Updated docker-compose files for use with Docker Caddy

Defined top level name for all services Added proxy-net to services Updated main service/server container service name to "app" Updated hostname references to projectname-app-1 Updated docker Caddy caddyfile to reference container names Updated docker Caddy caddyfile to use 192.168.1.234 instead of localhost for non-docker services Adjusted caddyfile accordingly
2025-01-12 23:37:59 -08:00
parent 342559c8eb
commit 28c734c1d2
14 changed files with 119 additions and 61 deletions
--- a/actual-server/docker-compose.yml
+++ b/actual-server/docker-compose.yml
@@ -1,6 +1,9 @@
 name: actual-server
 services:
-  actual_server:
+  app:
    image: docker.io/actualbudget/actual-server:latest
    networks:
      - proxy-net
    ports:
      # This line makes Actual available at port 5006 of the device you run the server on,
      # i.e. http://localhost:5006. You can change the first number to change the port, if you want.
@@ -21,3 +24,7 @@ services:
      # '/data' is the path Actual will look for its files in by default, so leave that as-is.
      - ./data:/data
    restart: unless-stopped
 networks:
  proxy-net:
    external: true
--- a/authelia/docker-compose.yml
+++ b/authelia/docker-compose.yml
@@ -1,6 +1,6 @@
-name: "authelia"
+name: authelia
 services:
-  authelia:
+  app:
    image: authelia/authelia:latest
    restart: unless-stopped
    depends_on:
@@ -25,9 +25,9 @@ services:
      AUTHELIA_AUTHENTICATION_BACKEND_FILE_PATH: /run/secrets/users_database
      AUTHELIA_TOTP_ISSUER: tremendousturtle.tools
      AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: deny
-      AUTHELIA_SESSION_REDIS_HOST: redis
+      AUTHELIA_SESSION_REDIS_HOST: authelia-redis-1
      AUTHELIA_SESSION_REDIS_PORT: 6379
-      AUTHELIA_STORAGE_POSTGRES_ADDRESS: tcp://database:5432
+      AUTHELIA_STORAGE_POSTGRES_ADDRESS: tcp://authelia-database-1:5432
      AUTHELIA_STORAGE_POSTGRES_DATABASE: authelia
      AUTHELIA_STORAGE_POSTGRES_USERNAME: authelia
      AUTHELIA_NOTIFIER_SMTP_ADDRESS: submissions://smtp.mailgun.org:465
--- a/authentik/docker-compose.yml
+++ b/authentik/docker-compose.yml
@@ -1,6 +1,6 @@
 name: authentik
 services:
-  postgresql:
+  db:
    image: docker.io/library/postgres:16-alpine
    restart: unless-stopped
    healthcheck:
@@ -29,13 +29,13 @@ services:
      timeout: 3s
    volumes:
      - redis:/data
-  server:
+  app:
    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.12.2}
    restart: unless-stopped
    command: server
    environment:
-      AUTHENTIK_REDIS__HOST: redis
+      AUTHENTIK_REDIS__HOST: authentik-redis-1
-      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__HOST: authentik-db-1
      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
@@ -60,8 +60,8 @@ services:
    restart: unless-stopped
    command: worker
    environment:
-      AUTHENTIK_REDIS__HOST: redis
+      AUTHENTIK_REDIS__HOST: authentik-redis-1
-      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__HOST: authentik-db-1
      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
--- a/caddy/Caddyfile
+++ b/caddy/Caddyfile
@@ -26,7 +26,7 @@
 	}
 }
 (secure) {
-	forward_auth {args[0]} authelia:9091 {
+	forward_auth {args[0]} authelia-app-1:9091 {
 		uri /api/authz/forward-auth
 		copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
 	}
@@ -54,7 +54,15 @@
 		import ttt-log {args[0]}
 		import tls
 		import secure *
-		import ttt-proxy {args[0]} {args[1]}
+		import ttt-proxy {args[0]}-app-1 {args[1]}
 	}
 }
 (ttt-app-local) {
 	{args[0]}.tremendousturtle.tools {
 		import ttt-log {args[0]}
 		import tls
 		import secure *
 		import ttt-proxy 192.168.1.234 {args[1]}
 	}
 }
 (ttt-app-alt) {
@@ -74,45 +82,33 @@ tremendousturtle.tools {
 auth.tremendousturtle.tools {
 	import tls
-	reverse_proxy 127.0.0.1:9091
+	reverse_proxy authelia-app-1:9091
 }
 authentik.tremendousturtle.tools {
 	import tls
-	reverse_proxy 127.0.0.1:9000
+	reverse_proxy authentik-app-1:9000
 }
 # Define code.tremendousturtle.tools
-import ttt-app code 8020
+# Locally hosted non-docker apps (proxies to 192.168.1.234 instead of localhost)
 import ttt-app-local code 8020
 import ttt-app-local pihole 1080
 import ttt-app-local sonarr 8989
 import ttt-app-local radarr 7878
 import ttt-app-local prowlarr 9696
 import ttt-app-local cockpit 9090
 # Docker apps with same subdomain as docker compose project name
 import ttt-app frigate 8971
 import ttt-app pihole 1080
 import ttt-app stash 9999
 import ttt-app sonarr 8989
 import ttt-app radarr 7878
 import ttt-app overseerr 5055
 import ttt-app prowlarr 9696
 import ttt-app openobserve 5080
 import ttt-app cockpit 9090
 import ttt-app budget 5006
 import ttt-app gitea 3000
 import ttt-app trilium 8040
 import ttt-app notes 8040
 import ttt-app-alt pihole1 192.168.1.116 80
 import ttt-app homepage 3001
-
+# Alternate configuration (different subdomain and docker compose project name)
 import ttt-app-alt budget actual-server-app-1 5006
 import ttt-app-alt trilium triliumnext-notes-app-1 8040
 import ttt-app-alt notes triliumnext-notes-app-1 8040
 import ttt-app-alt stash stashapp-app-1 9999
 import ttt-app-alt pihole1 192.168.1.116 80
--- a/caddy/docker-compose.yml
+++ b/caddy/docker-compose.yml
@@ -1,6 +1,6 @@
 name: caddy
 services:
-  caddy:
+  app:
    build: .
    restart: unless-stopped
    networks:
--- a/frigate/docker-compose.yml
+++ b/frigate/docker-compose.yml
@@ -1,6 +1,6 @@
 name: frigate
 services:
-  frigate:
+  app:
    container_name: frigate
    restart: unless-stopped
    image: ghcr.io/blakeblackshear/frigate:stable
    shm_size: "250mb"
@@ -17,6 +17,8 @@ services:
        target: /tmp/cache
        tmpfs:
          size: 4000000000
    networks:
      - proxy-net
    ports:
      - "8971:8971"
      - "8554:8554" # RTSP feeds
@@ -32,5 +34,9 @@ services:
      - homepage.href=https://frigate.tremendousturtle.tools/
      - homepage.description=Camera Surveillance
      - homepage.widget.type=frigate
-      - homepage.widget.url=http://192.168.1.234:5000
+      - homepage.widget.url=http://frigate-app-1:5000
      - homepage.widget.enableRecentEvents=true
 networks:
  proxy-net:
    external: true
--- a/gitea/docker-compose.yml
+++ b/gitea/docker-compose.yml
@@ -1,22 +1,26 @@
 networks:
  gitea:
    external: false
  proxy-net:
    external: true
 name: gitea
 services:
-  server:
+  app:
    image: gitea/gitea:latest
    environment:
      USER_UID: 141
      USER_GID: 150
      GITEA__database__DB_TYPE: postgres
-      GITEA__database__HOST: db:5432
+      GITEA__database__HOST: gitea-db-1:5432
      GITEA__database__NAME: ${GITEA_DB_NAME}
      GITEA__database__USER: ${GITEA_DB_USER}
      GITEA__database__PASSWD__FILE: /run/secrets/postgres_pass
      GITEA__server__SSH_AUTHORIZED_KEYS_COMMAND_TEMPLATE: gitea --config={{.CustomConf}} serv key-{{.Key.ID}}
-    restart: always
+    restart: unless-stopped
    networks:
      - gitea
      - proxy-net
    volumes:
      - ./data/gitea:/data
      - /home/git/.ssh/:/data/git/.ssh
@@ -32,7 +36,7 @@ services:
  db:
    image: postgres:14
-    restart: always
+    restart: unless-stopped
    environment:
      POSTGRES_USER: ${GITEA_DB_USER}
      POSTGRES_PASSWORD_FILE: /run/secrets/postgres_pass
--- a/homepage/docker-compose.yml
+++ b/homepage/docker-compose.yml
@@ -6,6 +6,9 @@ services:
      - dockerproxy
    environment:
      DOCKER_TEMPLATE_CREATED: true
    networks:
      - proxy-net
      - default
    ports:
      - "3001:3000"
    restart: unless-stopped
@@ -23,4 +26,8 @@ services:
      - "127.0.0.1:2375:2375"
    restart: unless-stopped
    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock:ro # Mounted as read-only
+      - /var/run/docker.sock:/var/run/docker.sock:ro # Mounted as read-only
 networks:
  proxy-net:
    external: true
--- a/openobserve/docker-compose.yml
+++ b/openobserve/docker-compose.yml
@@ -16,6 +16,9 @@ services:
    restart: unless-stopped
    depends_on:
      - db
    networks:
      - proxy-net
      - default
    ports:
      - "5080:5080"
      - "5514:5514"
@@ -31,6 +34,10 @@ services:
      - ./data/openobserve:/data
      - ./data/stream:/stream
 networks:
  proxy-net:
    external: true
 secrets:
  postgres_pass:
    file: ./secrets/POSTGRES_PASS
--- a/orbital-sync/docker-compose.yml
+++ b/orbital-sync/docker-compose.yml
@@ -1,6 +1,10 @@
 name: orbital-sync
 services:
-  orbital-sync:
+  app:
    image: mattwebbio/orbital-sync:1
    restart: unless-stopped
    networks:
      - proxy-net
    environment:
      PRIMARY_HOST_BASE_URL: 'http://192.168.1.234:1080'
      PRIMARY_HOST_PASSWORD: ""
@@ -8,3 +12,7 @@ services:
      SECONDARY_HOSTS_1_PASSWORD: 'e8JBq59!pwM6Ppj'
      INTERVAL_MINUTES: 60
      VERBOSE: true
 networks:
  proxy-net:
    external: true
--- a/overseerr/docker-compose.yml
+++ b/overseerr/docker-compose.yml
@@ -1,14 +1,20 @@
 name: overseerr
 services:
-  overseerr:
+  app:
    image: sctx/overseerr:latest
    container_name: overseerr
    user: '115'
    environment:
      - LOG_LEVEL=debug
      - TZ=America/Los_Angeles
    networks:
      - proxy-net
    ports:
-      - 5055:5055
+      - "5055:5055"
    volumes:
      - ./data:/app/config
      - ./config/settings.json:/app/config/settings.json
    restart: unless-stopped
 networks:
  proxy-net:
    external: true
--- a/requestrr/docker-compose.yml
+++ b/requestrr/docker-compose.yml
@@ -1,11 +1,16 @@
 name: requestrr
 services:
-  requestrr:
+  app:
    image: thomst08/requestrr
-    hostname: requestrr
+    networks:
-    container_name: requestrr
+      - proxy-net
    ports:
-    - 4545:4545
+    - "4545:4545"
    volumes:
    - ./config:/root/config
    - ./data/tmp:/root/config/tmp
    restart: unless-stopped
 networks:
  proxy-net:
    external: true
--- a/stashapp/docker-compose.yml
+++ b/stashapp/docker-compose.yml
@@ -1,11 +1,13 @@
 # APPNICENAME=Stash
 # APPDESCRIPTION=An organizer for your porn, written in Go
 name: stashapp
 services:
-  stash:
+  app:
    image: stashapp/stash:latest
    container_name: stash
    restart: unless-stopped
    ## the container's port must be the same with the STASH_PORT in the environment section
    networks:
      - proxy-net
    ports:
      - "9999:9999"
    ## If you intend to use stash's DLNA functionality uncomment the below network mode and comment out the above ports section
@@ -49,3 +51,7 @@ services:
      - ./data/db:/db
      ## Where to store generated content (screenshots,previews,transcodes,sprites)
      - /media/stashapp/generated:/generated
 networks:
  proxy-net:
    external: true
--- a/triliumnext-notes/docker-compose.yml
+++ b/triliumnext-notes/docker-compose.yml
@@ -6,9 +6,15 @@ services:
    volumes:
      - ./data:/home/node/trilium-data
      - ./config:/home/node/trilium-config
    networks:
      - proxy-net
    ports:
      - "127.0.0.1:8040:8080"
    environment:
      USER_UID: 1000
      USER_GID: 1000
-      TRILIUM_CONFIG_INI_PATH: /home/node/trilium-config/config.ini
+      TRILIUM_CONFIG_INI_PATH: /home/node/trilium-config/config.ini
 networks:
  proxy-net:
    external: true