97 lines
2.0 KiB
YAML
97 lines
2.0 KiB
YAML
services:
|
|
|
|
nginxpm:
|
|
image: jc21/nginx-proxy-manager:latest
|
|
container_name: nginxpm
|
|
restart: unless-stopped
|
|
ports:
|
|
- "80:80"
|
|
- "81:81"
|
|
- "443:443"
|
|
environment:
|
|
PUID: 1000
|
|
PGID: 1000
|
|
volumes:
|
|
- ./nginxpm/data:/data
|
|
- ./nginxpm/letsencrypt:/etc/letsencrypt
|
|
- ./nginxpm/custom:/data/nginx/custom
|
|
networks:
|
|
- proxy
|
|
- media
|
|
- misc
|
|
- productivity
|
|
- overleaf
|
|
- administration
|
|
|
|
adguard:
|
|
image: adguard/adguardhome:latest
|
|
container_name: adguard
|
|
restart: unless-stopped
|
|
ports:
|
|
- "53:53/tcp"
|
|
- "53:53/udp"
|
|
- "3000:3000"
|
|
volumes:
|
|
- ./adguard/conf:/opt/adguardhome/conf
|
|
- ./adguard/work:/opt/adguardhome/work
|
|
networks:
|
|
- proxy
|
|
|
|
wg-easy:
|
|
image: ghcr.io/wg-easy/wg-easy:latest
|
|
container_name: wg-easy
|
|
restart: unless-stopped
|
|
environment:
|
|
- LANG=en
|
|
- WG_HOST=focaccinacamog.li
|
|
- PASSWORD_HASH=${WG_EASY_PW_HASH}
|
|
- WG_PORT=51820
|
|
- WG_DEFAULT_ADDRESS=10.8.0.x
|
|
- WG_DEFAULT_DNS=172.20.0.2
|
|
- WG_ALLOWED_IPS=0.0.0.0/0
|
|
- WG_PERSISTENT_KEEPALIVE=25
|
|
volumes:
|
|
- ./wireguard:/etc/wireguard
|
|
ports:
|
|
- "51820:51820/udp"
|
|
- "51821:51821/tcp" # UI web
|
|
cap_add:
|
|
- NET_ADMIN
|
|
- SYS_MODULE
|
|
sysctls:
|
|
- net.ipv4.ip_forward=1
|
|
- net.ipv4.conf.all.src_valid_mark=1
|
|
networks:
|
|
- proxy
|
|
|
|
fail2ban:
|
|
image: lscr.io/linuxserver/fail2ban:latest
|
|
container_name: fail2ban
|
|
cap_add:
|
|
- NET_ADMIN
|
|
- NET_RAW
|
|
network_mode: host
|
|
environment:
|
|
- PUID=1000
|
|
- PGID=1000
|
|
- TZ=Etc/UTC
|
|
- VERBOSITY=-vv
|
|
volumes:
|
|
- ./fail2ban/config:/config
|
|
- /var/log:/var/log:ro
|
|
restart: unless-stopped
|
|
|
|
networks:
|
|
proxy:
|
|
driver: bridge
|
|
media:
|
|
external: true
|
|
misc:
|
|
external: true
|
|
productivity:
|
|
external: true
|
|
overleaf:
|
|
external: true
|
|
administration:
|
|
external: true
|