iac/docker/npm/docker-compose.yml

55 lines
1.6 KiB
YAML

---
services:
nginx:
image: jc21/nginx-proxy-manager:2.12.2
container_name: nginx-proxy-manager
ports:
- 80:80
- 81:81
- 443:443
volumes:
- /docker/appdata/nginx/data:/data
- /docker/appdata/nginx/letsencrypt:/etc/letsencrypt
restart: unless-stopped
fail2ban:
image: crazymax/fail2ban:1.1.0
container_name: fail2ban_docker-pi
network_mode: "host"
cap_add:
- NET_ADMIN
- NET_RAW
volumes:
- "/docker/appdata/fail2ban/data:/data"
- "/var/log/auth.log:/var/log/auth.log:ro"
- "/docker/appdata/nginx/data/logs/:/log/npm/:ro"
environment:
- TZ=America/New_York
- F2B_LOG_TARGET=STDOUT
- F2B_LOG_LEVEL=INFO
- F2B_DB_PURGE_AGE=1d
- SSMTP_HOST=$SSMTP_HOST
- SSMTP_PORT=587
- SSMTP_HOSTNAME=$SSMTP_HOSTNAME
- SSMTP_USER=$SSMTP_USER
- SSMTP_PASSWORD=$SSMTP_PASSWORD
- SSMTP_TLS=YES
restart: always
cf-tunnel:
restart: unless-stopped
image: cloudflare/cloudflared@sha256:aa7e8d321c7d3f3f49cb7e29a0b17e2811e4d738cb468d0ab6fc8020f0dd7b71
command: tunnel --no-autoupdate run --token $CF_TOKEN
twingate-famous-alligator:
image: twingate/connector@sha256:7afe20a41da68920693e32de852a9e68cbf7536938fff5396441e80af4cdffb0
container_name: twingate-famous-alligator
restart: always
environment:
- TWINGATE_NETWORK=$TWINGATE_NETWORK
- TWINGATE_ACCESS_TOKEN=$TWINGATE_ACCESS_TOKEN
- TWINGATE_REFRESH_TOKEN=$TWINGATE_REFRESH_TOKEN
- TWINGATE_LABEL_HOSTNAME=${HOSTNAME}
- TWINGATE_LABEL_DEPLOYED_BY=docker
sysctls:
- net.ipv4.ping_group_range=0 2147483647