-- .../service/home-assistant/home-assistant.yml | 4 ++- project/service/it-tools/it-tools.yml | 2 ++ .../jupyter-notebook/jupyter-notebook.yml | 2 ++ project/service/mealie/mealie.yml | 4 ++- .../service/paperless-ngx/paperless-ngx.yml | 2 ++ project/service/shlink/shlink.yml | 4 +++ project/service/sponsorblock/sponsorblock.yml | 2 ++ project/service/stirling-pdf/stirling-pdf.yml | 7 ++++-- project/service/vikunja/vikunja.yml | 4 ++- 34 files changed, 125 insertions(+), 46 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 7df772a..c6ceb1d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -40,8 +40,10 @@ include: env_file: ${MEDIA_PATH}/.env - path: + - ${SERVICE_PATH}/freshrss/freshrss.yml - ${SERVICE_PATH}/gitea/gitea.yml - ${SERVICE_PATH}/home-assistant/home-assistant.yml + - ${SERVICE_PATH}/home-assistant/ha-addon/ha-ewelink-addon.yml - ${SERVICE_PATH}/it-tools/it-tools.yml - ${SERVICE_PATH}/jupyter-notebook/jupyter-notebook.yml - ${SERVICE_PATH}/mealie/mealie.yml @@ -53,17 +55,19 @@ include: env_file: ${SERVICE_PATH}/.env networks: - private: + ip4net: driver: bridge - name: private - ipam: - config: - - subnet: 10.5.0.0/16 - gateway: 10.5.0.1 - public: - driver: bridge - name: public + name: ip4net ipam: config: - subnet: 10.6.0.0/16 - gateway: 10.6.0.1 \ No newline at end of file + ip6net: + driver: bridge + name: ip6net + enable_ipv6: true + ipam: + driver: default + # config: + # # - subnet: "2a04:ee41:86:9397::/64" + # - subnet: "2001:db8:2:/64" + # - gateway: "2001:db8:2::1" \ No newline at end of file diff --git a/project/db/adminer/adminer.yml b/project/db/adminer/adminer.yml index fe985e9..e14daba 100644 --- a/project/db/adminer/adminer.yml +++ b/project/db/adminer/adminer.yml @@ -7,6 +7,8 @@ services: container_name: adminer ports: - 8085:8080 + networks: + - ip4net labels: # Watchtower - "com.centurylinklabs.watchtower.enable=true" diff --git a/project/db/lldap/lldap.yml b/project/db/lldap/lldap.yml index 123d216..670872e 100644 --- a/project/db/lldap/lldap.yml +++ b/project/db/lldap/lldap.yml @@ -18,6 +18,9 @@ services: # - "6360:6360" # For the web front-end - "17170:17170" + networks: + - ip6net + - ip4net volumes: - "${DB_PATH}/lldap/data:/data" environment: @@ -43,4 +46,4 @@ services: - "traefik.http.services.lldap-service.loadbalancer.server.port=17170" - "traefik.http.services.lldap-service.loadbalancer.server.scheme=http" # middlewares - - "traefik.http.routers.lldap.middlewares=crowdsec-bouncer@file" \ No newline at end of file + # - "traefik.http.routers.lldap.middlewares=crowdsec-bouncer@file" \ No newline at end of file diff --git a/project/db/mariadb/mariadb.yml b/project/db/mariadb/mariadb.yml index c6d8467..17c9128 100644 --- a/project/db/mariadb/mariadb.yml +++ b/project/db/mariadb/mariadb.yml @@ -6,6 +6,8 @@ services: image: mariadb:latest container_name: mariadb command: --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci + networks: + - ip4net environment: MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD} volumes: diff --git a/project/db/pgadmin/pgadmin.yml b/project/db/pgadmin/pgadmin.yml index bae8f3a..00c2a0d 100644 --- a/project/db/pgadmin/pgadmin.yml +++ b/project/db/pgadmin/pgadmin.yml @@ -10,6 +10,8 @@ services: image: dpage/pgadmin4:latest ports: - 8082:80 + networks: + - ip4net secrets: [pgadmin_default_password] volumes: - ${DB_PATH}/pgadmin/data:/var/lib/pgadmin diff --git a/project/db/postgres/postgres.yml b/project/db/postgres/postgres.yml index 87832ca..ef01ba5 100644 --- a/project/db/postgres/postgres.yml +++ b/project/db/postgres/postgres.yml @@ -10,6 +10,9 @@ services: image: postgres:latest ports: - 5432:5432 + networks: + - ip4net + - ip6net secrets: [postgres_default_password] environment: POSTGRES_PASSWORD_FILE: /run/secrets/postgres_default_password @@ -32,6 +35,9 @@ services: image: tensorchord/pgvecto-rs:pg16-v0.2.1-alpha.2 ports: - 5433:5432 + networks: + - ip4net + - ip6net secrets: [postgres_default_password] environment: POSTGRES_PASSWORD_FILE: /run/secrets/postgres_default_password diff --git a/project/db/redis/redis.yml b/project/db/redis/redis.yml index 16d37de..df305b7 100644 --- a/project/db/redis/redis.yml +++ b/project/db/redis/redis.yml @@ -5,6 +5,9 @@ services: service: default container_name: redis image: redis:latest + networks: + - ip4net + - ip6net volumes: - ${DB_PATH}/redis/data:/data labels: diff --git a/project/infrastructure/authelia/authelia.yml b/project/infrastructure/authelia/authelia.yml index 643c29b..7df5f19 100644 --- a/project/infrastructure/authelia/authelia.yml +++ b/project/infrastructure/authelia/authelia.yml @@ -16,6 +16,8 @@ services: image: authelia/authelia:latest ports: - 9959:9959 # metrics prometheus + networks: + - ip6net expose: - 9091 secrets: [JWT_SECRET, SESSION_SECRET, STORAGE_PASSWORD, STORAGE_ENCRYPTION_KEY] @@ -40,4 +42,4 @@ services: - 'traefik.http.routers.authelia.service=authelia-svc' - 'traefik.http.services.authelia-svc.loadbalancer.server.port=9091' # Middleware - - "traefik.http.routers.authelia.middlewares=crowdsec-bouncer@file" \ No newline at end of file + #- "traefik.http.routers.authelia.middlewares=crowdsec-bouncer@file" \ No newline at end of file diff --git a/project/infrastructure/crowdsec/crowdsec.yml b/project/infrastructure/crowdsec/crowdsec.yml index 52448b8..893deff 100644 --- a/project/infrastructure/crowdsec/crowdsec.yml +++ b/project/infrastructure/crowdsec/crowdsec.yml @@ -6,34 +6,21 @@ services: container_name: crowdsec image: crowdsecurity/crowdsec:latest environment: - COLLECTIONS: "crowdsecurity/traefik crowdsecurity/http-cve" + COLLECTIONS: crowdsecurity/traefik crowdsecurity/appsec-virtual-patching crowdsecurity/appsec-generic-rules crowdsecurity/http-cve + CROWDSEC_BOUNCER_API_KEY: ${CROWDSEC_API_KEY} + CUSTOM_HOSTNAME: crowdsec expose: - 8080 ports: - 6060:6060 + networks: + - ip4net + - ip6net volumes: - ${INFRA_PATH}/crowdsec/data:/var/lib/crowdsec/data - ${INFRA_PATH}/crowdsec/config:/etc/crowdsec - /var/log/auth.log:/var/log/auth.log:ro - /var/log/crowdsec:/var/log/crowdsec:ro - labels: - # Watchtower - - "com.centurylinklabs.watchtower.enable=true" - - crowdsec-traefik-bouncer: - extends: - file: ${TEMPLATES_PATH} - service: default - image: fbonalair/traefik-crowdsec-bouncer:latest - container_name: bouncer-traefik - environment: - CROWDSEC_BOUNCER_API_KEY: ${CROWDSEC_API_KEY} - CROWDSEC_AGENT_HOST: crowdsec:8080 - GIN_MODE: release - expose: - - 8080 - depends_on: - - crowdsec labels: # Watchtower - "com.centurylinklabs.watchtower.enable=true" \ No newline at end of file diff --git a/project/infrastructure/homepage/homepage.yml b/project/infrastructure/homepage/homepage.yml index 12a4569..e06afbb 100644 --- a/project/infrastructure/homepage/homepage.yml +++ b/project/infrastructure/homepage/homepage.yml @@ -7,6 +7,8 @@ services: container_name: homepage ports: - 3030:3000 + networks: + - ip4net environment: HOMEPAGE_VAR_LOCAL_DOMAIN: ${LOCAL_DOMAIN} HOMEPAGE_VAR_PUBLIC_DOMAIN: ${PUBLIC_DOMAIN} diff --git a/project/infrastructure/speedtest/speedtest.yml b/project/infrastructure/speedtest/speedtest.yml index 833ec6c..45e60cc 100644 --- a/project/infrastructure/speedtest/speedtest.yml +++ b/project/infrastructure/speedtest/speedtest.yml @@ -18,6 +18,8 @@ services: #WEBPORT: 80 ports: - "4001:80" # webport mapping (host:container) + networks: + - ip4net labels: # Watchtower - "com.centurylinklabs.watchtower.enable=true" diff --git a/project/infrastructure/syncthing/syncthing.yml b/project/infrastructure/syncthing/syncthing.yml index a926bdf..fde4eb0 100644 --- a/project/infrastructure/syncthing/syncthing.yml +++ b/project/infrastructure/syncthing/syncthing.yml @@ -12,6 +12,9 @@ services: - 22000:22000/tcp # TCP file transfers - 22000:22000/udp # QUIC file transfers - 21027:21027/udp # Receive local discovery broadcasts + networks: + - ip4net + - ip6net labels: # Watchtower - "com.centurylinklabs.watchtower.enable=true" diff --git a/project/infrastructure/traefik/traefik.yml b/project/infrastructure/traefik/traefik.yml index 0daddd7..baac9c2 100644 --- a/project/infrastructure/traefik/traefik.yml +++ b/project/infrastructure/traefik/traefik.yml @@ -9,16 +9,22 @@ services: - "80:80" - "443:443" - "8079:8080" + networks: + - ip6net + - ip4net environment: TRAEFIK_LOCAL_DOMAIN: ${LOCAL_DOMAIN} TRAEFIK_PUBLIC_DOMAIN: ${PUBLIC_DOMAIN} TRAEFIK_AUTH_PUBLIC_DOMAIN: auth.${PUBLIC_DOMAIN} + TRAEFIK_CROWDSEC_API_KEY: ${CROWDSEC_API_KEY} volumes: - "/var/log/crowdsec/:/var/log/crowdsec/" - "/var/run/docker.sock:/var/run/docker.sock:ro" - "${INFRA_PATH}/traefik/letsencrypt:/letsencrypt" - "${INFRA_PATH}/traefik/config:/etc/traefik" - "${INFRA_PATH}/traefik/certs:/etc/certs" + - "${INFRA_PATH}/traefik/html/ban.html:/ban.html" + - "${INFRA_PATH}/traefik/html/captcha.html:/captcha.html" labels: # Watchtower - "com.centurylinklabs.watchtower.enable=true" @@ -35,6 +41,8 @@ services: service: default image: traefik/whoami:latest container_name: "traefik-whoami" + networks: + - ip4net labels: # Watchtower - "com.centurylinklabs.watchtower.enable=true" diff --git a/project/infrastructure/uptime-kuma/uptime-kuma.yml b/project/infrastructure/uptime-kuma/uptime-kuma.yml index b26eaa4..8c4844d 100644 --- a/project/infrastructure/uptime-kuma/uptime-kuma.yml +++ b/project/infrastructure/uptime-kuma/uptime-kuma.yml @@ -1,14 +1,24 @@ services: uptime-kuma: - extends: - file: ${TEMPLATES_PATH} - service: default + # not using the template because ncsd is not configured to support changing PUID/PGID + # https://github.com/louislam/uptime-kuma/issues/4743 + # extends: + # file: ${TEMPLATES_PATH} + # service: default image: louislam/uptime-kuma:latest container_name: uptime-kuma + restart: unless-stopped + security_opt: + - no-new-privileges=true + environment: + TZ: ${TZ} volumes: - ${INFRA_PATH}/uptime-kuma/config:/app/data ports: - 5001:3001 + networks: + - ip4net + - ip6net labels: # Watchtower - "com.centurylinklabs.watchtower.enable=true" diff --git a/project/infrastructure/watchtower/watchtower.yml b/project/infrastructure/watchtower/watchtower.yml index 410197d..55a866c 100644 --- a/project/infrastructure/watchtower/watchtower.yml +++ b/project/infrastructure/watchtower/watchtower.yml @@ -16,6 +16,8 @@ services: - WATCHTOWER_HTTP_API_PERIODIC_POLLS=true ports: - 7999:8080 + networks: + - ip4net volumes: # - ${INFRA_PATH}/watchtower/config:/config.json - /var/run/docker.sock:/var/run/docker.sock diff --git a/project/media/audiobookshelf/audiobookshelf.yml b/project/media/audiobookshelf/audiobookshelf.yml index 00bd075..5f04c8a 100644 --- a/project/media/audiobookshelf/audiobookshelf.yml +++ b/project/media/audiobookshelf/audiobookshelf.yml @@ -7,6 +7,8 @@ services: container_name: audiobookshelf ports: - 13378:80 + networks: + - ip6net volumes: # - ${AUDIOBOOKSHELF_EXTERNAL_PATH}/audiobooks:/audiobooks # - ${AUDIOBOOKSHELF_EXTERNAL_PATH}/podcasts:/podcasts @@ -23,4 +25,4 @@ services: - "traefik.http.routers.audiobookshelf.tls.certresolver=myresolver" - 'traefik.http.routers.audiobookshelf.tls=true' # Middlewares - - "traefik.http.routers.audiobookshelf.middlewares=crowdsec-bouncer@file" \ No newline at end of file + # - "traefik.http.routers.audiobookshelf.middlewares=crowdsec-bouncer@file" \ No newline at end of file diff --git a/project/media/immich/immich.yml b/project/media/immich/immich.yml index f7aa8ca..452285a 100644 --- a/project/media/immich/immich.yml +++ b/project/media/immich/immich.yml @@ -5,7 +5,6 @@ services: service: default container_name: immich_server image: ghcr.io/immich-app/immich-server:release - command: [ "start.sh", "immich" ] environment: DB_PASSWORD: ${IMMICH_DB_PASSWORD} DB_HOSTNAME: postgres-with-pg-vector @@ -18,6 +17,8 @@ services: - /etc/localtime:/etc/localtime:ro ports: - 2283:3001 + networks: + - ip6net labels: # Watchtower - "com.centurylinklabs.watchtower.enable=true" @@ -28,7 +29,7 @@ services: - "traefik.http.routers.immich-server.tls.certresolver=myresolver" - 'traefik.http.routers.immich-server.tls=true' # Middlewares - - "traefik.http.routers.immich-server.middlewares=crowdsec-bouncer@file" + # - "traefik.http.routers.immich-server.middlewares=crowdsec-bouncer@file" immich-microservices: extends: @@ -43,6 +44,8 @@ services: DB_USERNAME: immich DB_DATABASE_NAME: immich REDIS_HOSTNAME: redis + networks: + - ip6net volumes: - ${IMMICH_EXTERNAL_PATH}:/usr/src/app/external - ${MEDIA_PATH}/immich/data/library:/usr/src/app/upload diff --git a/project/media/prowlarr/prowlarr.yml b/project/media/prowlarr/prowlarr.yml index 2870cf0..18912f9 100644 --- a/project/media/prowlarr/prowlarr.yml +++ b/project/media/prowlarr/prowlarr.yml @@ -6,7 +6,9 @@ services: image: lscr.io/linuxserver/prowlarr:develop container_name: prowlarr ports: - - 2004:9696 + - 2004:9696 + networks: + - ip4net volumes: - ${MEDIA_PATH}/prowlarr/config:/config labels: diff --git a/project/media/qbittorrent/qbittorrent.yml b/project/media/qbittorrent/qbittorrent.yml index 258fbb3..3e83a6a 100644 --- a/project/media/qbittorrent/qbittorrent.yml +++ b/project/media/qbittorrent/qbittorrent.yml @@ -9,6 +9,8 @@ services: - 2002:2002 - 6881:6881 - 6881:6881/udp + networks: + - ip4net environment: - WEBUI_PORT=2002 - TORRENTING_PORT=6881 diff --git a/project/media/readarr/readarr.yml b/project/media/readarr/readarr.yml index e1c7de1..1423512 100644 --- a/project/media/readarr/readarr.yml +++ b/project/media/readarr/readarr.yml @@ -6,7 +6,9 @@ services: image: lscr.io/linuxserver/readarr:develop container_name: readarr ports: - - 2003:8787 + - 2003:8787 + networks: + - ip4net volumes: - ${MEDIA_PATH}/readarr/config:/config - ${MEDIA_PATH}/data:/data diff --git a/project/monitoring/dozzle/dozzle.yml b/project/monitoring/dozzle/dozzle.yml index 1aa5781..4e94c9b 100644 --- a/project/monitoring/dozzle/dozzle.yml +++ b/project/monitoring/dozzle/dozzle.yml @@ -7,6 +7,8 @@ services: image: amir20/dozzle:latest ports: - 8083:8080 + networks: + - ip4net volumes: - /var/run/docker.sock:/var/run/docker.sock labels: diff --git a/project/monitoring/grafana/grafana.yml b/project/monitoring/grafana/grafana.yml index 75187e0..7f2dd03 100644 --- a/project/monitoring/grafana/grafana.yml +++ b/project/monitoring/grafana/grafana.yml @@ -7,6 +7,8 @@ services: image: grafana/grafana-oss:latest ports: - 8090:3000 + networks: + - ip4net volumes: - ${MONITORING_PATH}/grafana/data:/var/lib/grafana labels: diff --git a/project/monitoring/prometheus/prometheus.yml b/project/monitoring/prometheus/prometheus.yml index 42da98d..65c5eea 100644 --- a/project/monitoring/prometheus/prometheus.yml +++ b/project/monitoring/prometheus/prometheus.yml @@ -7,6 +7,8 @@ services: image: prom/prometheus:latest ports: - 9090:9090 + networks: + - ip4net volumes: - ${MONITORING_PATH}/prometheus/config:/etc/prometheus labels: diff --git a/project/service/freshrss/freshrss.yml b/project/service/freshrss/freshrss.yml index f62a5f6..62c89a6 100644 --- a/project/service/freshrss/freshrss.yml +++ b/project/service/freshrss/freshrss.yml @@ -7,6 +7,8 @@ services: container_name: freshrss ports: - 4014:80 + networks: + - ip4net volumes: - ${SERVICE_PATH}/freshrss/data:/var/www/FreshRSS/data - ${SERVICE_PATH}/freshrss/extensions:/var/www/FreshRSS/extensions diff --git a/project/service/gitea/gitea.yml b/project/service/gitea/gitea.yml index a02e3f3..5b22356 100644 --- a/project/service/gitea/gitea.yml +++ b/project/service/gitea/gitea.yml @@ -32,6 +32,8 @@ services: - /etc/localtime:/etc/localtime:ro ports: - 2001:22 + networks: + - ip6net expose: - 4002 labels: @@ -45,6 +47,5 @@ services: - "traefik.http.routers.gitea.tls=true" - "traefik.http.routers.gitea.service=gitea-service" - "traefik.http.services.gitea-service.loadbalancer.server.port=4002" - # Middlewares - - "traefik.http.routers.gitea.middlewares=crowdsec-bouncer@file" \ No newline at end of file + # - "traefik.http.routers.gitea.middlewares=crowdsec-bouncer@file" \ No newline at end of file diff --git a/project/service/home-assistant/home-assistant.yml b/project/service/home-assistant/home-assistant.yml index b5aaf24..613780f 100644 --- a/project/service/home-assistant/home-assistant.yml +++ b/project/service/home-assistant/home-assistant.yml @@ -5,8 +5,10 @@ services: service: default image: ghcr.io/home-assistant/home-assistant:stable container_name: home-assistant + networks: + - ip4net ports: - - 4012:8123 + - 4012:8123 volumes: - ${SERVICE_PATH}/home-assistant/config:/config - /etc/localtime:/etc/localtime:ro diff --git a/project/service/it-tools/it-tools.yml b/project/service/it-tools/it-tools.yml index 464bd0d..4991034 100644 --- a/project/service/it-tools/it-tools.yml +++ b/project/service/it-tools/it-tools.yml @@ -7,6 +7,8 @@ services: container_name: it-tools ports: - '4007:80' + networks: + - ip4net labels: # Watchtower - "com.centurylinklabs.watchtower.enable=true" diff --git a/project/service/jupyter-notebook/jupyter-notebook.yml b/project/service/jupyter-notebook/jupyter-notebook.yml index 0e04ea6..3750d0a 100644 --- a/project/service/jupyter-notebook/jupyter-notebook.yml +++ b/project/service/jupyter-notebook/jupyter-notebook.yml @@ -9,6 +9,8 @@ services: - ${SERVICE_PATH}/jupyter-notebook/data:/home/jovyan/work ports: - 4013:8888 # Web UI + networks: + - ip4net labels: # Watchtower - "com.centurylinklabs.watchtower.enable=true" diff --git a/project/service/mealie/mealie.yml b/project/service/mealie/mealie.yml index ab986c3..4c993dc 100644 --- a/project/service/mealie/mealie.yml +++ b/project/service/mealie/mealie.yml @@ -7,6 +7,8 @@ services: container_name: mealie ports: - "4006:9000" + networks: + - ip6net volumes: - ${SERVICE_PATH}/mealie/data:/app/data/ environment: @@ -41,4 +43,4 @@ services: - "traefik.http.routers.mealie.tls.certresolver=myresolver" - "traefik.http.routers.mealie.tls=true" # Middlewares - - "traefik.http.routers.mealie.middlewares=crowdsec-bouncer@file" \ No newline at end of file + # - "traefik.http.routers.mealie.middlewares=crowdsec-bouncer@file" \ No newline at end of file diff --git a/project/service/paperless-ngx/paperless-ngx.yml b/project/service/paperless-ngx/paperless-ngx.yml index ba0e722..4739316 100644 --- a/project/service/paperless-ngx/paperless-ngx.yml +++ b/project/service/paperless-ngx/paperless-ngx.yml @@ -7,6 +7,8 @@ services: container_name: paperless-ngx ports: - "4009:8000" + networks: + - ip4net volumes: - ${EXTERNAL_STORAGE}/paperless-ngx/data:/usr/src/paperless/data - ${EXTERNAL_STORAGE}/paperless-ngx/media:/usr/src/paperless/media diff --git a/project/service/shlink/shlink.yml b/project/service/shlink/shlink.yml index 91085e3..9e2de33 100644 --- a/project/service/shlink/shlink.yml +++ b/project/service/shlink/shlink.yml @@ -7,6 +7,8 @@ services: container_name: shlink-backend ports: - '4004:8080' + networks: + - ip6net volumes: - ${SERVICE_PATH}/shlink/data:/usr/share/tesseract-ocr/4.00/tessdata #Required for extra OCR languages - ${SERVICE_PATH}/shlink/config:/configs @@ -41,6 +43,8 @@ services: container_name: shlink-frontend ports: - '4005:8080' + networks: + - ip6net environment: SHLINK_SERVER_URL: https://shlink.${PUBLIC_DOMAIN} SHLINK_SERVER_API_KEY: ${SHLINK_SERVER_API_KEY} diff --git a/project/service/sponsorblock/sponsorblock.yml b/project/service/sponsorblock/sponsorblock.yml index f476509..0302664 100644 --- a/project/service/sponsorblock/sponsorblock.yml +++ b/project/service/sponsorblock/sponsorblock.yml @@ -5,5 +5,7 @@ services: service: default image: ghcr.io/dmunozv04/isponsorblocktv container_name: sponsorblock + networks: + - ip4net volumes: - ${SERVICE_PATH}/sponsorblock/data:/app/data \ No newline at end of file diff --git a/project/service/stirling-pdf/stirling-pdf.yml b/project/service/stirling-pdf/stirling-pdf.yml index d89df99..553847f 100644 --- a/project/service/stirling-pdf/stirling-pdf.yml +++ b/project/service/stirling-pdf/stirling-pdf.yml @@ -7,10 +7,12 @@ services: container_name: stirling-pdf ports: - '4003:8080' + networks: + - ip6net volumes: - ${SERVICE_PATH}/stirling-pdf/data:/usr/share/tesseract-ocr/4.00/tessdata #Required for extra OCR languages - ${SERVICE_PATH}/stirling-pdf/config:/configs -# - /location/of/customFiles:/customFiles/ + # - /location/of/customFiles:/customFiles/ labels: # Watchtower - "com.centurylinklabs.watchtower.enable=true" @@ -21,4 +23,5 @@ services: - "traefik.http.routers.stirling-pdf.tls.certresolver=myresolver" - "traefik.http.routers.stirling-pdf.tls=true" # Middlewares - - "traefik.http.routers.stirling-pdf.middlewares=crowdsec-bouncer@file,authelia@file" \ No newline at end of file + # - "traefik.http.routers.stirling-pdf.middlewares=crowdsec-bouncer@file, authelia@file" + - "traefik.http.routers.stirling-pdf.middlewares=authelia@file" \ No newline at end of file diff --git a/project/service/vikunja/vikunja.yml b/project/service/vikunja/vikunja.yml index a03f92b..9ebd466 100644 --- a/project/service/vikunja/vikunja.yml +++ b/project/service/vikunja/vikunja.yml @@ -17,6 +17,8 @@ services: VIKUNJA_DATABASE_DATABASE: vikunja VIKUNJA_SERVICE_JWTSECRET: /run/secrets/vikunja_jwt_secret VIKUNJA_SERVICE_PUBLICURL: https://vikunja.${PUBLIC_DOMAIN} + networks: + - ip6net volumes: - ${SERVICE_PATH}/vikunja/data:/app/vikunja/files - ${SERVICE_PATH}/vikunja/config:/etc/vikunja @@ -30,4 +32,4 @@ services: - "traefik.http.routers.vikunja.tls.certresolver=myresolver" - 'traefik.http.routers.vikunja.tls=true' # Middlewares - - "traefik.http.routers.vikunja.middlewares=crowdsec-bouncer@file" \ No newline at end of file + # - "traefik.http.routers.vikunja.middlewares=crowdsec-bouncer@file" \ No newline at end of file