Homelab TLS domain variable, set externally configured services, deluge->transmission
parent
4858042e7e
commit
0a6b0bd7c7
|
|
@ -13,11 +13,12 @@ local toList(fmt) = function(object) std.objectValues(std.mapWithKey(formatHelpe
|
||||||
local toLabels = toList('%s=%s');
|
local toLabels = toList('%s=%s');
|
||||||
local toVolumes = toList('%s:%s');
|
local toVolumes = toList('%s:%s');
|
||||||
|
|
||||||
|
local homelabDomain = '0w0.casa';
|
||||||
local traefikLabels(name, host, port, extras) = toLabels({
|
local traefikLabels(name, host, port, extras) = toLabels({
|
||||||
'traefik.enable': 'true',
|
'traefik.enable': 'true',
|
||||||
['traefik.http.routers.%s.rule' % name]: 'Host(`%s.mat`)' % host,
|
['traefik.http.routers.%s.rule' % name]: 'Host(`%s.mat`)' % host,
|
||||||
['traefik.http.routers.%s.entrypoints' % name]: 'web',
|
['traefik.http.routers.%s.entrypoints' % name]: 'web',
|
||||||
['traefik.http.routers.%s-tls.rule' % name]: 'Host(`%s.home.mat.services`)' % host,
|
['traefik.http.routers.%s-tls.rule' % name]: 'Host(`%s.%s`)' % [host, homelabDomain],
|
||||||
['traefik.http.routers.%s-tls.entrypoints' % name]: 'web-tls',
|
['traefik.http.routers.%s-tls.entrypoints' % name]: 'web-tls',
|
||||||
'traefik.docker.network': 'traefik',
|
'traefik.docker.network': 'traefik',
|
||||||
} + extras + if port == null then {} else {
|
} + extras + if port == null then {} else {
|
||||||
|
|
@ -57,6 +58,11 @@ local extractVolumes(cfg) = {
|
||||||
])
|
])
|
||||||
};
|
};
|
||||||
|
|
||||||
|
local mediaVolumes(name, external) =
|
||||||
|
local volume = if external then 'media_%s_config' else '%s_config';
|
||||||
|
{
|
||||||
|
[volume % name]: '/config',
|
||||||
|
};
|
||||||
local mediaMounts(mounts) = {
|
local mediaMounts(mounts) = {
|
||||||
['/media/mat/%s' % path]: mounts[path]
|
['/media/mat/%s' % path]: mounts[path]
|
||||||
for path in std.objectFields(mounts)
|
for path in std.objectFields(mounts)
|
||||||
|
|
@ -77,12 +83,14 @@ local mediaMounts(mounts) = {
|
||||||
|
|
||||||
MediaMounts:: mediaMounts,
|
MediaMounts:: mediaMounts,
|
||||||
|
|
||||||
MediaService(name, tag='latest', env={}, mounts={}, webPort=null, ports=[], extras={}):: {
|
MediaService(name, tag='latest', env={}, mounts={}, webPort=null, ports=[], extras={}, external=false):: {
|
||||||
image: 'lscr.io/linuxserver/%s:%s' % [name, tag],
|
image: 'lscr.io/linuxserver/%s:%s' % [name, tag],
|
||||||
environment: mediaEnv + env,
|
environment: mediaEnv + env,
|
||||||
volumes: { ['media_%s_config' % name]: '/config' },
|
volumes: mediaVolumes(name, external),
|
||||||
mounts:: mediaMounts(mounts),
|
mounts:: mediaMounts(mounts),
|
||||||
webPort:: webPort,
|
webPort:: webPort,
|
||||||
ports: ports,
|
ports: ports,
|
||||||
} + extras,
|
} + extras,
|
||||||
|
|
||||||
|
HomelabDomain:: homelabDomain,
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,7 @@ local Command = compose.Command;
|
||||||
local Port = compose.Port;
|
local Port = compose.Port;
|
||||||
local MediaService = compose.MediaService;
|
local MediaService = compose.MediaService;
|
||||||
local MediaMounts = compose.MediaMounts;
|
local MediaMounts = compose.MediaMounts;
|
||||||
|
local HomelabDomain = compose.HomelabDomain;
|
||||||
|
|
||||||
function(secrets={})
|
function(secrets={})
|
||||||
Compose({
|
Compose({
|
||||||
|
|
@ -13,15 +14,19 @@ function(secrets={})
|
||||||
devices: ['/dev/net/tun:/dev/net/tun'],
|
devices: ['/dev/net/tun:/dev/net/tun'],
|
||||||
environment: {
|
environment: {
|
||||||
TZ: 'America/New_York',
|
TZ: 'America/New_York',
|
||||||
VPN_SERVICE_PROVIDER: 'custom',
|
// VPN_SERVICE_PROVIDER: 'custom',
|
||||||
VPN_TYPE: 'wireguard',
|
// VPN_TYPE: 'wireguard',
|
||||||
// VPN_PORT_FORWARDING: 'on',
|
|
||||||
// VPN_PORT_FORWARDING_PROVIDER: 'protonvpn',
|
// VPN_PORT_FORWARDING_PROVIDER: 'protonvpn',
|
||||||
VPN_ENDPOINT_IP: std.get(secrets, 'VPN_ENDPOINT_IP'),
|
// VPN_ENDPOINT_IP: std.get(secrets, 'VPN_ENDPOINT_IP'),
|
||||||
VPN_ENDPOINT_PORT: std.get(secrets, 'VPN_ENDPOINT_PORT'),
|
// VPN_ENDPOINT_PORT: std.get(secrets, 'VPN_ENDPOINT_PORT'),
|
||||||
WIREGUARD_PUBLIC_KEY: std.get(secrets, 'WIREGUARD_PUBLIC_KEY'),
|
// WIREGUARD_PUBLIC_KEY: std.get(secrets, 'WIREGUARD_PUBLIC_KEY'),
|
||||||
WIREGUARD_PRIVATE_KEY: std.get(secrets, 'WIREGUARD_PRIVATE_KEY'),
|
// WIREGUARD_PRIVATE_KEY: std.get(secrets, 'WIREGUARD_PRIVATE_KEY'),
|
||||||
WIREGUARD_ADDRESSES: std.get(secrets, 'WIREGUARD_ADDRESSES'),
|
// WIREGUARD_ADDRESSES: std.get(secrets, 'WIREGUARD_ADDRESSES'),
|
||||||
|
VPN_SERVICE_PROVIDER: 'protonvpn',
|
||||||
|
VPN_PORT_FORWARDING: 'on',
|
||||||
|
OPENVPN_USER: std.get(secrets, 'OPENVPN_USER'),
|
||||||
|
OPENVPN_PASSWORD: std.get(secrets, 'OPENVPN_PASSWORD'),
|
||||||
|
SERVER_HOSTNAMES: 'node-ch-08.protonvpn.net',
|
||||||
},
|
},
|
||||||
ports: [
|
ports: [
|
||||||
// http proxy
|
// http proxy
|
||||||
|
|
@ -29,6 +34,13 @@ function(secrets={})
|
||||||
// shadowsocks proxy
|
// shadowsocks proxy
|
||||||
// Port(8388),
|
// Port(8388),
|
||||||
// Port(8388, kind='udp'),
|
// Port(8388, kind='udp'),
|
||||||
|
// app local ports
|
||||||
|
// deluge
|
||||||
|
// Port(58846),
|
||||||
|
// Port(58846, kind='udp'),
|
||||||
|
// transmission
|
||||||
|
Port(9091),
|
||||||
|
Port(9091, kind='udp'),
|
||||||
],
|
],
|
||||||
webPort:: 8000,
|
webPort:: 8000,
|
||||||
volumes: { gluetun_data: '/gluetun' },
|
volumes: { gluetun_data: '/gluetun' },
|
||||||
|
|
@ -36,14 +48,14 @@ function(secrets={})
|
||||||
traefik: {
|
traefik: {
|
||||||
image: 'traefik:latest',
|
image: 'traefik:latest',
|
||||||
command: Command({
|
command: Command({
|
||||||
'log.level': 'ERROR',
|
'log.level': 'DEBUG',
|
||||||
'api.insecure': 'true',
|
'api.insecure': 'true',
|
||||||
'providers.docker': 'true',
|
'providers.docker': 'true',
|
||||||
'providers.docker.exposedbydefault': 'false',
|
'providers.docker.exposedbydefault': 'false',
|
||||||
'entrypoints.web.address': ':80',
|
'entrypoints.web.address': ':80',
|
||||||
'entrypoints.web-tls.address': ':443',
|
'entrypoints.web-tls.address': ':443',
|
||||||
'entrypoints.web-tls.http.tls.domains[0].main': 'home.mat.services',
|
'entrypoints.web-tls.http.tls.domains[0].main': HomelabDomain,
|
||||||
'entrypoints.web-tls.http.tls.domains[0].sans': '*.home.mat.services',
|
'entrypoints.web-tls.http.tls.domains[0].sans': '*.%s' % HomelabDomain,
|
||||||
'entrypoints.web-tls.http.tls.certresolver': 'letsencrypt',
|
'entrypoints.web-tls.http.tls.certresolver': 'letsencrypt',
|
||||||
'certificatesresolvers.letsencrypt.acme.dnschallenge': true,
|
'certificatesresolvers.letsencrypt.acme.dnschallenge': true,
|
||||||
'certificatesresolvers.letsencrypt.acme.dnschallenge.provider': 'luadns',
|
'certificatesresolvers.letsencrypt.acme.dnschallenge.provider': 'luadns',
|
||||||
|
|
@ -58,7 +70,7 @@ function(secrets={})
|
||||||
],
|
],
|
||||||
environment: {
|
environment: {
|
||||||
LUADNS_API_USERNAME: 'mat@mat.services',
|
LUADNS_API_USERNAME: 'mat@mat.services',
|
||||||
LUADNS_API_TOKEN: std.get(secrets, 'LUADNS_API_TOKEN'),
|
LUADNS_API_TOKEN: std.get(secrets, 'LETSENCRYPT_DNS_PROVIDER_KEY'),
|
||||||
},
|
},
|
||||||
traefik:: {
|
traefik:: {
|
||||||
// 'traefik.http.routers.http-catchall.rule': 'hostregexp(`{host:.+}`)'
|
// 'traefik.http.routers.http-catchall.rule': 'hostregexp(`{host:.+}`)'
|
||||||
|
|
@ -76,13 +88,25 @@ function(secrets={})
|
||||||
// useful when traefik is having issues
|
// useful when traefik is having issues
|
||||||
// ports: [Port(9443)],
|
// ports: [Port(9443)],
|
||||||
},
|
},
|
||||||
deluge: MediaService(
|
transmission: MediaService(
|
||||||
name='deluge',
|
name='transmission',
|
||||||
env={ DELUGE_LOGLEVEL: 'error' },
|
env={
|
||||||
|
USER: 'mat',
|
||||||
|
PASS: std.get(secrets, 'TRANSMISSION_PASS'),
|
||||||
|
PEERPORT: 55249,
|
||||||
|
},
|
||||||
mounts={ torrents: '/downloads' },
|
mounts={ torrents: '/downloads' },
|
||||||
webPort=8112,
|
webPort=9091,
|
||||||
extras={ gluetun:: true },
|
extras={ gluetun:: true },
|
||||||
),
|
),
|
||||||
|
// deluge: MediaService(
|
||||||
|
// name='deluge',
|
||||||
|
// env={ DELUGE_LOGLEVEL: 'error' },
|
||||||
|
// mounts={ torrents: '/downloads' },
|
||||||
|
// webPort=8112,
|
||||||
|
// extras={ gluetun:: true },
|
||||||
|
// external=true,
|
||||||
|
// ),
|
||||||
prowlarr: MediaService(
|
prowlarr: MediaService(
|
||||||
name='prowlarr',
|
name='prowlarr',
|
||||||
tag='develop',
|
tag='develop',
|
||||||
|
|
@ -93,6 +117,7 @@ function(secrets={})
|
||||||
'passport-1tb': '/passport-1tb',
|
'passport-1tb': '/passport-1tb',
|
||||||
},
|
},
|
||||||
extras={ gluetun:: true },
|
extras={ gluetun:: true },
|
||||||
|
external=true,
|
||||||
),
|
),
|
||||||
bazarr: MediaService(
|
bazarr: MediaService(
|
||||||
name='bazarr',
|
name='bazarr',
|
||||||
|
|
@ -102,6 +127,7 @@ function(secrets={})
|
||||||
'passport-1tb': '/passport-1tb',
|
'passport-1tb': '/passport-1tb',
|
||||||
},
|
},
|
||||||
extras={ gluetun:: true },
|
extras={ gluetun:: true },
|
||||||
|
external=true,
|
||||||
),
|
),
|
||||||
radarr: MediaService(
|
radarr: MediaService(
|
||||||
name='radarr',
|
name='radarr',
|
||||||
|
|
@ -112,6 +138,7 @@ function(secrets={})
|
||||||
torrents: '/downloads',
|
torrents: '/downloads',
|
||||||
},
|
},
|
||||||
extras={ gluetun:: true },
|
extras={ gluetun:: true },
|
||||||
|
external=true,
|
||||||
),
|
),
|
||||||
sonarr: MediaService(
|
sonarr: MediaService(
|
||||||
name='sonarr',
|
name='sonarr',
|
||||||
|
|
@ -122,6 +149,7 @@ function(secrets={})
|
||||||
torrents: '/downloads',
|
torrents: '/downloads',
|
||||||
},
|
},
|
||||||
extras={ gluetun:: true },
|
extras={ gluetun:: true },
|
||||||
|
external=true,
|
||||||
),
|
),
|
||||||
plex: {
|
plex: {
|
||||||
image: 'plexinc/pms-docker',
|
image: 'plexinc/pms-docker',
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue