From 28c734c1d2e585e85b1540502651aad0a7f11ed4 Mon Sep 17 00:00:00 2001 From: Chris King Date: Sun, 12 Jan 2025 23:37:59 -0800 Subject: [PATCH] Updated docker-compose files for use with Docker Caddy Defined top level name for all services Added proxy-net to services Updated main service/server container service name to "app" Updated hostname references to projectname-app-1 Updated docker Caddy caddyfile to reference container names Updated docker Caddy caddyfile to use 192.168.1.234 instead of localhost for non-docker services Adjusted caddyfile accordingly --- actual-server/docker-compose.yml | 9 ++++- authelia/docker-compose.yml | 8 ++-- authentik/docker-compose.yml | 12 +++--- caddy/Caddyfile | 56 +++++++++++++--------------- caddy/docker-compose.yml | 2 +- frigate/docker-compose.yml | 12 ++++-- gitea/docker-compose.yml | 12 ++++-- homepage/docker-compose.yml | 9 ++++- openobserve/docker-compose.yml | 7 ++++ orbital-sync/docker-compose.yml | 10 ++++- overseerr/docker-compose.yml | 12 ++++-- requestrr/docker-compose.yml | 13 +++++-- stashapp/docker-compose.yml | 10 ++++- triliumnext-notes/docker-compose.yml | 8 +++- 14 files changed, 119 insertions(+), 61 deletions(-) diff --git a/actual-server/docker-compose.yml b/actual-server/docker-compose.yml index 770e1f1..2c8961e 100644 --- a/actual-server/docker-compose.yml +++ b/actual-server/docker-compose.yml @@ -1,6 +1,9 @@ +name: actual-server services: - actual_server: + app: image: docker.io/actualbudget/actual-server:latest + networks: + - proxy-net ports: # This line makes Actual available at port 5006 of the device you run the server on, # i.e. http://localhost:5006. You can change the first number to change the port, if you want. @@ -21,3 +24,7 @@ services: # '/data' is the path Actual will look for its files in by default, so leave that as-is. - ./data:/data restart: unless-stopped + +networks: + proxy-net: + external: true \ No newline at end of file diff --git a/authelia/docker-compose.yml b/authelia/docker-compose.yml index 9822fee..9f8fe71 100644 --- a/authelia/docker-compose.yml +++ b/authelia/docker-compose.yml @@ -1,6 +1,6 @@ -name: "authelia" +name: authelia services: - authelia: + app: image: authelia/authelia:latest restart: unless-stopped depends_on: @@ -25,9 +25,9 @@ services: AUTHELIA_AUTHENTICATION_BACKEND_FILE_PATH: /run/secrets/users_database AUTHELIA_TOTP_ISSUER: tremendousturtle.tools AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: deny - AUTHELIA_SESSION_REDIS_HOST: redis + AUTHELIA_SESSION_REDIS_HOST: authelia-redis-1 AUTHELIA_SESSION_REDIS_PORT: 6379 - AUTHELIA_STORAGE_POSTGRES_ADDRESS: tcp://database:5432 + AUTHELIA_STORAGE_POSTGRES_ADDRESS: tcp://authelia-database-1:5432 AUTHELIA_STORAGE_POSTGRES_DATABASE: authelia AUTHELIA_STORAGE_POSTGRES_USERNAME: authelia AUTHELIA_NOTIFIER_SMTP_ADDRESS: submissions://smtp.mailgun.org:465 diff --git a/authentik/docker-compose.yml b/authentik/docker-compose.yml index 1c22957..909c27e 100644 --- a/authentik/docker-compose.yml +++ b/authentik/docker-compose.yml @@ -1,6 +1,6 @@ name: authentik services: - postgresql: + db: image: docker.io/library/postgres:16-alpine restart: unless-stopped healthcheck: @@ -29,13 +29,13 @@ services: timeout: 3s volumes: - redis:/data - server: + app: image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.12.2} restart: unless-stopped command: server environment: - AUTHENTIK_REDIS__HOST: redis - AUTHENTIK_POSTGRESQL__HOST: postgresql + AUTHENTIK_REDIS__HOST: authentik-redis-1 + AUTHENTIK_POSTGRESQL__HOST: authentik-db-1 AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} @@ -60,8 +60,8 @@ services: restart: unless-stopped command: worker environment: - AUTHENTIK_REDIS__HOST: redis - AUTHENTIK_POSTGRESQL__HOST: postgresql + AUTHENTIK_REDIS__HOST: authentik-redis-1 + AUTHENTIK_POSTGRESQL__HOST: authentik-db-1 AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} diff --git a/caddy/Caddyfile b/caddy/Caddyfile index 4e6ce07..56fbd46 100644 --- a/caddy/Caddyfile +++ b/caddy/Caddyfile @@ -26,7 +26,7 @@ } } (secure) { - forward_auth {args[0]} authelia:9091 { + forward_auth {args[0]} authelia-app-1:9091 { uri /api/authz/forward-auth copy_headers Remote-User Remote-Groups Remote-Name Remote-Email } @@ -54,7 +54,15 @@ import ttt-log {args[0]} import tls import secure * - import ttt-proxy {args[0]} {args[1]} + import ttt-proxy {args[0]}-app-1 {args[1]} + } +} +(ttt-app-local) { + {args[0]}.tremendousturtle.tools { + import ttt-log {args[0]} + import tls + import secure * + import ttt-proxy 192.168.1.234 {args[1]} } } (ttt-app-alt) { @@ -74,45 +82,33 @@ tremendousturtle.tools { auth.tremendousturtle.tools { import tls - reverse_proxy 127.0.0.1:9091 + reverse_proxy authelia-app-1:9091 } authentik.tremendousturtle.tools { import tls - reverse_proxy 127.0.0.1:9000 + reverse_proxy authentik-app-1:9000 } # Define code.tremendousturtle.tools -import ttt-app code 8020 +# Locally hosted non-docker apps (proxies to 192.168.1.234 instead of localhost) +import ttt-app-local code 8020 +import ttt-app-local pihole 1080 +import ttt-app-local sonarr 8989 +import ttt-app-local radarr 7878 +import ttt-app-local prowlarr 9696 +import ttt-app-local cockpit 9090 +# Docker apps with same subdomain as docker compose project name import ttt-app frigate 8971 - -import ttt-app pihole 1080 - -import ttt-app stash 9999 - -import ttt-app sonarr 8989 - -import ttt-app radarr 7878 - import ttt-app overseerr 5055 - -import ttt-app prowlarr 9696 - import ttt-app openobserve 5080 - -import ttt-app cockpit 9090 - -import ttt-app budget 5006 - import ttt-app gitea 3000 - -import ttt-app trilium 8040 - -import ttt-app notes 8040 - -import ttt-app-alt pihole1 192.168.1.116 80 - import ttt-app homepage 3001 - +# Alternate configuration (different subdomain and docker compose project name) +import ttt-app-alt budget actual-server-app-1 5006 +import ttt-app-alt trilium triliumnext-notes-app-1 8040 +import ttt-app-alt notes triliumnext-notes-app-1 8040 +import ttt-app-alt stash stashapp-app-1 9999 +import ttt-app-alt pihole1 192.168.1.116 80 diff --git a/caddy/docker-compose.yml b/caddy/docker-compose.yml index 26c7c16..46e08b8 100644 --- a/caddy/docker-compose.yml +++ b/caddy/docker-compose.yml @@ -1,6 +1,6 @@ name: caddy services: - caddy: + app: build: . restart: unless-stopped networks: diff --git a/frigate/docker-compose.yml b/frigate/docker-compose.yml index 3a9bcf4..94ecf91 100644 --- a/frigate/docker-compose.yml +++ b/frigate/docker-compose.yml @@ -1,6 +1,6 @@ +name: frigate services: - frigate: - container_name: frigate + app: restart: unless-stopped image: ghcr.io/blakeblackshear/frigate:stable shm_size: "250mb" @@ -17,6 +17,8 @@ services: target: /tmp/cache tmpfs: size: 4000000000 + networks: + - proxy-net ports: - "8971:8971" - "8554:8554" # RTSP feeds @@ -32,5 +34,9 @@ services: - homepage.href=https://frigate.tremendousturtle.tools/ - homepage.description=Camera Surveillance - homepage.widget.type=frigate - - homepage.widget.url=http://192.168.1.234:5000 + - homepage.widget.url=http://frigate-app-1:5000 - homepage.widget.enableRecentEvents=true + +networks: + proxy-net: + external: true diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index cc7e559..b32d5c9 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -1,22 +1,26 @@ networks: gitea: external: false + proxy-net: + external: true +name: gitea services: - server: + app: image: gitea/gitea:latest environment: USER_UID: 141 USER_GID: 150 GITEA__database__DB_TYPE: postgres - GITEA__database__HOST: db:5432 + GITEA__database__HOST: gitea-db-1:5432 GITEA__database__NAME: ${GITEA_DB_NAME} GITEA__database__USER: ${GITEA_DB_USER} GITEA__database__PASSWD__FILE: /run/secrets/postgres_pass GITEA__server__SSH_AUTHORIZED_KEYS_COMMAND_TEMPLATE: gitea --config={{.CustomConf}} serv key-{{.Key.ID}} - restart: always + restart: unless-stopped networks: - gitea + - proxy-net volumes: - ./data/gitea:/data - /home/git/.ssh/:/data/git/.ssh @@ -32,7 +36,7 @@ services: db: image: postgres:14 - restart: always + restart: unless-stopped environment: POSTGRES_USER: ${GITEA_DB_USER} POSTGRES_PASSWORD_FILE: /run/secrets/postgres_pass diff --git a/homepage/docker-compose.yml b/homepage/docker-compose.yml index baf2690..3e604bf 100644 --- a/homepage/docker-compose.yml +++ b/homepage/docker-compose.yml @@ -6,6 +6,9 @@ services: - dockerproxy environment: DOCKER_TEMPLATE_CREATED: true + networks: + - proxy-net + - default ports: - "3001:3000" restart: unless-stopped @@ -23,4 +26,8 @@ services: - "127.0.0.1:2375:2375" restart: unless-stopped volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro # Mounted as read-only \ No newline at end of file + - /var/run/docker.sock:/var/run/docker.sock:ro # Mounted as read-only + +networks: + proxy-net: + external: true \ No newline at end of file diff --git a/openobserve/docker-compose.yml b/openobserve/docker-compose.yml index 03e65ed..e157bfa 100644 --- a/openobserve/docker-compose.yml +++ b/openobserve/docker-compose.yml @@ -16,6 +16,9 @@ services: restart: unless-stopped depends_on: - db + networks: + - proxy-net + - default ports: - "5080:5080" - "5514:5514" @@ -31,6 +34,10 @@ services: - ./data/openobserve:/data - ./data/stream:/stream +networks: + proxy-net: + external: true + secrets: postgres_pass: file: ./secrets/POSTGRES_PASS diff --git a/orbital-sync/docker-compose.yml b/orbital-sync/docker-compose.yml index 2cd97d4..7db6d72 100644 --- a/orbital-sync/docker-compose.yml +++ b/orbital-sync/docker-compose.yml @@ -1,6 +1,10 @@ +name: orbital-sync services: - orbital-sync: + app: image: mattwebbio/orbital-sync:1 + restart: unless-stopped + networks: + - proxy-net environment: PRIMARY_HOST_BASE_URL: 'http://192.168.1.234:1080' PRIMARY_HOST_PASSWORD: "" @@ -8,3 +12,7 @@ services: SECONDARY_HOSTS_1_PASSWORD: 'e8JBq59!pwM6Ppj' INTERVAL_MINUTES: 60 VERBOSE: true + +networks: + proxy-net: + external: true \ No newline at end of file diff --git a/overseerr/docker-compose.yml b/overseerr/docker-compose.yml index c56b91c..53f08a7 100644 --- a/overseerr/docker-compose.yml +++ b/overseerr/docker-compose.yml @@ -1,14 +1,20 @@ +name: overseerr services: - overseerr: + app: image: sctx/overseerr:latest - container_name: overseerr user: '115' environment: - LOG_LEVEL=debug - TZ=America/Los_Angeles + networks: + - proxy-net ports: - - 5055:5055 + - "5055:5055" volumes: - ./data:/app/config - ./config/settings.json:/app/config/settings.json restart: unless-stopped + +networks: + proxy-net: + external: true diff --git a/requestrr/docker-compose.yml b/requestrr/docker-compose.yml index 640889e..e62c8b4 100644 --- a/requestrr/docker-compose.yml +++ b/requestrr/docker-compose.yml @@ -1,11 +1,16 @@ +name: requestrr services: - requestrr: + app: image: thomst08/requestrr - hostname: requestrr - container_name: requestrr + networks: + - proxy-net ports: - - 4545:4545 + - "4545:4545" volumes: - ./config:/root/config - ./data/tmp:/root/config/tmp restart: unless-stopped + +networks: + proxy-net: + external: true \ No newline at end of file diff --git a/stashapp/docker-compose.yml b/stashapp/docker-compose.yml index ec27a6d..e50317d 100644 --- a/stashapp/docker-compose.yml +++ b/stashapp/docker-compose.yml @@ -1,11 +1,13 @@ # APPNICENAME=Stash # APPDESCRIPTION=An organizer for your porn, written in Go +name: stashapp services: - stash: + app: image: stashapp/stash:latest - container_name: stash restart: unless-stopped ## the container's port must be the same with the STASH_PORT in the environment section + networks: + - proxy-net ports: - "9999:9999" ## If you intend to use stash's DLNA functionality uncomment the below network mode and comment out the above ports section @@ -49,3 +51,7 @@ services: - ./data/db:/db ## Where to store generated content (screenshots,previews,transcodes,sprites) - /media/stashapp/generated:/generated + +networks: + proxy-net: + external: true \ No newline at end of file diff --git a/triliumnext-notes/docker-compose.yml b/triliumnext-notes/docker-compose.yml index 00d7322..459e82f 100644 --- a/triliumnext-notes/docker-compose.yml +++ b/triliumnext-notes/docker-compose.yml @@ -6,9 +6,15 @@ services: volumes: - ./data:/home/node/trilium-data - ./config:/home/node/trilium-config + networks: + - proxy-net ports: - "127.0.0.1:8040:8080" environment: USER_UID: 1000 USER_GID: 1000 - TRILIUM_CONFIG_INI_PATH: /home/node/trilium-config/config.ini \ No newline at end of file + TRILIUM_CONFIG_INI_PATH: /home/node/trilium-config/config.ini + +networks: + proxy-net: + external: true \ No newline at end of file