services: copyparty: image: copyparty/ac environment: # - SERVICE_URL_COPYPARTY_3923 - LD_PRELOAD=/usr/lib/libmimalloc-secure.so.NOPE # enable mimalloc by replacing "NOPE" with "2" for a nice speed-boost (will use twice as much ram) - PYTHONUNBUFFERED=1 # ensures log-messages are not delayed (but can reduce speed a tiny bit) # container_name: idp_copyparty # user: "1000:1000" # should match the user/group of your fileshare volumes volumes: - type: bind source: /share/app/copyparty/files/public target: /w:z - cpp/:/cfg:z # networks: # - net # expose: # - 3923 labels: - 'traefik.enable=true' - 'traefik.http.routers.copyparty.rule=Host(`files.cloud.velha.casa`)' - 'traefik.http.routers.copyparty.entrypoints=https' - 'traefik.http.routers.copyparty.tls=true' - 'traefik.http.routers.copyparty.middlewares=authelia@docker' stop_grace_period: 15s # thumbnailer is allowed to continue finishing up for 10s after the shutdown signal authelia: image: authelia/authelia:v4.38.0-beta3 # the config files in the authelia folder use the new syntax environment: # - SERVICE_URL_AUTHELIA_9091 # container_name: idp_authelia volumes: - authelia:/config:z - TZ=America/Sao_Paulo # networks: # - net labels: - 'traefik.enable=true' - 'traefik.http.routers.authelia.rule=Host(`authelia.cloud.velha.casa`)' - 'traefik.http.routers.authelia.entrypoints=https' - 'traefik.http.routers.authelia.tls=true' #- 'traefik.http.routers.authelia.tls.certresolver=letsencrypt' # uncomment this to enable automatic certificate signing (1/2) - 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia.cloud.velha.casa/api/authz/forward-auth?authelia_url=https://authelia.cloud.velha.casa' - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true' - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email' # expose: # - 9091 # restart: unless-stopped # healthcheck: # disable: true redis: image: redis:7.2.4-alpine3.19 environment: # - SERVICE_URL_REDIS_6379 - TZ=America/Sao_Paulo # container_name: idp_redis volumes: - redis:/data:z # networks: # - net # expose: # - 6379 # restart: unless-stopped # traefik: # image: traefik:2.11.0 # container_name: idp_traefik # volumes: # - ./traefik:/etc/traefik:z # - /var/run/docker.sock:/var/run/docker.sock # WARNING: this gives traefik full root-access to the host OS, but is recommended/required(?) by traefik # security_opt: # - label:disable # disable selinux because it (rightly) blocks access to docker.sock # networks: # - net # labels: # - 'traefik.enable=true' # - 'traefik.http.routers.api.rule=Host(`traefik.example.com`)' # - 'traefik.http.routers.api.entrypoints=https' # - 'traefik.http.routers.api.service=api@internal' # - 'traefik.http.routers.api.tls=true' # #- 'traefik.http.routers.api.tls.certresolver=letsencrypt' # uncomment this to enable automatic certificate signing (2/2) # - 'traefik.http.routers.api.middlewares=authelia@docker' # ports: # - '80:80' # - '443:443' # command: # - '--api' # - '--providers.docker=true' # - '--providers.docker.exposedByDefault=false' # - '--entrypoints.http=true' # - '--entrypoints.http.address=:80' # - '--entrypoints.http.http.redirections.entrypoint.to=https' # - '--entrypoints.http.http.redirections.entrypoint.scheme=https' # - '--entrypoints.https=true' # - '--entrypoints.https.address=:443' # - '--certificatesResolvers.letsencrypt.acme.email=your-email@your-domain.com' # - '--certificatesResolvers.letsencrypt.acme.storage=/etc/traefik/acme.json' # - '--certificatesResolvers.letsencrypt.acme.httpChallenge.entryPoint=http' # - '--log=true' # - '--log.level=WARNING' # DEBUG # networks: # net: # driver: bridge