/htpcBeginner-docker-traefik

Docker media and home server stack with Docker Compose, Traefik, Swarm Mode, Google OAuth2/Authelia, and LetsEncrypt

Primary LanguageShellMIT LicenseMIT

Description

This is the updated docker-compose repo of all the media, home, and web server apps described on SmartHomeBeginner.com.

Docker Server Series:

Ubuntu/Debian:

  1. Ultimate Docker Server: Getting Started with OS Preparation [2024]
  2. Docker Media Server Ubuntu/Debian with 60+ Awesome Apps [2024]
  3. Nginx Proxy Manager Docker Compose Guide: Simplest Reverse Proxy [coming soon]
  4. Ultimate Traefik Docker Compose Guide: LE, SSL, Reverse Proxy [2024]
  5. Authelia Docker Compose Guide: Secure 2-Factor Authentication [2024 Update in Progress]
  6. Google OAuth Docker Compose Guide: Multi-Factor Authentication [2024 Update in Progress]
  7. Docker Security Practices for Homelab: Secrets, Firewall, and more
  8. Cloudflare Settings for Docker Traefik Stacks
  9. Implementing a Backup System for Docker Traefik Stack [coming soon]
  10. Automate the Whole Process with Auto-Traefik Script

Synology:

Web Server:

Automate the Process:

Support My Work

Documenting, writing guides, and keeping this repo update-to-date takes hundreds of hours of work. Please consider supporting my work to show your appreciation.

Did this Repo help you?

Join our Community

  • Do you need support or just want to chat with like-minded people. Join our discord.
  • The authors will try our best to help but support is not guaranteed. But you will find others who might have went through what you are going through and may be willing to pay it forward and help.

Supporting Guides

Security:

For security, I implemented CrowdSec multi-server setup in 2022. From the stats, it is blocking/mitigating well over 600 intrusion attempts per day on my servers. I will cover this in a separate guide later but you will find the docker-compose CrowdSec, Traefik Bouncer, and Cloudflare Bouncer Bouncers in my repo already.

Others:

Understanding This Repository

My Setup

I have 5 docker hosts. I sync all my Docker stacks using Syncthing and push the files to GitHub so I can share with the community.

  • docker-compose-hs.yml: Docker Compose for Home Server on Ubuntu Server Proxmox LXC Container.
  • docker-compose-mds.yml: Docker Compose for Media/Database Server on Ubuntu Server Proxmox LXC Container.
  • docker-compose-dns.yml: Docker Compose for AdBlock/ DNS Server on Raspberry Pi 4B.
  • docker-compose-ws.yml: Docker Compose for Web Server on Digital Ocean VPS, which powers this website.
  • docker-compose-ds918.yml: Docker Compose for Synology DS918+ NAS.

Syncing also allows me to have a backup of one system's configuration file in all the other hosts. For this reason, where applicable, I segregate or name files/folders with their hostname (for example: hs for Home Server).

Almost any app/service from the docker-compose files listed above can be copy-pasted to any other compose file in this repo.

Archives

Files and folders inside archives are not actively maintained. But they may still provide a good starting point.

What apps are included in this stack?

The apps I use are scattered around in several different docker-compose files. Click the links below for specific installation guides.

Some apps are used in more than one host and some on only one.

This is not an exhaustive list

FRONTENDS

  • Traefik - Reverse Proxy
  • Nginx Proxy Manager - Reverse Proxy
  • Docker Socket Proxy - Secure Proxy for Docker API
  • OAuth - Google OAuth 2 Forward Authentication
  • Authelia - Private Forward Authentication
  • Portainer - Container Management
  • Organizr - Dashboard for Apps
  • Heimdall - Dashboard for Apps
  • Homepage - Dashboard for Apps
  • Dashy - Dashboard for Apps
  • Autoindex - Plain text Index to All Files

SMART HOME

  • Home Assistant Core - Home Automation
  • HA-Dockermon - Manage Docker containers in Home Assistant
  • Mosquitto - MQTT Broker
  • MotionEye - Video Surveillance
  • Frigate - Video Surveillance
  • ZoneMinder - Video Surveillance
  • MiFlora - MiFlora MQTT Daemon (MiFlora Plant Sensors)

DATABASE

  • MariaDB - MySQL Database
  • phpMyAdmin - Database management
  • InfluxDB - Database for sensor data
  • Postgres - Database
  • Grafana - Graphical data visualization for InfluxDB data
  • Varken - Monitor Plex, Sonarr, Radarr, and Other Data
  • Redis - Key value store
  • Redis Commander - Redis management

DOWNLOADERS

  • jDownloader - Download management
  • TransmissionBT with VPN - Torrent Downloader.
  • SABnzbd - Binary newsgrabber, NZB downloader
  • Nzbget - Binary newsgrabber, NZB downloader
  • qBittorrent with Wireguard VPN from Surfshark - Torrent downloader

INDEXERS

  • NZBHydra2 - NZB meta search
  • Jackett - Torrent proxy
  • Prowlarr - Torrent proxy

PVRS

  • Lidarr - Music Management
  • Radarr - Movie management
  • Sonarr - TV Shows management
  • LazyLibrarian - Books Management
  • Readarr - Books Management

MEDIA SERVER

  • AirSonic Advanced - Music Server
  • NaviDrome - Music Server
  • FunkWhale - Music Server
  • Calibre - Ebook/Audiobook Server
  • Calibre-Web - Ebook/Audiobook Reader
  • Plex - Media Server
  • Emby - Media Server
  • Jellyfin - Media Server
  • Ombi - Media Requests
  • Tautulli - Previously PlexPy. Plex statistics and monitoring
  • Plex-Sync - For Syncing watched status between plex servers
  • PhotoShow - Personal Photo Gallery and viewer
  • TellyTv- IPTV proxy for Plex
  • xTeve- IPTV proxy for Plex

MEDIA FILE MANAGEMENT

  • Bazarr - Subtitle Management
  • Picard - Music Library Tagging and Management
  • Handbrake - Video Conversion, Transcoding, and Compression
  • MKVToolNix - Video Editing, Remuxing (changing media container while keeping original source quality)
  • MakeMKV - Video Editing (Ripping from Disks)
  • FileBot - File renamer
  • Tiny Media Manager - Media Files Management

UTILITIES

  • Firefox - Web Broswerstack
  • Glances - System Information
  • APCUPSD - APC UPS Management
  • Guacamole - Remote desktop, SSH, on Telnet on any HTML5 Browser
  • Guacamole Daemon - Needed for Guacamole
  • Dozzle - Docker logs viewer
  • qDirStat - Directory Statistics
  • StatPing - Status Page & Monitoring Server
  • SmokePing - Network Latency Monitoring
  • VS Code Server - Code Editor
  • Logarr - Log Management
  • Monitorr - Webfront to display the status of any webapp or service
  • Cloud Commander - Web File Manager
  • Cloud9 - Cloud IDE
  • SMTP To Telegram - Sends all incoming Email messages to Telegram
  • UniFi Controller - Controller for Ubiquiti UniFi Network Gear
  • Rclone - Mount Cloud/Google Drive
  • MergerFS - Merge local and remote file systems
  • Gluetun - VPN client for docker containers and more
  • DeUnhealth - Auto restart containers on VPN restart
  • AdGuard Home - DNS Sinkhole / Ad-blocker

WEB

  • Nginx - Web Server
  • php7 - PHP-FPM

MAINTENANCE

  • Watchtower - Automatic Docker Container Updates
  • Docker-GC - Automatic Docker Garbage Collection
  • Traefik Certificate Dumper - Extract Traefik SSL Certs
  • Cloudflare DDNS - Dynamic IP Updater
  • Cloudflare Companion - Automatic CNAME creation for services
  • WhoAmI - For testing.

Bash Aliases

I use bash_aliases to simplify starting and stopping containers/stack. Included in the repo is an example of bash_aliases I use (replace USER with your Linux username).

Download it to a known location (e.g. /home/user/docker/shared/config/). Then add the following code block to .bashrc file in the user's home folder.

if [ -f "$HOME/docker/shared/config/bash_aliases" ]; then
    . $HOME/docker/shared/config/bash_aliases
fi

Here are some example alias commands:

  • dcup - Start Docker Traefik 2 stack
  • dcdown - Stop Docker Traefik 2 stack
  • dcrec - Start or recreate a specific service or the full stack
  • dcstop - Stop a specific service or the full stack
  • dcrestart - Restart a specific service or the full stack
  • dclogs - See real-time logs for the corresponding stack or service
  • dcpull - Pull new images for the corresponding stack or service