local compose = import 'compose.libsonnet'; local Compose = compose.Compose; local Command = compose.Command; local Port = compose.Port; local MediaService = compose.MediaService; local MediaMounts = compose.MediaMounts; function(secrets={}) Compose({ gluetun: { image: 'qmcgaw/gluetun', cap_add: ['NET_ADMIN'], devices: ['/dev/net/tun:/dev/net/tun'], environment: { TZ: 'America/New_York', VPN_SERVICE_PROVIDER: 'custom', VPN_TYPE: 'wireguard', // VPN_PORT_FORWARDING: 'on', // VPN_PORT_FORWARDING_PROVIDER: 'protonvpn', VPN_ENDPOINT_IP: std.get(secrets, 'VPN_ENDPOINT_IP'), VPN_ENDPOINT_PORT: std.get(secrets, 'VPN_ENDPOINT_PORT'), WIREGUARD_PUBLIC_KEY: std.get(secrets, 'WIREGUARD_PUBLIC_KEY'), WIREGUARD_PRIVATE_KEY: std.get(secrets, 'WIREGUARD_PRIVATE_KEY'), WIREGUARD_ADDRESSES: std.get(secrets, 'WIREGUARD_ADDRESSES'), }, ports: [ Port(8888), Port(8388), Port(8388, kind='udp'), ], webPort:: 8000, volumes: { gluetun_data: '/gluetun' }, }, traefik: { image: 'traefik:latest', command: Command({ 'log.level': 'ERROR', 'api.insecure': 'true', 'providers.docker': 'true', 'providers.docker.exposedbydefault': 'false', 'entrypoints.web.address': ':80', // 'entrypoints.websecure.address': ':443', }), docker:: true, webPort:: 8080, ports: [ Port(80), // Port(443), ], traefik:: { // 'traefik.http.routers.http-catchall.rule': 'hostregexp(`{host:.+}`)' // 'traefik.http.routers.http-catchall.entrypoints': 'web' // 'traefik.http.routers.http-catchall.middlewares': 'redirect-to-https' // 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme': 'https' }, }, portainer: { image: 'portainer/portainer-ce:latest', docker:: true, volumes: { portainer_portainer_data: '/data' }, webPort:: 9000, ports: [Port(9443)], }, deluge: MediaService( name='deluge', env={ DELUGE_LOGLEVEL: 'error' }, mounts={ torrents: '/downloads' }, webPort=8112, // ports=[ // Port(54979), // Port(54979, kind='udp'), // ], extras={ gluetun:: true }, ), prowlarr: MediaService( name='prowlarr', tag='develop', webPort=9696, mounts={ torrents: '/downloads', 'passport-5tb': '/passport-5tb', 'passport-1tb': '/passport-1tb', }, extras={ gluetun:: true }, ), bazarr: MediaService( name='bazarr', webPort=6767, mounts={ 'passport-5tb': '/passport-5tb', 'passport-1tb': '/passport-1tb', }, extras={ gluetun:: true }, ), radarr: MediaService( name='radarr', webPort=7878, mounts={ 'passport-5tb/movies': '/passport-5tb', 'passport-1tb/movies': '/passport-1tb', torrents: '/downloads', }, extras={ gluetun:: true }, ), sonarr: MediaService( name='sonarr', webPort=8989, mounts={ 'passport-5tb/tv': '/passport-5tb', 'passport-1tb/tv': '/passport-1tb', torrents: '/downloads', }, extras={ gluetun:: true }, ), plex: { image: 'plexinc/pms-docker', environment: { TZ: 'America/New_York', PLEX_CLAIM: std.get(secrets, 'PLEX_CLAIM'), // ADVERTISE_IP: std.get(secrets, 'PLEX_ADVERTISE_IP'), }, volumes: { media_plex_config: '/config' }, mounts:: MediaMounts({ 'torrents/plex-transcode': '/transcode', 'passport-5tb': '/passport-5tb', 'passport-1tb': '/passport-1tb', }), devices: ['/dev/dri:/dev/dri'], webPort:: 32400, ports: [ Port(32400), Port(3005), Port(8324), Port(32469), Port(1900, kind='udp'), Port(32410, kind='udp'), Port(32412, kind='udp'), Port(32413, kind='udp'), Port(32414, kind='udp'), ], }, archivebox: { entrypoint: 'echo "archivebox disabled"', restart: 'no', image: 'archivebox/archivebox:dev', command: 'server --quick-init 0.0.0.0:8000', // TODO: hack to workaround https://github.com/ArchiveBox/ArchiveBox/issues/1002 // entrypoint: '/bin/bash', // command: '-c "chown -R archivebox:archivebox /app/archivebox/core/migrations && /app/bin/docker_entrypoint.sh server --quick-init 0.0.0.0:8000"', environment: { ALLOWED_HOSTS: '*', MEDIA_MAX_SIZE: '750m', RESOLUTION: '1024,768', }, mounts:: MediaMounts({ 'passport-5tb/archivebox': '/data' }), webPort:: 8000, host:: 'archive', }, firefly: { entrypoint: 'echo "firefly disabled"', restart: 'no', image: 'fireflyiii/core:latest', environment: { DB_CONNECTION: 'sqlite', APP_DEBUG: true, SITE_OWNER: 'mat@mat.services', APP_KEY: std.get(secrets, 'FIREFLY_APP_KEY'), TZ: 'America/New_York', TRUSTED_PROXIES: '**', }, volumes: { firefly_data: '/storage', firefly_uploads: '/var/www/html/storage/upload', }, webPort:: 8080, }, actual: { entrypoint: 'echo "actual disabled"', restart: 'no', image: 'jlongster/actual-server:latest', environment: { userFilesPath: '/data/user', serverFilesPath: '/data/server', externalPort: 5006, }, volumes: { actual_data: '/data' }, webPort:: 5006, }, })