Docker/truenas-docker
Docker/truenas-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
master
truenas-docker/esphome/compose.yml
root 9610d10bb0 first commit
2025-12-02 13:08:52 +02:00

110 lines
5.0 KiB
YAML
Raw Permalink Blame History

name: esphome
networks:
traefik-net:
external: true
macvlan1:
external: true
#secrets:
# wireguard_private_key:
# file: ${SECRETSDIR}/wireguard_private_key
services:
esphome:
image: esphome/esphome:2025.11.0 #2025.9.1
env_file: .esphome.env
volumes:
- /etc/localtime:/etc/localtime:ro
- ${DATADIR}/config:/config
# - /var/run/avahi-daemon/socket:/var/run/avahi-daemon/socket
restart: unless-stopped
privileged: true
# added network_mode for VPN access
# network_mode: "service:gluetun"
# depends_on:
# gluetun:
# condition: service_healthy
# hostname, networks and labels removed for VPN access
# hostname: esphome
networks:
traefik-net: null
macvlan1:
ipv4_address: ${ESPHOME_LOCAL}
labels:
- traefik.enable=true
- traefik.docker.network=traefik-net
- traefik.http.services.${APPLICATION_NAME}-svc.loadbalancer.server.port=${WEBUI_PORT}
- traefik.http.routers.${APPLICATION_NAME}-rtr.entrypoints=web
- traefik.http.routers.${APPLICATION_NAME}-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&&
PathPrefix(`/`)
- traefik.http.routers.${APPLICATION_NAME}-rtr.middlewares=http-mw-secureHeaders-redirect@file
- traefik.http.routers.${APPLICATION_NAME}-rtr.service=${APPLICATION_NAME}-svc
- traefik.http.routers.${APPLICATION_NAME}-secure-rtr.entrypoints=websecure
- traefik.http.routers.${APPLICATION_NAME}-secure-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&&
PathPrefix(`/`)
- traefik.http.routers.${APPLICATION_NAME}-secure-rtr.middlewares=http-mw-secureHeaders@file
- traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls=true
- traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls.options=tls-options@file
- traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls.certresolver=solver-dns
- traefik.http.routers.${APPLICATION_NAME}-secure-rtr.service=${APPLICATION_NAME}-svc
avahi-tools:
volumes:
- /run/dbus:/var/run/dbus
- /run/avahi-daemon:/var/run/avahi-daemon
image: ahasbini/avahi-tools:latest
command: avahi-publish -a esphome.local ${ESPHOME_LOCAL}
#command: avahi-publish-service -s esphome.local _http._tcp
# temporary VPN
# gluetun:
# image: qmcgaw/gluetun:latest
# #hostname: gluetun-qb
# env_file: .gluetun.env
# cap_add:
# - NET_ADMIN
# devices:
# - /dev/net/tun
# volumes:
# - "${DATADIR}/appdata:/gluetun"
# secrets:
# - wireguard_private_key
# networks:
# traefik-net:
# ipv4_address: 10.255.239.4 # to access services in this project from other containers; hostnames and aliases will not work
# restart: always
# labels:
# - traefik.enable=true
# - traefik.docker.network=traefik-net
# ##################################################################################
# ################################# ESPH_APP ##################################
# #
# # http services
# # -------------
# - "traefik.http.services.${ESPH_APP}-gt-svc.loadbalancer.server.port=${ESPH_PORT}"
# #
# # http routers
# # ------------
# # limit router to web ":80" entrypoint (Note: web entrypoint http requests are globally redirected to websecure router in traefik.yml)
# - "traefik.http.routers.${ESPH_APP}-rtr.entrypoints=web"
# # set match criteria for router
# - "traefik.http.routers.${ESPH_APP}-rtr.rule=Host(`${ESPH_URL}`)&& PathPrefix(`/`)"
# # attach middlewares to router
# - "traefik.http.routers.${ESPH_APP}-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress-redirect@file"
# # assign svc target to router
# - "traefik.http.routers.${ESPH_APP}-rtr.service=${ESPH_APP}-gt-svc"
# #
# # limit router to websecure ":443" entrypoint
# - "traefik.http.routers.${ESPH_APP}-secure-rtr.entrypoints=websecure"
# # set match criteria for router
# - "traefik.http.routers.${ESPH_APP}-secure-rtr.rule=Host(`${ESPH_URL}`)&& PathPrefix(`/`)"
# # set router to be dedicated to secure requests only for the host specified in match criteria
# - "traefik.http.routers.${ESPH_APP}-secure-rtr.tls=true"
# # apply tls options
# - "traefik.http.routers.${ESPH_APP}-secure-rtr.tls.options=tls-options@file"
# # generate certificates using following certresolver
# - "traefik.http.routers.${ESPH_APP}-secure-rtr.tls.certresolver=solver-dns"
# # attach middlewares to routers
# #- "traefik.http.routers.${ESPH_APP}-secure-rtr.middlewares=${ESPH_APP}-auth"
# - "traefik.http.routers.${ESPH_APP}-secure-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress@file"
# # assign svc target to router
# - "traefik.http.routers.${ESPH_APP}-secure-rtr.service=${ESPH_APP}-gt-svc"
Reference in New Issue View Git Blame Copy Permalink