docker-compose/always-on.yml

x-env: &env
  PGID: 1001
  PUID: 1001
  UMASK: 002
  TZ: Asia/Kolkata

x-timezone: &tz
  TZ: Asia/Kolkata

x-logging: &log
  logging:
    driver: journald

networks:

  vlan:
    name: vlan
    driver: macvlan
    driver_opts:
      parent: eth0
    ipam:
      config:
        - subnet: 10.0.0.1/24
          gateway: 10.0.0.1
          ip_range: 10.0.0.96/30 # 10.0.0.96 - 10.0.0.99

  default:
    name: network1
    ipam:
      config:
        - subnet: 172.18.0.0/16

  proxy:
    name: proxy
    ipam:
      config:
        - subnet: 172.19.1.0/24

  dns:
    name: dns
    ipam:
      config:
        - subnet: 172.19.2.0/24

services:

  dpiproxy:
    container_name: dpi-proxy
    image: hectorm/demergi
    restart: unless-stopped
    command: --dns-mode plain
    ports:
      - 2000:8080

  adguard:
    container_name: adguard
    image: adguard/adguardhome:v0.107.29
    restart: unless-stopped
    expose: ['80']
    healthcheck:
      disable: true
    environment:
      <<: *tz
    networks:
      dns:
      vlan:
        ipv4_address: 10.0.0.99
    volumes:
     - /opt/appdata/adguardhome/data:/opt/adguardhome/work
     - /opt/appdata/adguardhome/config:/opt/adguardhome/conf
    labels:
      traefik.enable: true
      traefik.name: dns
      traefik.docker.network: dns
      traefik.http.services.adguard.loadbalancer.server.port: 80
      traefik.http.routers.adguard.middlewares: adguard-themepark
      traefik.http.middlewares.adguard-themepark.plugin.rewritebody.rewrites.regex: </head>
      traefik.http.middlewares.adguard-themepark.plugin.rewritebody.rewrites.replacement: <link href="https://10.0.0.10:7070/css/base/adguard/nord.css" rel="stylesheet" type="text/css" </head>
      traefik.http.middlewares.adguard-themepark.plugin.rewritebody.rewrites.type: text/html

#  webtools:
#    container_name: web-tools
#    image: agneev/webnet-tools
#    restart: unless-stopped
#    labels:
#      traefik.enable: true
#      traefik.name: netdiags

  iperf3:
    container_name: iperf3
    image: taoyou/iperf3-alpine
    restart: unless-stopped
    ports:
      - 5201:5201/tcp
      - 5201:5201/udp

  dashdot:
    container_name: dash.
    image: mauricenino/dashdot
    restart: unless-stopped
    privileged: true
    environment:
      DASHDOT_NETWORK_SHOWN_DATAPOINTS: 30
      DASHDOT_SPEED_TEST_INTERVAL: 1440

      DASHDOT_PAGE_TITLE: dash. - always-on

      DASHDOT_ENABLE_CPU_TEMPS: true
      DASHDOT_ENABLE_STORAGE_SPLIT_VIEW: true
      DASHDOT_ALWAYS_SHOW_PERCENTAGES: true
      DASHDOT_ACCEPT_OOKLA_EULA: true
    ports:
      - 90:3001
    volumes:
      - /:/mnt/host:ro
    labels:
      traefik.enable: true
      traefik.http.routers.dashdot.rule: Host(`always-on.nt`)

  smokeping:
    container_name: smokeping
    image: linuxserver/smokeping:2.7.3-r5-ls12
    restart: unless-stopped
    dns:
      - 8.8.8.8
    networks:
      proxy:
      vlan:
        ipv4_address: 10.0.0.97
    environment:
      <<: *env
    volumes:
      - /opt/appdata/smokeping/config:/config
      - /var/log/smokeping_data:/data
    labels:
      traefik.enable: true
      traefik.docker.network: proxy
      traefik.http.routers.smokeping.rule: Host(`smokeping.nt`) || Host(`ping-agneev.duckdns.org`)
      traefik.http.routers.smokeping.middlewares: smokeping-redirect,smokeping-themecolor
      traefik.http.middlewares.smokeping-redirect.redirectRegex.regex: \/$
      traefik.http.middlewares.smokeping-redirect.redirectRegex.replacement: /smokeping/?target=isp-network.wan-gateway
      traefik.http.middlewares.smokeping-themecolor.plugin.rewritebody.rewrites.regex: </head>
      traefik.http.middlewares.smokeping-themecolor.plugin.rewritebody.rewrites.replacement: <meta name="theme-color" content="#4C4C4C"> </head>
      traefik.http.middlewares.smokeping-themecolor.plugin.rewritebody.rewrites.type: text/html

  themepark:
    container_name: theme.park
    image: gilbn/theme.park
    restart: unless-stopped
    environment:
      TP_SCHEME: http
      <<: *env
    ports:
      - 7070:80
    tmpfs:
      - /config:size=150m

  dozzle:
    container_name: dozzle
    image: amir20/dozzle
    restart: always
    environment:
      DOZZLE_REMOTE_HOST: tcp:https://falcon:2375,tcp:https://oc-bom1:2000,tcp:https://gcp1:2375
      DOZZLE_USERNAME: ${DOZZLE_USERNAME}
      DOZZLE_PASSWORD: ${DOZZLE_PASSWORD}
      DOZZLE_NO_ANALYTICS: true
    ports:
      - 8000:8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    labels:
      traefik.enable: true
      traefik.name: logs

  airconnect:
    container_name: airconnect
    image: 1activegeek/airconnect
    restart: unless-stopped
    network_mode: host
    environment:
      ARCH_VAR: aarch64

  vnstat:
    container_name: vnstat
    image: vergoh/vnstat
    restart: unless-stopped
    network_mode: host
    environment:
      SERVER_NAME: always-on
      HTTP_PORT: 7000
      LARGE_FONTS: 1
      HTTP_LOG: /dev/null
      <<: *tz
    volumes:
      - /opt/appdata/vnstat:/var/lib/vnstat
    labels:
      traefik.enable: true
      traefik.name: vnstat
      traefik.http.services.vnstat.loadbalancer.server.port: 7000

  vnstat2:
    container_name: vnstat-router
    image: vergoh/vnstat
    environment:
      SERVER_NAME: orbi
      LARGE_FONTS: 1
      HTTP_LOG: /dev/null
      RUN_VNSTATD: 0
      <<: *tz
    ports:
      - 8660:8685
    volumes:
      - /mnt/res2:/var/lib/vnstat:ro
    labels:
      traefik.enable: true
      traefik.http.routers.vnstat-router.rule: Host(`vnstat.router.nt`)

  traefik:
    container_name: traefik
    image: traefik
    restart: unless-stopped
    mem_limit: 200m
    command:
      - --api.insecure=true
      - --log.level=INFO
      - --global.checknewversion=false
      - --global.sendanonymoususage=false
      - --experimental.localplugins.rewritebody.modulename=github.com/packruler/rewrite-body
      - --providers.docker=true
      - --providers.docker.exposedByDefault=false
      - --providers.docker.defaultRule=Host(`{{ index .Labels "traefik.name" }}.nt`)
      - --providers.file.filename=/etc/traefik/file-provider.yml
      - --providers.file.watch=true
    extra_hosts:
      - "host.docker.internal:10.0.0.10"
    networks:
      - default
      - proxy
      - dns
    ports:
      - 80:80/tcp
      - 8090:8080/tcp
    volumes:
      - /opt/appdata/traefik/config:/etc/traefik
      - /opt/appdata/traefik/plugins:/plugins-local
      - /var/run/docker.sock:/var/run/docker.sock:ro
    labels:
      traefik.enable: true
      traefik.http.routers.web.rule: Host(`web.nt`) || Host(`10.0.0.10`) || Host(`always-on`)
      traefik.http.routers.web.service: api@internal
      traefik.http.middlewares.to-https.redirectscheme.scheme: https
      traefik.http.middlewares.homer-cors.headers.accessControlAllowMethods: GET # PUT,OPTIONS
      traefik.http.middlewares.homer-cors.headers.accessControlAllowOriginList: https://home.lab

  filebrowser:
    container_name: filebrowser
    image: filebrowser/filebrowser
    restart: unless-stopped
    user: "1001:1001"
    healthcheck:
      disable: true
    environment:
      FB_DATABASE: /config/database.db
      FB_DISABLE-EXEC: true
      FB_DISABLE-TYPE-DETECTION-BY-HEADER: true
      FB_DISABLE-PREVIEW-RESIZE: true
    volumes:
      - /opt/appdata/filebrowser:/config
      - /home/agneev:/srv/home
      - /opt/appdata:/srv/appdata
      - /mnt:/srv/mnt
    labels:
      traefik.enable: true
      traefik.name: files

  homer:
    container_name: homer
    image: b4bz/homer
    restart: unless-stopped
    user: 1001:1001
    healthcheck:
      disable: true
    volumes:
      - /opt/appdata/homer:/www/assets
    labels:
      traefik.enable: true
      traefik.http.routers.homer.rule: Host(`home.lab`)

  speedtesttracker:
    container_name: speedtest-tracker
    image: henrywhitaker3/speedtest-tracker:dev-arm
    restart: unless-stopped
    ports:
      - 8700:80
    environment:
      OOKLA_EULA_GDPR: true
      <<: *env
    tmpfs:
      - /config/www:size=500m
      - /config/log:size=32m
    volumes:
      - /opt/appdata/speedtest-tracker/app:/config/www/app/Bin
      - /opt/appdata/speedtest-tracker:/config
    labels:
      traefik.enable: true
      traefik.name: speedtest
      traefik.http.routers.speedtesttracker.middlewares: homer-cors

  openspeedtest:
    container_name: openspeedtest
    image: openspeedtest/latest
    restart: unless-stopped
    ports:
      - 9999:3000

  homebridge:
    image: oznu/homebridge
    container_name: homebridge
    restart: unless-stopped
    networks:
      - default
      - vlan
    environment:
      <<: *env
    volumes:
      - /opt/appdata/homebridge:/homebridge
    labels:
      traefik.enable: true
      traefik.name: homebridge
      traefik.docker.network: network1

  portainer:
    container_name: portainer
    image: portainer/portainer-ee:2.14.2
    restart: always
    logging:
      driver: none
    ports:
      - 9000:9000
    volumes:
      - /opt/appdata/portainer:/data
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
      traefik.enable: true
      traefik.name: portainer
      traefik.http.services.portainer.loadbalancer.server.port: 9000
      traefik.http.routers.portainer.middlewares: portainer-themecolor,portainer-cors,homer-cors
      traefik.http.middlewares.portainer-themecolor.plugin.rewritebody.rewrites.regex: name="theme-color" content="#ffffff"/>
      traefik.http.middlewares.portainer-themecolor.plugin.rewritebody.rewrites.replacement: <div></div>
      traefik.http.middlewares.portainer-themecolor.plugin.rewritebody.rewrites.type: text/html
      traefik.http.middlewares.portainer-cors.headers.accessControlAllowHeaders: X-Api-Key