223 lines
9.5 KiB
Text
223 lines
9.5 KiB
Text
################################################################
|
|
# Base Configuration
|
|
################################################################
|
|
DOCKERDIR=/CHAMGEME/Homelab-docker-server
|
|
PUID=root
|
|
PGID=root
|
|
TZ=Europe/Paris
|
|
DOMAINNAME=CHANGE_ME
|
|
################################################################
|
|
# SMTP Configuration base conf wit google smtp
|
|
# https://support.google.com/accounts/answer/185833?hl=fr
|
|
################################################################
|
|
SMPT_EMAIL_HOST=smtp.gmail.com
|
|
SMPT_EMAIL_PORT=25
|
|
SMPT_EMAIL_USERNAME=gmail_smtp_username # secrets name
|
|
SMPT_EMAIL_PASSWORD=gmail_smtp_password # secrets name
|
|
SMPT_EMAIL_USE_TLS=true
|
|
SMPT_EMAIL_USE_SSL=false
|
|
SMPT_EMAIL_TIMEOUT=10
|
|
SMPT_EMAIL_FROM=gmail_smtp_username # secrets name
|
|
|
|
################################################################
|
|
#################### Traefik 3 - June 2024 #####################
|
|
# Cloudflare IPs (IPv4 and/or IPv6): https://www.cloudflare.com/ips/
|
|
################################################################
|
|
|
|
CF_EMAIL=CHANGEME
|
|
CLOUDFLARE_IPS=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/13,104.24.0.0/14,172.64.0.0/13,131.0.72.0/22
|
|
LOCAL_IPS=127.0.0.1/32,10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
|
|
|
|
################################################################
|
|
# Secrets command
|
|
################################################################
|
|
SECRETS_RUN=/run/secrets/
|
|
SECRETS_FILE=file://${SECRETS_RUN}
|
|
|
|
################################################################
|
|
# Proxy services
|
|
################################################################
|
|
|
|
DOCKER_HOST=tcp://socket-proxy:2375
|
|
|
|
################################################################
|
|
# Traefik Configuration
|
|
# generate TRAEFIK_DASHBOARD_CREDENTIALS here : https://www.web2generators.com/apache-tools/htpasswd-generator
|
|
################################################################
|
|
|
|
TRAEFIK_DASHBOARD_CREDENTIALS=CHANGE_ME
|
|
TRAEFIK_DASHBOARD_NAME=traefik-dashboard
|
|
TRAEFIK_DASHBOARD_HOST=${TRAEFIK_DASHBOARD_NAME}.${DOMAINNAME}
|
|
|
|
# Traefik load balancing
|
|
# https://gethomepage.dev/latest/widgets/services/traefik/
|
|
HOMEPAGE_VAR_TRAEFIK_URL_EXTERNAL=https://${TRAEFIK_DASHBOARD_HOST}
|
|
HOMEPAGE_VAR_TRAEFIK_USERNAME=admin
|
|
HOMEPAGE_VAR_TRAEFIK_PASSWORD=CHANGE_ME
|
|
|
|
################################################################
|
|
# Portainer Configuration
|
|
################################################################
|
|
PORTAINER_SERVICE_NAME=portainer
|
|
PORTAINER_HOST=${PORTAINER_SERVICE_NAME}.${DOMAINNAME}
|
|
PORTAINER_URL=http://${PORTAINER_SERVICE_NAME}:9000
|
|
|
|
# Homepage configuration for Portainer
|
|
# https://gethomepage.dev/latest/widgets/services/portainer/
|
|
HOMEPAGE_VAR_PORTAINER_URL_EXTERNAL=https://${PORTAINER_HOST}
|
|
HOMEPAGE_VAR_PORTAINER_URL_INTERNAL=${PORTAINER_URL}
|
|
HOMEPAGE_VAR_PORTAINER_KEY=CHANGE_ME
|
|
|
|
################################################################
|
|
# Authentik Configuration
|
|
################################################################
|
|
|
|
AUTHENTIK_SERVICE_NAME=authentik_server
|
|
AUTHENTIK_SERVICE_PORT=9000
|
|
AUTHENTIK_COOKIE_DOMAIN=${DOMAINNAME}
|
|
AUTHENTIK_HOST=authentik.${DOMAINNAME}
|
|
AUTHENTIK_URL=http://${AUTHENTIK_SERVICE_NAME}:${AUTHENTIK_SERVICE_PORT}
|
|
AUTHENTIK_OUTPOST_PATH_PREFIX=/outpost.goauthentik.io/
|
|
|
|
POSTGRES_PASSWORD_FILE=${SECRETS_RUN}authentik_postgresql_password
|
|
#POSTGRES_USER_FILE=${SECRETS_RUN}authentik_postgresql_user
|
|
POSTGRES_USER_FILE=${SECRETS_RUN}authentik_postgresql_db
|
|
POSTGRES_DB_FILE=${SECRETS_RUN}authentik_postgresql_db
|
|
AUTHENTIK_REDIS__HOST=authentik_redis
|
|
AUTHENTIK_POSTGRESQL__HOST=authentik_postgresql
|
|
AUTHENTIK_POSTGRESQL__NAME=${SECRETS_FILE}authentik_postgresql_db
|
|
#AUTHENTIK_POSTGRESQL__USER=${SECRETS_FILE}authentik_postgresql_user
|
|
AUTHENTIK_POSTGRESQL__USER=${SECRETS_FILE}authentik_postgresql_db
|
|
AUTHENTIK_POSTGRESQL__PASSWORD=${SECRETS_FILE}authentik_postgresql_password
|
|
AUTHENTIK_DISABLE_STARTUP_ANALYTICS=true
|
|
AUTHENTIK_DISABLE_UPDATE_CHECK=false
|
|
AUTHENTIK_ERROR_REPORTING__ENABLED=false
|
|
AUTHENTIK_LOG_LEVEL=info # debug, info, warning, error, trace
|
|
AUTHENTIK_SECRET_KEY=${SECRETS_FILE}authentik_secret_key # openssl rand 60 | base64 -w 0
|
|
AUTHENTIK_COOKIE_DOMAIN=${DOMAINNAME}
|
|
# AUTHENTIK_LISTEN__TRUSTED_PROXY_CIDRS: CHANGEME_IFAPPLICABLE # Defaults to all of: 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, fe80::/10, ::1/128
|
|
DOCKER_HOST=tcp://socket-proxy:2375 # Use this if you have Socket Proxy enabled.
|
|
|
|
# SMPT authentik configuration
|
|
AUTHENTIK_EMAIL__HOST=${SMPT_EMAIL_HOST}
|
|
AUTHENTIK_EMAIL__PORT=${SMPT_EMAIL_PORT}
|
|
AUTHENTIK_EMAIL__USERNAME=${SECRETS_FILE}${SMPT_EMAIL_USERNAME}
|
|
AUTHENTIK_EMAIL__PASSWORD=${SECRETS_FILE}${SMPT_EMAIL_PASSWORD}
|
|
AUTHENTIK_EMAIL__USE_TLS=${SMPT_EMAIL_USE_TLS}
|
|
AUTHENTIK_EMAIL__USE_SSL=${SMPT_EMAIL_USE_SSL}
|
|
AUTHENTIK_EMAIL__TIMEOUT=${SMPT_EMAIL_TIMEOUT}
|
|
AUTHENTIK_EMAIL__FROM=${SECRETS_FILE}${SMPT_EMAIL_FROM}
|
|
|
|
# Homepage configuration for Authentik
|
|
# https://gethomepage.dev/latest/widgets/services/authentik/
|
|
HOMEPAGE_VAR_AUTHENTIK_URL_EXTERNAL=https://${AUTHENTIK_HOST}
|
|
HOMEPAGE_VAR_AUTHENTIK_URL_INTERNAL=${AUTHENTIK_URL}
|
|
HOMEPAGE_VAR_AUTHENTIK_API_KEY=CHANGE_ME
|
|
|
|
################################################################
|
|
# GeoIP Configuration
|
|
# Go to https://dev.maxmind.com/geoip/geolite2-free-geolocation-data in order to generate a free license key
|
|
# https://www.maxmind.com/en/accounts/current/license-key for use.
|
|
################################################################
|
|
GEOIPUPDATE_EDITION_IDS="GeoLite2-City GeoLite2-ASN"
|
|
GEOIPUPDATE_FREQUENCY=8
|
|
GEOIPUPDATE_ACCOUNT_ID_FILE=${SECRETS_RUN}geoip_acccount_id
|
|
GEOIPUPDATE_LICENSE_KEY_FILE=${SECRETS_RUN}geoip_license_key
|
|
|
|
################################################################
|
|
# Crowdsec Configuration
|
|
################################################################
|
|
CROWDSEC_TRAEFIK_BOUNCER_LAPI_KEY=CHANGE_ME #to get api key : docker exec crowdsec cscli bouncers add traefik-bouncer
|
|
|
|
# Homepage configuration for Crowdsec
|
|
# got to /appdata/crowdsec/config/local_api_credentials.yaml and past HOMEPAGE_VAR_CROWDSEC_PASSWORD value
|
|
HOMEPAGE_VAR_CROWDSEC_WEBSITE=https://app.crowdsec.net
|
|
HOMEPAGE_VAR_CROWDSEC_URL_INTERNAL=http://crowdsec:8080
|
|
HOMEPAGE_VAR_CROWDSEC_USERNAME=localhost
|
|
HOMEPAGE_VAR_CROWDSEC_PASSWORD=CHANGE_ME
|
|
|
|
################################################################
|
|
# Homepage Configuration
|
|
################################################################
|
|
HOMEPAGE_SERVICE_NAME=homepage
|
|
HOMEPAGE_PORT=3000
|
|
HOMEPAGE_HOST=${HOMEPAGE_SERVICE_NAME}.${DOMAINNAME}
|
|
HOMEPAGE_URL=http://${HOMEPAGE_SERVICE_NAME}:${HOMEPAGE_PORT}
|
|
|
|
################################################################
|
|
# Cloudflare Configuration (not a docker)
|
|
################################################################
|
|
HOMEPAGE_VAR_CLOUDFLARE_URL=https://dash.cloudflare.com/login/?lang=fr-fr
|
|
|
|
################################################################
|
|
# qBittorrent Configuration
|
|
################################################################
|
|
TORRENT_SERVICE_NAME=torrent
|
|
TORRENT_PORT=8090
|
|
TORRENT_HOST=${TORRENT_SERVICE_NAME}.${DOMAINNAME}
|
|
TORRENT_URL=http://CHANGE_ME:${TORRENT_PORT} # service name host not work actually, just add docker host ip
|
|
|
|
# Homepage configuration for qBittorrent
|
|
# See Homepage tutorial: https://gethomepage.dev/latest/widgets/services/qbittorrent/
|
|
HOMEPAGE_VAR_QBITTORRENT_URL_EXTERNAL=https://${TORRENT_HOST}
|
|
HOMEPAGE_VAR_QBITTORRENT_URL_INTERNAL=${TORRENT_URL}
|
|
HOMEPAGE_VAR_QBITTORRENT_USERNAME=admin
|
|
HOMEPAGE_VAR_QBITTORRENT_PASSWORD=CHANGE_ME
|
|
|
|
################################################################
|
|
# Servarr Configuration
|
|
# See Homepage tutorial:
|
|
# https://gethomepage.dev/latest/widgets/services/prowlarr/
|
|
# https://gethomepage.dev/latest/widgets/services/lidarr/
|
|
# https://gethomepage.dev/latest/widgets/services/readarr/
|
|
# https://gethomepage.dev/latest/widgets/services/sonarr/
|
|
# https://gethomepage.dev/latest/widgets/services/radarr/
|
|
################################################################
|
|
BASE_PATH_MEDIA=CHANGEME
|
|
|
|
PROWLARR_SERVICE_NAME=prowlarr
|
|
SONARR_SERVICE_NAME=sonarr
|
|
RADARR_SERVICE_NAME=radarr
|
|
LIDARR_SERVICE_NAME=lidarr
|
|
READARR_SERVICE_NAME=readarr
|
|
|
|
PROWLARR_SERVICE_PORT=9696
|
|
SONARR_SERVICE_PORT=8989
|
|
RADARR_SERVICE_PORT=7878
|
|
LIDARR_SERVICE_PORT=8686
|
|
READARR_SERVICE_PORT=8787
|
|
|
|
|
|
PROWLARR_HOST=${PROWLARR_SERVICE_NAME}.${DOMAINNAME}
|
|
SONARR_HOST=${SONARR_SERVICE_NAME}.${DOMAINNAME}
|
|
RADARR_HOST=${RADARR_SERVICE_NAME}.${DOMAINNAME}
|
|
LIDARR_HOST=${LIDARR_SERVICE_NAME}.${DOMAINNAME}
|
|
READARR_HOST=${READARR_SERVICE_NAME}.${DOMAINNAME}
|
|
|
|
PROWLARR_URL=http://${PROWLARR_SERVICE_NAME}:${PROWLARR_SERVICE_PORT}
|
|
SONARR_URL=http://${SONARR_SERVICE_NAME}:${SONARR_SERVICE_PORT}
|
|
RADARR_URL=http://${RADARR_SERVICE_NAME}:${RADARR_SERVICE_PORT}
|
|
LIDARR_URL=http://${LIDARR_SERVICE_NAME}:${LIDARR_SERVICE_PORT}
|
|
READARR_URL=http://${READARR_SERVICE_NAME}:${READARR_SERVICE_PORT}
|
|
|
|
# Homepage configuration for Servarr Services
|
|
HOMEPAGE_VAR_PROWLARR_URL_EXTERNAL=https://${PROWLARR_HOST}
|
|
HOMEPAGE_VAR_PROWLARR_URL_INTERNAL=${PROWLARR_URL}
|
|
HOMEPAGE_VAR_PROWLARR_KEY=CHANGE_ME
|
|
|
|
HOMEPAGE_VAR_SONARR_URL_EXTERNAL=https://${SONARR_HOST}
|
|
HOMEPAGE_VAR_SONARR_URL_INTERNAL=${SONARR_URL}
|
|
HOMEPAGE_VAR_SONARR_KEY=CHANGE_ME
|
|
|
|
HOMEPAGE_VAR_RADARR_URL_EXTERNAL=https://${RADARR_HOST}
|
|
HOMEPAGE_VAR_RADARR_URL_INTERNAL=${RADARR_URL}
|
|
HOMEPAGE_VAR_RADARR_KEY=CHANGE_ME
|
|
|
|
HOMEPAGE_VAR_LIDARR_URL_EXTERNAL=https://${LIDARR_HOST}
|
|
HOMEPAGE_VAR_LIDARR_URL_INTERNAL=${LIDARR_URL}
|
|
HOMEPAGE_VAR_LIDARR_KEY=CHANGE_ME
|
|
|
|
HOMEPAGE_VAR_READARR_URL_EXTERNAL=https://${READARR_HOST}
|
|
HOMEPAGE_VAR_READARR_URL_INTERNAL=${READARR_URL}
|
|
HOMEPAGE_VAR_READARR_KEY=CHANGE_ME
|
|
|