lidarr

Reviewed-on: https://git.mintyserver.net/poslop/DockerConfigs/pulls/6

.gitignore

@@ -0,0 +1,5 @@
+Volumes
+.env
+Piped-Docker
+pterodactyl
+piped.yml

Caddyfile

@@ -0,0 +1,129 @@
+{
+	acme_dns cloudflare {env.CLOUDFLARE_API_TOKEN}
+}
+
+actual.archfox.org {
+	reverse_proxy actual:5006
+}
+
+searxng.archfox.org {
+	reverse_proxy searxng:8080
+}
+
+git.archfox.org {
+	reverse_proxy gitea:3000
+}
+
+jelly.archfox.org {
+	reverse_proxy jellyfin:8096 {
+		header_up +Content-Security-Policy "default-src https: data: blob:; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/accentlist.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/base.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/bottombarprogress.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/fixes.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/jf_font.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/overlayprogress.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/rounding.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/rounding_circlehover.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/smallercast.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/rounding_circlehover.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/cornerindicator/indicator_floating.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/cornerindicator/indicator_corner.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/effects/glassy.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/effects/pan-animation.css https://ctalvio.github.io/Monochromic/backdrop-hack_style.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/effects/hoverglow.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/effects/scrollfade.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/episodelist/episodes_compactlist.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/episodelist/episodes_grid.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/fields/fields_border.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/fields/fields_noborder.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/header/header_transparent.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/header/header_transparent-dashboard.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/login/login_frame.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/login/login_minimalistic.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/login/login_frame.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/presets/monochromic_preset.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/presets/kaleidochromic_preset.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/presets/novachromic_preset.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/titlepage/title_banner.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/titlepage/title_banner-logo.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/titlepage/title_simple.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/titlepage/title_simple-logo.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/type/light.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/type/dark.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/type/colorful.css https://cdn.jsdelivr.net/gh/CTalvio/Ultrachromic/type/dark_withaccent.css https://fonts.googleapis.com/css2; script-src 'self' 'unsafe-inline' https://www.gstatic.com/cv/js/sender/v1/cast_sender.js worker-src 'self' blob:; connect-src 'self'; object-src 'none'; frame-ancestors 'self'"
+	}
+}
+
+vault.archfox.org {
+	reverse_proxy vaultwarden:80
+}
+
+aria.archfox.org {
+	reverse_proxy ariang:8080
+}
+
+nextcloud.archfox.org {
+	reverse_proxy 10.0.1.45:11000
+}
+
+bookstack.archfox.org {
+	reverse_proxy bookstack:80
+}
+
+panel.archfox.org {
+	reverse_proxy tpanel:80
+
+	php_fastcgi unix//run/php/php8.3-fpm.sock {
+		root /var/www/pterodactyl/public
+		index index.php
+
+		env PHP_VALUE "upload_max_filesize = 100M
+		post_max_size = 100M"
+		env HTTP_PROXY ""
+		env HTTPS "on"
+
+		read_timeout 300s
+		dial_timeout 300s
+		write_timeout 300s
+	}
+
+	header Strict-Transport-Security "max-age=16768000; preload;"
+	header X-Content-Type-Options "nosniff"
+	header X-XSS-Protection "1; mode=block;"
+	header X-Robots-Tag "none"
+	header Content-Security-Policy "frame-ancestors 'self'"
+	header X-Frame-Options "DENY"
+	header Referrer-Policy "same-origin"
+	header Access-Control-Allow-Origin "*"
+	header Access-Control-Allow-Methods "GET, POST, OPTIONS"
+	header Access-Control-Allow-Headers "Authorization, Content-Type"
+
+	request_body {
+		max_size 100m
+	}
+
+	respond /.ht* 403
+}
+
+wings.archfox.org {
+	reverse_proxy twings:443
+}
+
+omada.archfox.org {
+	reverse_proxy host.docker.internal:8043  {
+                transport http {
+                        tls_insecure_skip_verify
+                }
+        	header_up Host "omada.archfox.org:443"
+        }
+}
+
+ai.archfox.org {
+	reverse_proxy open-webui:8080
+}
+
+p.archfox.org {
+	reverse_proxy pastefy:80
+}
+
+archfox.org {
+	root * /srv
+	file_server
+
+	@webfinger {
+		path /.well-known/webfinger
+		method GET HEAD
+		query resource=acct:poslop@archfox.org
+		query resource=mailto:poslop@archfox.org
+		query resource=https://archfox.org
+		query resource=https://archfox.org/
+	}
+	rewrite @webfinger /webfinger.json
+	header @webfinger {
+		Content-Type "application/jrd+json"
+		Access-Control-Allow-Origin "*"
+		X-Robots-Tag "noindex"
+	}
+}
+
+(global) {
+	header {
+		# disable FLoC tracking
+		Permissions-Policy interest-cohort=()
+
+		# enable HSTS
+		Strict-Transport-Security max-age=31536000;
+
+		# keep referrer data off
+		Referrer-Policy no-referrer
+
+		# prevent for appearing in search engine for private instances (option)
+		#X-Robots-Tag noindex
+	}
+}

README.md

@@ -3,6 +3,6 @@ This repository is for documenting my homelab.  Most documentation is found in t
 
 I use docker for all of my services that I run with a docker compose file.  I use ssh through a peer to peer vpn service called [Tailscale](https://tailscale.com/).  Tailscale has functionality to store ssh keys and makes managing them very simple and easy with github accounts.
 
-The homelab is run off of a dedicated server running a headless instance of Arch Linux.  Arch linux is my Distro of preference however if I were to run a server that is required for reliability I would most likely prefer RedHat or similar for a stable environment over rolling release Arch.
+The homelab is run off of a dedicated server running a headless instance of Arch Linux.  Arch linux is my Distro of preference however if I were to run a server that is required for reliability I would most likely prefer RedHat or similar for a stable environment over rolling release Arch but so far Arch has been fine.
 
-Caddy is currently used to share my publicly facing services with a subdomain of mintyserver.net eg https://git.mintyserver.net. Not all services are reverse proxied such as my pihole as they are only needed to be accessed by me and therefore only accessible via local or vpn connections.  
+Caddy is currently used to share my publicly facing services with a subdomain of archox.org eg https://git.archox.org. Not all services are reverse proxied such as my DNS server as they are only needed to be accessed by me and therefore only accessible via local or vpn connections.  

docker-compose.d/Documentation/bookstack.yml

@@ -1,42 +1,41 @@
 services:
   bookstack:
     image: lscr.io/linuxserver/bookstack
+    container_name: bookstack
     environment:
       - PUID=1000
       - PGID=1000
       - TZ=America/Chicago
-      - APP_URL=https://bookstack.mintyserver.net
+      - APP_URL=https://bookstack.archfox.org
+      - APP_KEY=${BOOKKEY}
       - DB_HOST=bookstack_db
       - DB_PORT=3306
-      - DB_USER=bookstack
+      - DB_USERNAME=bookstack
-      - DB_PASS=/run/secrets/PASS
+      - DB_PASSWORD=${PASS}
       - DB_DATABASE=bookstackapp
     volumes:
       - bookstack:/config
+    restart: unless-stopped
     depends_on:
       - bookstack_db
-    ports:
-      - 8989:80
-    secrets:
-      - PASS
     networks:
       - caddy
       - bookstack
   
   bookstack_db:
     image: lscr.io/linuxserver/mariadb
+    container_name: bookstack_db
     environment:
       - PUID=1000
       - PGID=1000
       - TZ=America/Chicago
-      - MYSQL_ROOT_PASSWORD=/run/secrets/PASS
+      - MYSQL_ROOT_PASSWORD=${PASS}
       - MYSQL_DATABASE=bookstackapp
       - MYSQL_USER=bookstack
-      - MYSQL_PASSWORD=/run/secrets/PASS
+      - MYSQL_PASSWORD=${PASS}
     volumes:
       - bookstack_db:/config
-    secrets:
+    restart: unless-stopped
-      - PASS
     networks:
       - bookstack
 
@@ -50,9 +49,7 @@ networks:
 volumes:
   bookstack:
     name: bookstack
+    external: true
   bookstack_db:
     name: bookstack_db
-
-secrets:
-  PASS:
     external: true

docker-compose.d/Documentation/gitea.yml

@@ -1,17 +1,16 @@
 services:
   gitea:
+   container_name: gitea
    image: gitea/gitea:latest
    environment:
      - GITEA__service__DISABLE_REGISTRATION=true
      - USER_UID=1000
      - USER_GID=1000
-   restart: always
    volumes:
      - gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
-     #ports:
+   restart: unless-stopped
-     #- "3030:3000"
    networks: 
      - caddy
 
@@ -23,3 +22,4 @@ networks:
 volumes:
   gitea:
     name: gitea
+    external: true

docker-compose.d/Documentation/vaultwarden-stack.yml

@@ -1,23 +0,0 @@
-services:
-  vaultwarden:
-    image: vaultwarden/server:latest
-    environment:
-      - DOMAIN=https://vault.mintyserver.net
-      - WEBSOCKET_ENABLED=true
-      - SIGNUPS_ALLOWED=false
-      - ADMIN_TOKEN=/run/secrets/PASS
-    volumes:
-      - vaultwarden:/data
-    networks:
-      - caddy
-      #ports:
-      #- 8089:80
-
-networks:
-  caddy:
-    name: caddy
-    external: true
-
-volumes:
-  vaultwarden:
-    name: vaultwarden

docker-compose.d/Documentation/vaultwarden.yml

@@ -0,0 +1,24 @@
+services:
+  vaultwarden:
+    image: vaultwarden/server:latest
+    container_name: vaultwarden
+    restart: unless-stopped
+    environment: 
+      DOMAIN: "https://vault.archfox.org"
+      WEBSOCKET_ENABLED: true
+      SIGNUPS_ALLOWED: false
+      ADMIN_TOKEN: ${PASS} 
+    volumes:
+      - vaultwarden:/data
+    networks: 
+      - caddy
+
+networks:
+  caddy:
+    name: caddy
+    external: true
+
+volumes:
+  vaultwarden:
+    name: vaultwarden
+    external: true

docker-compose.d/Media/arr.yml

@@ -0,0 +1,99 @@
+services:
+  prowlarr:
+    image: lscr.io/linuxserver/prowlarr:latest
+    container_name: prowlarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - prowlarr:/config
+    ports:
+      - 9696:9696
+    restart: unless-stopped
+    networks:
+      - arr
+      - qbit
+
+  sonarr:
+    image: lscr.io/linuxserver/sonarr:latest
+    container_name: sonarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+    volumes:
+      - sonarr:/config
+      - /mnt/massdrive/media:/mnt/media
+    ports:
+      - 8989:8989
+    restart: unless-stopped
+    networks:
+      - arr
+      - qbit
+
+  lidarr:
+    image: ghcr.io/hotio/lidarr:latest
+    container_name: lidarr
+    hostname: lidarr
+    environment:
+      - TZ=ETC/UTC
+      - PUID=1000
+      - PGID=1000
+    volumes:
+      - ${Volumes}/arr/lidarr:/config
+      - /mnt/massdrive/media/Music:/data
+    ports:
+      - 8686:8686
+    restart: unless-stopped
+    networks:
+      - arr
+
+  slskd:
+    image: slskd/slskd
+    container_name: slskd
+    hostname: slskd
+    user: 1000:1000
+    environment:
+      - TZ=ETC/UTC
+      - SLSKD_REMOTE_CONFIGURATION=true
+    ports:
+      - 5030:5030
+      - 5031:5031
+      - 50300:50300
+    volumes:
+      - ${Volumes}/arr/slskd:/app
+      - /mnt/massdrive/media/Music/downloads:/app/downloads
+    restart: unless-stopped
+    networks:
+      - arr
+
+  soularr:
+    image: mrusse08/soularr:latest
+    container_name: soularr
+    hostname: soularr
+    user: 1000:1000
+    environment:
+      - TZ=ETC/UTC
+      - SCRIPT_INTERVAL=300
+    volumes:
+      - /mnt/massdrive/media/Music/downloads:/downloads
+      - ${Volumes}/arr/soularr:/data
+    restart: unless-stopped
+    networks:
+      - arr
+
+networks:
+  arr:
+    name: arr
+  qbit:
+    name: qbit
+    external: true
+
+volumes:
+  prowlarr:
+    name: prowlarr
+    external: true
+  sonarr:
+    name: sonarr
+    external: true

docker-compose.d/Media/jellyfin.yml

@@ -1,6 +1,7 @@
 services:
   jellyfin:
     image: lscr.io/linuxserver/jellyfin:latest
+    container_name: jellyfin
     devices: 
       - /dev/dri:/dev/dri
     environment: 
@@ -10,6 +11,9 @@ services:
     volumes:
       - jellyfin:/config
       - /mnt/massdrive/media:/data
+    ports:
+      - 8096:8096
+    restart: unless-stopped
     networks:
       - caddy
       - shoko
@@ -24,4 +28,4 @@ networks:
 
 volumes:
   jellyfin:
-    name: jellyfin
+    external: true

docker-compose.d/Media/shoko.yml

@@ -0,0 +1,27 @@
+services:
+  shoko:
+    shm_size: 256m
+    container_name: shoko
+    image: shokoanime/server:latest
+    restart: always
+    environment:
+      - "PUID=1000"
+      - "PGID=1000"
+      - "TZ=Etc/UTC"
+    ports:
+      - "8111:8111"
+    volumes:
+      - shoko:/home/shoko/.shoko
+      - /mnt/massdrive/media:/mnt/media
+    networks: 
+      - shoko
+
+networks:
+  shoko:
+    name: shoko
+    external: true
+
+volumes:
+  shoko:
+    name: shoko
+    external: true

docker-compose.d/Networking/caddy.yml

@@ -0,0 +1,43 @@
+services:
+  caddy:
+    image: ghcr.io/caddybuilds/caddy-cloudflare:latest
+    container_name: caddy
+    restart: unless-stopped
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - 80:80
+      - 443:443
+      - 443:443/udp
+    volumes:
+      - caddy_set:/etc/caddy
+      - caddy_srv:/srv
+      - caddy_data:/data
+      - caddy_config:/config
+    environment:
+      - CLOUDFLARE_API_TOKEN=${CF_CADDY_KEY}
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+    networks:
+      - caddy
+
+networks:
+  caddy:
+    name: caddy
+    external: true
+
+volumes:
+  caddy_config:
+    name: caddy_config
+    external: true
+  caddy_data:
+    name: caddy_data
+    external: true
+  caddy_srv:
+    name: caddy_srv
+    external: true
+  caddy_set:
+    name: caddy_set
+    external: true
+  caddy_html:
+    external: true

docker-compose.d/Networking/ddns.yml

@@ -0,0 +1,14 @@
+services:
+  cloudflare-ddns:
+    container_name: ddns
+    image: favonia/cloudflare-ddns:latest
+    network_mode: host
+    restart: always
+    user: "1000:1000"
+    read_only: true
+    cap_drop: [all]
+    security_opt: [no-new-privileges:true]
+    environment:
+      - CLOUDFLARE_API_TOKEN=${CFKEY}
+      - DOMAINS=archfox.org, jelly.archfox.org, searxng.archfox.org, bookstack.archfox.org, vault.archfox.org, git.archfox.org, nextcloud.archfox.org, aria.archfox.org, wings.archfox.org, panel.archfox.org, omada.archfox.org, mc.archfox.org, ai.archfox.org, p.archfox.org, actual.archfox.org
+      - PROXIED=false

docker-compose.d/Networking/omada.yml

@@ -0,0 +1,23 @@
+
+services:
+  omada:
+    container_name: omada
+    image: mbentley/omada-controller:latest
+    restart: unless-stopped
+    ulimits:
+      nofile:
+        soft: 4096
+        hard: 8192
+    stop_grace_period: 60s
+    network_mode: host
+    environment:
+      - TZ=America/Chicago
+    volumes:
+      - omada-data:/opt/tplink/EAPController/data
+      - omada-logs:/opt/tplink/EAPController/logs
+
+volumes:
+  omada-data:
+    external: true
+  omada-logs:
+    external: true

docker-compose.d/Networking/technitium.yml

@@ -0,0 +1,17 @@
+services:
+  technitium:
+    container_name: technitium
+    image: technitium/dns-server:latest
+    network_mode: "host"
+    environment:
+      - DNS_SERVER_DOMAIN=technitium 
+      - DNS_SERVER_ADMIN_PASSWORD=${PASS}
+    volumes:
+      - technitium:/etc/dns
+    restart: unless-stopped
+
+volumes:
+  technitium:
+    name: technitium
+    external: true
+

docker-compose.d/Shared/docker-compose.networks.yml

@@ -1,13 +0,0 @@
-
-networks:
-  caddy:
-    name: caddy
-  qbit:
-    name: qbit
-  shoko:
-    name: shoko
-  arr:
-    name: arr
-  bookstack:
-    name: bookstack
-

docker-compose.d/Tools/actual.yml

@@ -0,0 +1,27 @@
+services:
+  actual_server:
+    container_name: actual
+    image: docker.io/actualbudget/actual-server:latest
+    environment:
+      - ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=100
+      - ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=100
+      - ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=100
+    volumes:
+      - actual-data:/data
+    networks:
+      - caddy
+    healthcheck:
+      test: ['CMD-SHELL', 'node src/scripts/health-check.js']
+      interval: 60s
+      timeout: 10s
+      retries: 3
+      start_period: 20s
+    restart: unless-stopped
+
+volumes:
+  actual-data:
+    external: true
+
+networks:
+  caddy:
+    external: true

docker-compose.d/Tools/ariang.yml

@@ -0,0 +1,27 @@
+services:
+  ariang:
+    image: hurlenko/aria2-ariang
+    container_name: aria
+    restart: unless-stopped
+    volumes: 
+      - /mnt/nextcloud:/aria2/data
+      - ariang:/aria2/conf
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - RPC_SECRET=${PASS}
+      - BASIC_AUTH_USERNAME=poslop
+      - BASIC_AUTH_PASSWORD=${PASS}
+      - ARIA2RPCPORT=443
+    networks:
+      - caddy
+
+volumes:
+  ariang:
+    name: ariang
+    external: true
+
+networks:
+  caddy:
+    name: caddy
+    external: true

docker-compose.d/Tools/monerod.yml

@@ -0,0 +1,27 @@
+services:
+  monerod:
+    image: sethsimmons/simple-monerod:latest
+    restart: unless-stopped
+    container_name: monerod
+    volumes:
+      - bitmonero:/home/monero/.bitmonero:rw
+    ports:
+      - 18080:18080
+      - 18089:18089
+      - 18083:18083
+    command:
+      - "--add-priority-node=p2pmd.xmrvsbeast.com:18080"
+      - "--out-peers=32"
+      - "--in-peers=64"
+      - "--disable-dns-checkpoints"
+      - "--rpc-restricted-bind-ip=0.0.0.0"
+      - "--rpc-restricted-bind-port=18089"
+      - "--no-igd"
+      - "--enable-dns-blocklist"
+      - "--prune-blockchain"
+      - "--zmq-pub=tcp://0.0.0.0:18083"
+
+volumes:
+  bitmonero:
+    name: bitmonero
+    external: true

docker-compose.d/Tools/nextcloud-aio.yml

@@ -0,0 +1,21 @@
+services:
+  nextcloud:
+    container_name: nextcloud-aio-mastercontainer
+    init: true
+    restart: unless-stopped
+    image: nextcloud/all-in-one:latest
+    volumes:
+      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    ports:
+      - 8080:8080
+    environment:
+      - APACHE_PORT=11000
+      - APACHE_IP_BINDING=0.0.0.0
+      - NEXTCLOUD_MOUNT=/mnt/nextcloud/
+      - NEXTCLOUD_MEMORY_LIMIT=4096M
+
+volumes:
+  nextcloud_aio_mastercontainer:
+    name: nextcloud_aio_mastercontainer
+    external: true

docker-compose.d/Tools/open-webui.yml

@@ -0,0 +1,21 @@
+services:
+  open-webui:
+    container_name: open-webui
+    image: ghcr.io/open-webui/open-webui:main
+    restart: unless-stopped
+    environment:
+      - OLLAMA_BASE_URL=http://poslop-w:11434
+    volumes:
+      - open-webui:/app/backend/data
+    networks:
+      - caddy
+
+
+volumes:
+  open-webui:
+    external: true
+
+networks:
+  caddy:
+    name: caddy
+    external: true

docker-compose.d/Tools/p2pool.yml

@@ -0,0 +1,23 @@
+services:
+  p2pool:
+    image: sethsimmons/p2pool:latest
+    restart: unless-stopped
+    container_name: p2pool
+    tty: true
+    stdin_open: true
+    volumes: 
+      - p2pool-data:/home/p2pool
+      - /dev/hugepages:/dev/hugepages:rw
+    ports:
+      - 3333:3333
+      - 37889:37889
+    command: >-
+      --wallet "452KRkV1ekYiMh1iy6g3TWbBUGjcJLZH8NYbcd8uaso7Z65CxHsjCmshNaRikDWnRy84kkDZxSfw7DXitNQvhpPW3rmRasA"
+      --stratum "0.0.0.0:3333" --p2p "0.0.0.0:37889" --rpc-port "18089"
+      --host "monerod"
+      --loglevel 1      
+
+volumes:
+  p2pool-data:
+    name: p2pool-data
+    external: true

docker-compose.d/Tools/pastefy.yml

@@ -0,0 +1,45 @@
+services:
+  pastedb:
+   container_name: pastedb
+   image: mariadb:10.11
+   volumes:
+     - pastedb:/var/lib/mysql
+
+   environment:
+     MYSQL_ROOT_PASSWORD: pastefy
+     MYSQL_DATABASE: pastefy
+     MYSQL_USER: pastefy
+     MYSQL_PASSWORD: pastefy
+   networks:
+     - pastefy
+
+  pastefy:
+   container_name: pastefy
+   depends_on:
+     - pastedb
+   image: interaapps/pastefy:latest
+     
+   environment:
+     HTTP_SERVER_PORT: 80
+     HTTP_SERVER_CORS: "*"
+     DATABASE_DRIVER: mysql
+     DATABASE_NAME: pastefy
+     DATABASE_USER: pastefy
+     DATABASE_PASSWORD: pastefy
+     DATABASE_HOST: pastedb
+     DATABASE_PORT: 3306
+     SERVER_NAME: "https://p.archfox.org"
+   networks:
+    - caddy
+    - pastefy
+
+volumes:
+  pastedb:
+    external: true
+
+networks:
+  pastefy:
+    name: pastefy
+  caddy:
+    name: caddy
+    external: true

docker-compose.d/Tools/pterodactyl.yml.tmp

@@ -0,0 +1,130 @@
+###
+# Minimal Configuration File
+#
+# This configuration strips services to the absolute bare essentials to function.
+# Very useful for reverse proxy configurations where a user would override networking anyways.
+###
+
+services:
+  ##
+  # -- Panel Cron --
+  # These are required for schedules and other misc tasks to
+  # function correctly.
+  ##
+  tcron:
+    command: p:cron
+    container_name: tcron
+    env_file: ${TPATH}conf.d/panel.env
+    image: ccarney16/pterodactyl-panel:${PANEL_VERSION:-latest}
+    profiles: [ panel ]
+    restart: always
+    volumes:
+      - tpanel:/data
+    networks:
+      - pterodactyl
+
+  ##
+  # -- Pterodactyl Daemon --
+  # This service provides the wings runtime.
+  ##
+  twings:
+    container_name: twings
+    environment:
+      - TZ=${DAEMON_TIMEZONE:-UTC}
+    image: docker.io/ccarney16/pterodactyl-daemon:${DAEMON_VERSION:-latest}
+    privileged: true
+    profiles: [ daemon ]
+    restart: always
+    volumes:
+      - ${DAEMON_DATA_DIRECTORY:-/var/lib/pterodactyl}:${DAEMON_DATA_DIRECTORY:-/var/lib/pterodactyl}
+      - ${DOCKER_SOCKET:-/var/run/docker.sock}:/var/run/docker.sock
+      - /tmp/pterodactyl/:/tmp/pterodactyl/
+      - ${TPATH}conf.d/daemon:/etc/pterodactyl
+    working_dir: ${DAEMON_DATA_DIRECTORY:-/var/lib/pterodactyl}
+    networks:
+      - pterodactyl_nw
+      - caddy
+
+  ##
+  # -- MariaDB --
+  # Required for the control panel to work.
+  # Stores Server/User information
+  ##
+  tdb:
+    image: docker.io/library/mariadb:10.11
+    container_name: tdb
+    env_file: ${TPATH}conf.d/mariadb.env
+    networks:
+      - pterodactyl
+    profiles: [ panel ]
+    restart: always
+    volumes:
+      - tdb:/var/lib/mysql
+
+  ##
+  # -- Pterodactyl Panel --
+  # This is the container that provides the main web interface.
+  ##
+  tpanel:
+    env_file: ${TPATH}conf.d/panel.env
+    image: docker.io/ccarney16/pterodactyl-panel:${PANEL_VERSION:-latest}
+    container_name: tpanel
+    profiles: [ panel ]
+    ports:
+      - 4848:80
+    restart: always
+    volumes:
+      - tpanel:/data
+    depends_on:
+      tdb:
+        condition: service_started
+      tredis:
+        condition: service_started
+    networks:
+      - pterodactyl
+      - caddy
+
+  ##
+  # -- Redis --
+  ##
+  tredis:
+    container_name: tredis
+    cpu_count: 2
+    image: docker.io/library/redis:alpine
+    mem_limit: 128m
+    networks:
+      - pterodactyl
+    profiles: [ panel ]
+    restart: always
+
+  ##
+  # -- Panel Worker --
+  ##
+  tworker:
+    container_name: tworker
+    command: p:worker
+    env_file: ${TPATH}conf.d/panel.env
+    image: docker.io/ccarney16/pterodactyl-panel:${PANEL_VERSION:-latest}
+    profiles: [ panel ]
+    restart: always
+    volumes:
+      - tpanel:/data
+    networks:
+      - pterodactyl
+
+volumes:
+  tpanel:
+    name: tpanel
+    external: true
+  tdb:
+    name: tdb
+    external: true
+
+networks:
+  caddy:
+    external: true
+  pterodactyl:
+    external: true
+  pterodactyl_nw:
+    external: true
+

docker-compose.d/Tools/qbit.yml

@@ -0,0 +1,54 @@
+services:
+  qbittorrent:
+    image: lscr.io/linuxserver/qbittorrent:latest
+    container_name: qbittorrent
+    environment:
+      - DOCKER_MODS=ghcr.io/vuetorrent/vuetorrent-lsio-mod:latest
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+      - WEBUI_PORT=8181
+    network_mode: "service:gluetun"
+    volumes:
+      - qbittorrent:/config
+      - /mnt/nextcloud:/mnt/files
+    restart: unless-stopped
+    depends_on:
+      gluetun:
+        condition: service_healthy
+
+
+  gluetun:
+    image: qmcgaw/gluetun:v3
+    cap_add:
+      - NET_ADMIN
+    container_name: gluetun
+    environment:
+      - VPN_SERVICE_PROVIDER=mullvad        
+      - VPN_TYPE=wireguard
+      - WIREGUARD_PRIVATE_KEY=${MULLKEY}    
+      - WIREGUARD_ADDRESSES=10.75.99.140/32
+      - SERVER_COUNTRIES=USA
+      - SERVER_CITIES=Chicago IL
+      #- DNS_ADDRESS=10.64.0.1
+    volumes:
+      - gluetun:/gluetun
+    devices:
+      - /dev/net/tun:/dev/net/tun 
+    ports:
+      - 8181:8181
+      - 6881:6881
+      - 6881:6881/udp
+    restart: unless-stopped
+    networks:
+      - qbit 
+
+volumes:
+  qbittorrent:
+    external: true
+  gluetun:
+    external: true
+
+networks:
+   qbit:
+      external: true

docker-compose.d/Tools/searxng.yml

@@ -1,10 +1,12 @@
 services:
   searxng:
     image: searxng/searxng:latest
+    container_name: searxng
     environment: 
-      - BASE_URL=https://searxng.mintyserver.net
+      - BASE_URL=https://searxng.archfox.org
     volumes:
       - searxng:/etc/searxng
+    restart: unless-stopped
     networks: 
       - caddy
 
@@ -16,3 +18,4 @@ networks:
 volumes:
   searxng:
     name: searxng
+    external: true

docker-compose.d/Tools/watchtower.yml

@@ -0,0 +1,6 @@
+services:
+  watchtower:
+    container_name: watchtower
+    image: containrrr/watchtower
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock

docker-compose.yml

@@ -1,274 +0,0 @@
-networks:
-  caddy:
-    name: caddy
-    external: true
-  qbit:
-    name: qbit
-  shoko:
-    name: shoko
-    external: true
-  arr:
-    name: arr
-
-services:
-  anki:
-    image: ghcr.io/luckyturtledev/anki
-    container_name: anki
-    environment:
-      - SYNC_USER1=poslop:${PASS}
-      - RUST_LOG=info
-    ports: 
-      - 10080:8080
-    volumes:
-      - anki:/data
-    restart: unless-stopped
-    networks:
-      - caddy
-
-  gluetun:
-    image: ghcr.io/qdm12/gluetun
-    cap_add:
-      - NET_ADMIN
-    container_name: gluetun
-    environment:
-      - VPN_SERVICE_PROVIDER=mullvad
-      - VPN_TYPE=wireguard
-      - WIREGUARD_PRIVATE_KEY=${MULLKEY}
-      - WIREGUARD_ADDRESSES=10.64.21.169/32
-      - SERVER_CITIES=Chicago IL
-    volumes:
-      - gluetun:/gluetun
-    ports:
-      - 8181:8181
-      - 6881:6881
-      - 6881:6881/udp
-    restart: unless-stopped
-    networks:
-      - qbit
-
-  caddy:
-    image: caddy:latest
-    container_name: caddy
-    restart: unless-stopped
-    cap_add:
-      - NET_ADMIN
-    ports:
-      - 80:80
-      - 443:443
-      - 443:443/udp
-    volumes:
-      - caddy_set:/etc/caddy
-      - caddy_srv:/srv
-      - caddy_data:/data
-      - caddy_config:/config
-    networks:
-      - caddy
-
-
-  technitium:
-    container_name: technitium
-    image: technitium/dns-server:latest
-    network_mode: "host"
-    environment:
-      - DNS_SERVER_DOMAIN=technitium 
-      - DNS_SERVER_ADMIN_PASSWORD=${PASS}
-    volumes:
-      - technitium:/etc/dns
-    restart: unless-stopped
-
-  prowlarr:
-    image: lscr.io/linuxserver/prowlarr:latest
-    container_name: prowlarr
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - TZ=Etc/UTC
-    volumes:
-      - prowlarr:/config
-    ports:
-      - 9696:9696
-    restart: unless-stopped
-    networks:
-      - arr
-      - qbit
-
-  sonarr:
-    image: lscr.io/linuxserver/sonarr:latest
-    container_name: sonarr
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - TZ=Etc/UTC
-    volumes:
-      - sonarr:/config
-      - /mnt/massdrive/media:/mnt/media
-    ports:
-      - 8989:8989
-    restart: unless-stopped
-    networks:
-      - arr
-      - qbit
-
-  qbittorrent:
-    image: lscr.io/linuxserver/qbittorrent:latest
-    container_name: qbittorrent
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - TZ=Etc/UTC
-      - WEBUI_PORT=8181
-    network_mode: "service:gluetun"
-    volumes:
-      - qbittorrent:/config
-      - /mnt/nextcloud:/mnt/files
-    restart: unless-stopped
-    depends_on:
-      gluetun:
-        condition: service_healthy
-
-  shoko:
-    shm_size: 256m
-    container_name: shoko
-    image: shokoanime/server:daily
-    restart: always
-    environment:
-      - "PUID=1000"
-      - "PGID=1000"
-      - "TZ=Etc/UTC"
-    ports:
-      - "8111:8111"
-    volumes:
-      - shoko:/home/shoko/.shoko
-      - /mnt/massdrive/media:/mnt/media
-    networks: 
-      - shoko
-
-  monerod:
-    image: sethsimmons/simple-monerod:latest
-    restart: unless-stopped
-    container_name: monerod
-    volumes:
-      - bitmonero:/home/monero/.bitmonero:rw
-    ports:
-      - 18080:18080
-      - 18089:18089
-      - 18083:18083
-    command:
-      - "--add-priority-node=p2pmd.xmrvsbeast.com:18080"
-      - "--out-peers=32"
-      - "--in-peers=64"
-      - "--disable-dns-checkpoints"
-      - "--rpc-restricted-bind-ip=0.0.0.0"
-      - "--rpc-restricted-bind-port=18089"
-      - "--no-igd"
-      - "--enable-dns-blocklist"
-      - "--prune-blockchain"
-      - "--zmq-pub=tcp://0.0.0.0:18083"
-
-  p2pool:
-    image: sethsimmons/p2pool:latest
-    restart: unless-stopped
-    container_name: p2pool
-    tty: true
-    stdin_open: true
-    volumes: 
-      - p2pool-data:/home/p2pool
-      - /dev/hugepages:/dev/hugepages:rw
-    ports:
-      - 3333:3333
-      - 37889:37889
-    command: >-
-      --wallet "48Whozrwq4jDA6JZ3vJw3Z22VFCCdi4MnLDH5WfHX33w8ehHZ3hRsJC6JBFmgau8BjbXzfL6Um1GdGNfzzbqueDGPhSusji"
-      --stratum "0.0.0.0:3333" --p2p "0.0.0.0:37889" --rpc-port "18089"
-      --host "monerod"
-      --loglevel 1
-
-
-  ariang:
-    image: hurlenko/aria2-ariang
-    container_name: aria
-    restart: unless-stopped
-    volumes: 
-      - /mnt/nextcloud:/aria2/data
-      - ariang:/aria2/conf
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - RPC_SECRET=${PASS}
-      - BASIC_AUTH_USERNAME=poslop
-      - BASIC_AUTH_PASSWORD=${PASS}
-      - ARIA2RPCPORT=443
-    networks:
-      - caddy
-
-  puffer:
-    image: pufferpanel/pufferpanel:latest
-    container_name: puffer
-    restart: always
-    volumes:
-      - puffer-config:/etc/pufferpanel
-      - /var/lib/pufferpanel:/var/lib/pufferpanel
-      - /var/run/docker.sock:/var/run/docker.sock
-    networks: 
-      - caddy
-
-  nextcloud:
-    container_name: nextcloud-aio-mastercontainer
-    init: true
-    restart: unless-stopped
-    image: nextcloud/all-in-one:latest
-    volumes:
-      - nextcloud_aio_mastercontainer:/mnt/docker-aio-config
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    ports:
-      - 8080:8080
-    environment:
-      - APACHE_PORT=11000
-      - APACHE_IP_BINDING=0.0.0.0
-      - NEXTCLOUD_MOUNT=/mnt/nextcloud/
-      - NEXTCLOUD_MEMORY_LIMIT=4096M
-
-  watchtower:
-    image: containrrr/watchtower
-    container_name: watchtower
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-
-
-volumes:
-  anki:
-    name: anki
-  caddy_config:
-    name: caddy_config
-  caddy_data:
-    name: caddy_data
-  caddy_srv:
-    name: caddy_srv
-  caddy_set:
-    name: caddy_set
-  qbittorrent:
-    name: qbittorrent
-    external: true
-  shoko:
-    name: shoko
-    external: true
-  ariang:
-    name: ariang
-  puffer-config:
-    name: puffer-config
-  technitium:
-    name: technitium
-    external: true
-  sonarr:
-    name: sonarr
-  prowlarr:
-    name: prowlarr
-    external: true
-  nextcloud_aio_mastercontainer:
-    name: nextcloud_aio_mastercontainer
-  bitmonero:
-    name: bitmonero
-  p2pool-data:
-    name: p2pool-data
-  gluetun:
-    name: gluetun

scripts/run-all.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# Define the path to the .env file (root-level)
+ENV_FILE="/mnt/docker/.env"
+
+# Base directory where the service Compose files are located
+COMPOSE_DIR="/mnt/docker/docker-compose.d"
+
+# List of service directories under docker-compose.d
+services=(
+    "Documentation/bookstack.yml"
+    "Documentation/gitea.yml"
+    "Documentation/vaultwarden.yml"
+    "Media/arr.yml"
+    "Media/jellyfin.yml"
+    "Media/shoko.yml"
+    "Networking/technitium.yml"
+    "Networking/caddy.yml"
+    "Networking/omada.yml"
+    "Networking/ddns.yml"
+    "Tools/searxng.yml"
+    "Tools/monerod.yml"
+    "Tools/p2pool.yml"
+    "Tools/ariang.yml"
+    "Tools/nextcloud-aio.yml"
+    "Tools/qbit.yml"
+    "Tools/open-webui.yml"
+    "Tools/watchtower.yml"
+    "Tools/pastefy.yml"
+    "Tools/actual.yml"
+    "pterodactyl/docker-compose.yml"
+)
+
+# Start building the docker compose command with multiple -f flags
+COMPOSE_COMMAND="docker compose --env-file \"$ENV_FILE\""
+
+# Loop through each service and append the -f flag for each compose file
+for service in "${services[@]}"; do
+    COMPOSE_COMMAND+=" -f \"$COMPOSE_DIR/$service\""
+done
+
+# Add the up command to the final docker compose command
+COMPOSE_COMMAND+=" --profile panel --profile daemon up -d"
+
+# Execute the composed command
+eval $COMPOSE_COMMAND
+
+echo "All services have been started."