diff --git a/homenetwork/nas/gateway.yml b/homenetwork/nas/gateway.yml new file mode 100644 index 0000000..6c4c348 --- /dev/null +++ b/homenetwork/nas/gateway.yml @@ -0,0 +1,81 @@ +services: + swag: + image: lscr.io/linuxserver/swag:latest + container_name: swag + cap_add: + - NET_ADMIN + environment: + - PUID=1000 + - PGID=100 + - TZ=Etc/UTC + - URL=vbchaos.nl + - VALIDATION=http + - SUBDOMAINS=nc,esp,git,grafana,registry,registrybrowser,svn,vpn,vaultwarden,collabora + - CERTPROVIDER= #optional + - DNSPLUGIN=cloudflare #optional + - PROPAGATION= #optional + - EMAIL= matthias.mitscherlich@gmail.com + - ONLY_SUBDOMAINS=false #optional + - EXTRA_DOMAINS= #optional + - STAGING=false #optional + volumes: + - /docker_config/swag:/config + ports: + - 443:443 + - 81:80 #optional + restart: unless-stopped + + vaultwarden: + container_name: vaultwarden + image: vaultwarden/server:latest + restart: unless-stopped + volumes: + - /docker_config/vaultwarden:/data/ + ports: + - 5555:80 + environment: + - DOMAIN=https://vaultwarden.vbchaos.nl + - LOGIN_RATELIMIT_MAX_BURST=10 + - LOGIN_RATELIMIT_SECONDS=60 + - ADMIN_RATELIMIT_MAX_BURST=10 + - ADMIN_RATELIMIT_SECONDS=2 + - ADMIN_TOKEN=$$argon2id$$v=19$$m=65540,t=3,p=4$$Vv4wT0EpGslsEAHpgw+U1FwxUQjguK9qkwJQB7WLP+k$$7lBaj+G9jLyXj5MxC2RqNGyGw0/vjOzcgwk4ArN6BVM + - SENDS_ALLOWED=true + - EMERGENCY_ACCESS_ALLOWED=true + - WEB_VAULT_ENABLED=true + - SIGNUPS_ALLOWED=false + - SIGNUPS_VERIFY=true + - SIGNUPS_VERIFY_RESEND_TIME=3600 + - SIGNUPS_VERIFY_RESEND_LIMIT=5 + - SIGNUPS_DOMAINS_WHITELIST=vbchaos.nl + - SMTP_HOST=smtp.gmail.com + - SMTP_FROM=vaultwarden@vbchaos.nl + - SMTP_FROM_NAME=Vaultwarden + - SMTP_SECURITY=starttls + - SMTP_PORT=587 + - SMTP_USERNAME=matthias.mitscherlich@gmail.com + - SMTP_PASSWORD=oomgyoiqepsqaikn + - SMTP_AUTH_MECHANISM="Login" + + openvpn: + image: mjenz/rpi-openvpn + container_name: openvpn + volumes: + - /docker_config/openvpn:/etc/openvpn + ports: + - 1194:1194/udp + cap_add: + - NET_ADMIN + devices: + - /dev/net/tun + restart: always + + docker_config: + image: registry.vbchaos.nl/rclone + container_name: backup_docker_config + environment: + - COMMAND=rclone copy -v /backup/ stackstorage:/docker/gateway + - CRON_SCHEDULE=0 1-23/4 * * * + volumes: + - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf + - /docker_config:/backup