TrueNAS/docker-apps
TrueNAS/docker-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4505de274c
docker-apps/gluetun-qb/stacks/compose.yml
Chris d067d5f1f7 first commit
2025-04-03 22:57:52 +02:00

111 lines
5.3 KiB
YAML
Raw Blame History

# gluetun for arr apps
# to use gluetun from apps in other projects, use network_mode: "container:gluetun-arr"
# access apps in this project with 127.0.0.1:PORT, e.g. to access qbittorrent use localhost:10095
# NB: Start gluetun-arr first, before starting depending apps in other projects
# Stop & inactivate depending apps in other projects first, before stopping this gluetun-arr
# we will use 10.255.239.0/24 block of the traefik subnet for containers that have to connect to arr apps
# See .static-ips.yml for static ip addresses
name: gluetun-qb
networks:
traefik-net:
external: true
secrets:
wireguard_private_key:
file: ${SECRETSDIR}/wireguard_private_key
services:
qbittorrent:
image: lscr.io/linuxserver/qbittorrent:latest
env_file: .${QBIT_APP}.env
network_mode: "service:gluetun"
volumes:
- "${DATAROOT}/${QBIT_APP}/config:/config"
- "${DOWNLOADSDIR}:${CT_DOWNLOADS}"
- "${RECYCLINGDIR}/${QBIT_APP}:${CT_RECYCLINGBIN}:rw"
restart: unless-stopped
depends_on:
gluetun:
condition: service_healthy
flaresolverr:
# DockerHub mirror flaresolverr/flaresolverr:latest
image: ghcr.io/flaresolverr/flaresolverr:latest
# container_name: flaresolverr
env_file: .${FLARESOLVERR_APP}.env
network_mode: "service:gluetun"
restart: unless-stopped
gluetun:
image: qmcgaw/gluetun:latest
#hostname: gluetun-qb
env_file: .gluetun.env
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
volumes:
- "${DATADIR}/appdata:/gluetun"
secrets:
- wireguard_private_key
networks:
traefik-net:
ipv4_address: 10.255.239.3 # to access services in this project from other containers; hostnames and aliases will not work
restart: always
labels:
- traefik.enable=true
- traefik.docker.network=traefik-net
##################################################################################
################################# QBIT_APP ##################################
#
# http services
# -------------
- "traefik.http.services.${QBIT_APP}-gt-svc.loadbalancer.server.port=${QBIT_PORT}"
#
# http routers
# ------------
# limit router to web ":80" entrypoint (Note: web entrypoint http requests are globally redirected to websecure router in traefik.yml)
- "traefik.http.routers.${QBIT_APP}-rtr.entrypoints=web"
# set match criteria for router
- "traefik.http.routers.${QBIT_APP}-rtr.rule=Host(`${QBIT_URL}`)&& PathPrefix(`/`)"
# attach middlewares to router
- "traefik.http.routers.${QBIT_APP}-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress-redirect@file"
# assign svc target to router
- "traefik.http.routers.${QBIT_APP}-rtr.service=${QBIT_APP}-gt-svc"
#
# limit router to websecure ":443" entrypoint
- "traefik.http.routers.${QBIT_APP}-secure-rtr.entrypoints=websecure"
# set match criteria for router
- "traefik.http.routers.${QBIT_APP}-secure-rtr.rule=Host(`${QBIT_URL}`)&& PathPrefix(`/`)"
# set router to be dedicated to secure requests only for the host specified in match criteria
- "traefik.http.routers.${QBIT_APP}-secure-rtr.tls=true"
# apply tls options
- "traefik.http.routers.${QBIT_APP}-secure-rtr.tls.options=tls-options@file"
# generate certificates using following certresolver
- "traefik.http.routers.${QBIT_APP}-secure-rtr.tls.certresolver=solver-dns"
# attach middlewares to routers
#- "traefik.http.routers.${QBIT_APP}-secure-rtr.middlewares=${QBIT_APP}-auth"
- "traefik.http.routers.${QBIT_APP}-secure-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress@file"
# assign svc target to router
- "traefik.http.routers.${QBIT_APP}-secure-rtr.service=${QBIT_APP}-gt-svc"
##################################################################################
################################# FLARESOLVERR_APP ##################################
- "traefik.http.services.${FLARESOLVERR_APP}-gt-svc.loadbalancer.server.port=${FLARESOLVERR_PORT}"
- "traefik.http.routers.${FLARESOLVERR_APP}-rtr.entrypoints=web"
- "traefik.http.routers.${FLARESOLVERR_APP}-rtr.rule=Host(`${FLARESOLVERR_URL}`)&& PathPrefix(`/`)"
- "traefik.http.routers.${FLARESOLVERR_APP}-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress-redirect@file"
- "traefik.http.routers.${FLARESOLVERR_APP}-rtr.service=${FLARESOLVERR_APP}-gt-svc"
- "traefik.http.routers.${FLARESOLVERR_APP}-secure-rtr.entrypoints=websecure"
- "traefik.http.routers.${FLARESOLVERR_APP}-secure-rtr.rule=Host(`${FLARESOLVERR_URL}`)&& PathPrefix(`/`)"
- "traefik.http.routers.${FLARESOLVERR_APP}-secure-rtr.tls=true"
- "traefik.http.routers.${FLARESOLVERR_APP}-secure-rtr.tls.options=tls-options@file"
- "traefik.http.routers.${FLARESOLVERR_APP}-secure-rtr.tls.certresolver=solver-dns"
#- "traefik.http.routers.${FLARESOLVERR_APP}-secure-rtr.middlewares=${FLARESOLVERR_APP}-auth"
- "traefik.http.routers.${FLARESOLVERR_APP}-secure-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress@file"
- "traefik.http.routers.${FLARESOLVERR_APP}-secure-rtr.service=${FLARESOLVERR_APP}-gt-svc"
##################################################################################
Reference in New Issue View Git Blame Copy Permalink