aldo/ServerInfrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
ServerInfrastructure/docker-compose.yml
Alexander Doerflinger 2ffcbb5f60 Initial commit
2026-02-20 09:10:27 +01:00

122 lines
4.0 KiB
YAML
Raw Permalink Blame History

###############################################################################
# Home Server Docker Compose Stack
# Services: Nginx Proxy Manager, Home Assistant, Gitea, WireGuard
#
# Usage:
# cp .env.example .env # then edit .env with your values
# docker compose up -d
###############################################################################
networks:
proxy-network:
name: proxy-network
driver: bridge
ipam:
config:
- subnet: 172.20.0.0/24
services:
# ===========================================================================
# Nginx Proxy Manager — Reverse proxy with built-in Let's Encrypt
# Admin UI: http://<server-ip>:81
# Default login: admin@example.com / changeme
# ===========================================================================
nginx-proxy-manager:
image: jc21/nginx-proxy-manager:latest
container_name: nginx-proxy-manager
restart: unless-stopped
ports:
- "80:80" # HTTP
- "443:443" # HTTPS
- "81:81" # Admin UI
volumes:
- ./nginx-proxy-manager/data:/data
- ./nginx-proxy-manager/letsencrypt:/etc/letsencrypt
networks:
- proxy-network
healthcheck:
test: [ "CMD", "/usr/bin/check-health" ]
interval: 30s
timeout: 10s
retries: 3
# ===========================================================================
# Home Assistant — Smart home platform
# Internal URL: http://homeassistant:8123
# ===========================================================================
homeassistant:
image: ghcr.io/home-assistant/home-assistant:stable
container_name: homeassistant
restart: unless-stopped
environment:
- TZ=${TZ:-Europe/Berlin}
volumes:
- ./homeassistant:/config
networks:
- proxy-network
depends_on:
- nginx-proxy-manager
# ===========================================================================
# Gitea — Lightweight Git hosting
# Internal URL: http://gitea:3000
# SSH: Port 2222 (mapped from container 22)
# ===========================================================================
gitea:
image: gitea/gitea:latest
container_name: gitea
restart: unless-stopped
environment:
- USER_UID=${PUID:-1000}
- USER_GID=${PGID:-1000}
- GITEA__database__DB_TYPE=sqlite3
- GITEA__database__PATH=/data/gitea/gitea.db
- GITEA__server__DOMAIN=${DOMAIN_GITEA:-git.doerflingers.com}
- GITEA__server__SSH_DOMAIN=${DOMAIN_GITEA:-git.doerflingers.com}
- GITEA__server__SSH_PORT=${GITEA_SSH_PORT:-2222}
- GITEA__server__ROOT_URL=https://${DOMAIN_GITEA:-git.doerflingers.com}/
- GITEA__server__LFS_START_SERVER=true
- GITEA__security__SECRET_KEY=${GITEA_SECRET_KEY:-}
- GITEA__security__INTERNAL_TOKEN=${GITEA_INTERNAL_TOKEN:-}
volumes:
- ./gitea/data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "${GITEA_SSH_PORT:-2222}:22"
networks:
- proxy-network
depends_on:
- nginx-proxy-manager
# ===========================================================================
# WireGuard — Modern VPN server
# External: UDP port 51820 (must be forwarded in FritzBox)
# ===========================================================================
wireguard:
image: lscr.io/linuxserver/wireguard:latest
container_name: wireguard
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
environment:
- PUID=${PUID:-1000}
- PGID=${PGID:-1000}
- TZ=${TZ:-Europe/Berlin}
- SERVERURL=${WG_SERVERURL:-home.doerflingers.com}
- SERVERPORT=${WG_PORT:-51820}
- PEERS=${WG_PEERS:-phone,laptop,tablet}
- PEERDNS=auto
- INTERNAL_SUBNET=${WG_INTERNAL_SUBNET:-10.13.13.0}
- ALLOWEDIPS=0.0.0.0/0
volumes:
- ./wireguard/config:/config
- /lib/modules:/lib/modules:ro
ports:
- "${WG_PORT:-51820}:51820/udp"
networks:
- proxy-network
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
Reference in New Issue View Git Blame Copy Permalink