services: nginxpm: image: jc21/nginx-proxy-manager:latest container_name: nginxpm restart: unless-stopped ports: - "80:80" - "81:81" - "443:443" environment: PUID: 1000 PGID: 1000 volumes: - ./nginxpm/data:/data - ./nginxpm/letsencrypt:/etc/letsencrypt - ./nginxpm/custom:/data/nginx/custom networks: proxy: ipv4_address: 172.20.0.11 media: {} misc: {} productivity: {} overleaf: {} administration: {} security: {} adguard: image: adguard/adguardhome:latest container_name: adguard restart: unless-stopped ports: - "53:53/tcp" - "53:53/udp" - "3000:3000" volumes: - ./adguard/conf:/opt/adguardhome/conf - ./adguard/work:/opt/adguardhome/work networks: proxy: ipv4_address: 172.20.0.10 wg-easy: image: ghcr.io/wg-easy/wg-easy:latest container_name: wg-easy restart: unless-stopped environment: - LANG=en - WG_HOST=focaccinacamog.li - PASSWORD_HASH=${WG_EASY_PW_HASH} - WG_PORT=51820 - WG_DEFAULT_ADDRESS=10.8.0.x - WG_DEFAULT_DNS=172.20.0.10 - WG_ALLOWED_IPS=0.0.0.0/0 - WG_PERSISTENT_KEEPALIVE=25 volumes: - ./wireguard:/etc/wireguard ports: - "51820:51820/udp" - "51821:51821/tcp" # UI web cap_add: - NET_ADMIN - SYS_MODULE sysctls: - net.ipv4.ip_forward=1 - net.ipv4.conf.all.src_valid_mark=1 networks: proxy: ipv4_address: 172.20.0.12 fail2ban: image: lscr.io/linuxserver/fail2ban:latest container_name: fail2ban cap_add: - NET_ADMIN - NET_RAW network_mode: host environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC - VERBOSITY=-vv volumes: - ./fail2ban/config:/config - /var/log:/var/log:ro restart: unless-stopped do-ddns-updater: image: python:3 container_name: do-ddns-updater working_dir: /usr/src/app volumes: - ./do-ddns-updater:/usr/src/app env_file: - .env stdin_open: true tty: true command: ./run_updater.sh restart: unless-stopped logging: driver: "json-file" options: max-size: "10m" max-file: "3" networks: proxy: driver: bridge media: external: true misc: external: true productivity: external: true overleaf: external: true administration: external: true security: external: true