Skip to content

Instantly share code, notes, and snippets.

@IosifZ

IosifZ/docker-compose.yml

Last active January 28, 2024 13:52
Show Gist options
  • Save IosifZ/f85ce274e02692bea100aa0f75e422e9 to your computer and use it in GitHub Desktop.
Save IosifZ/f85ce274e02692bea100aa0f75e422e9 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
docker-compose.yml
version: '3.7'
services:
traefik_v2.0:
image: 'traefik:2.2'
container_name: traefik_v2
hostname: traefik_v2
ports:
- '443:443'
- '80:80'
- '8080:8080'
volumes:
- '/var/run/docker.sock:/var/run/docker.sock'
- 'letsencrypt:/letsencrypt'
- '.\traefik_v2\rules.yml:/rules.yml'
env_file:
- .env
restart: unless-stopped
labels:
- com.ouroboros.enable=true
- traefik.enable=true
- traefik.http.routers.traefik.entrypoints=web
- traefik.http.routers.traefik.rule=Host(`traefik.localhost`)
- traefik.http.services.traefik.loadbalancer.server.port=8080
- traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
- 'traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)'
- traefik.http.routers.redirs.entrypoints=web
- traefik.http.routers.redirs.middlewares=redirect-to-https
- 'traefik.https.middlewares.fauth.forwardauth.address="http://fauth:4181" '
- traefik.https.middlewares.fauth.forwardauth.authResponseHeaders=X-Forwarded-User
environment:
- 'CLOUDFLARE_EMAIL=${EMAIL}'
- 'CLOUDFLARE_API_KEY=${API_KEY}'
- com.ouroboros.enable=true
- TZ=Europe/Bucharest
command:
- '--log.level=DEBUG'
- '--log.format=json'
- '--global.checkNewVersion=true'
- '--global.sendAnonymousUsage=false'
- '--entryPoints.web.address=:80'
- '--entryPoints.web-secure.address=:443'
- '--api'
- '--api.debug'
- '--api.insecure'
- '--api.dashboard'
- '--ping'
- '--providers.docker.exposedByDefault=false'
- '--providers.docker.watch=true'
- '--providers.file.filename=/rules.yml'
- '--providers.file.watch=true'
- '--certificatesresolvers.basic.acme.tlschallenge=true'
- '--certificatesresolvers.basic.acme.email=${EMAIL}'
- '--certificatesresolvers.basic.acme.storage=/letsencrypt/acme.json'
fauth:
image: thomseddon/traefik-forward-auth
container_name: fauth
hostname: fauth
restart: unless-stopped
env_file:
- .env
environment:
- 'TZ=${TZ}'
- LOG_LEVEL=debug
- 'PROVIDERS_GOOGLE_CLIENT_ID=${GOOGLE_CLIENT_ID}'
- 'PROVIDERS_GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET}'
- 'SECRET=${OAUTH_SECRET}'
- INSECURE_COOKIE=false
- WHITELIST=${EMAIL}
labels:
- com.ouroboros.enable=true
- traefik.enable=true
# - 'traefik.http.middlewares.fauth.forwardauth.address=http://fauth:4181'
# - traefik.http.middlewares.fauth.forwardauth.authResponseHeaders=X-Forwarded-User
- traefik.http.middlewares.fauth.forwardauth.trustForwardHeader=true
- traefik.http.services.fauth.loadbalancer.server.port=4181
portainer:
image: 'portainer/portainer:latest'
container_name: portainer
hostname: portainer
env_file:
- .env
environment:
- com.ouroboros.enable=true
- TZ=Europe/Bucharest
volumes:
- '.\Portainer:/data'
- '/var/run/docker.sock:/var/run/docker.sock'
ports:
- '9000:9000'
labels:
- com.ouroboros.enable=true
- traefik.enable=true
- traefik.http.routers.portainer.entrypoints=web
- 'traefik.http.routers.portainer.rule=Host(`portainer.${ZONE}`)'
- traefik.http.routers.portainer_https.entrypoints=web-secure
- 'traefik.http.routers.portainer_https.rule=Host(`portainer.${ZONE}`)'
- traefik.http.routers.portainer_https.tls=true
- traefik.http.routers.portainer_https.tls.certresolver=basic
- traefik.http.services.portainer.loadbalancer.server.port=9000
- traefik.http.routers.portainer_https.middlewares=fauth
restart: unless-stopped
organizr:
image: 'linuxserver/organizr:latest'
container_name: organizr
hostname: organizr
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Bucharest
- com.ouroboros.enable=true
restart: unless-stopped
volumes:
- '.\organizr:/config'
ports:
- '9983:80'
labels:
- com.ouroboros.enable=true
- traefik.enable=true
- traefik.http.routers.organizr.entrypoints=web
- 'traefik.http.routers.organizr.rule=Host(`organizr.${ZONE}`)'
- traefik.http.routers.organizr_https.entrypoints=web-secure
- 'traefik.http.routers.organizr_https.rule=Host(`organizr.${ZONE}`)'
- traefik.http.routers.organizr_https.tls=true
- traefik.http.routers.organizr_https.tls.certresolver=basic
- traefik.http.services.organizr.loadbalancer.server.port=80
- traefik.http.routers.organizr_https.middlewares=fauth
kitana:
image: pannal/kitana
container_name: kitana
hostname: kitana
restart: unless-stopped
environment:
- TZ=Europe/Bucharest
- com.ouroboros.enable=true
volumes:
- '.\kitana:/app/data'
ports:
- '31337:31337'
labels:
- com.ouroboros.enable=true
- traefik.enable=true
- traefik.http.routers.kitana.entrypoints=web
- 'traefik.http.routers.kitana.rule=Host(`kitana.${ZONE}`)'
- traefik.http.routers.kitana_https.entrypoints=web-secure
- 'traefik.http.routers.kitana_https.rule=Host(`kitana.${ZONE}`)'
- traefik.http.routers.kitana_https.tls=true
- traefik.http.routers.kitana_https.tls.certresolver=basic
- traefik.http.services.kitana.loadbalancer.server.port=31337
- traefik.http.routers.kitana_https.middlewares=fauth
command: '-B 0.0.0.0:31337 -P'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment