Skip to content

Instantly share code, notes, and snippets.

@rroethof

rroethof/20-sysinfo

Last active May 7, 2021 18:43
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save rroethof/bdeba5f29d17d197e9476b8f3a54e396 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save rroethof/bdeba5f29d17d197e9476b8f3a54e396 to your computer and use it in GitHub Desktop.
Download ZIP
mediabox-docker
Raw
20-sysinfo
#!/bin/bash
# /etc/update-motd.d/20-sysinfo
# get load averages
IFS=" " read LOAD1 LOAD5 LOAD15 <<<$(cat /proc/loadavg | awk '{ print $1,$2,$3 }')
# get free memory
IFS=" " read USED FREE TOTAL <<<$(free -htm | grep "Mem" | awk {'print $3,$4,$2'})
# get processes
PROCESS=`ps -eo user=|sort|uniq -c | awk '{ print $2 " " $1 }'`
PROCESS_ALL=`echo "$PROCESS"| awk {'print $2'} | awk '{ SUM += $1} END { print SUM }'`
PROCESS_ROOT=`echo "$PROCESS"| grep root | awk {'print $2'}`
PROCESS_USER=`echo "$PROCESS"| grep -v root | awk {'print $2'} | awk '{ SUM += $1} END { print SUM }'`
# get processors
PROCESSOR_NAME=`grep "model name" /proc/cpuinfo | cut -d ' ' -f3- | awk {'print $0'} | head -1`
PROCESSOR_COUNT=`grep -ioP 'processor\t:' /proc/cpuinfo | wc -l`
W="\e[0;39m"
G="\e[1;32m"
echo -e "
${W}system info:
$W Hostname....: $W`hostname -f`
$W Distro......: $W`cat /etc/*release | grep "PRETTY_NAME" | cut -d "=" -f 2- | sed 's/"//g'`
$W Kernel......: $W`uname -sr`
$W Uptime......: $W`uptime -p`
$W Load........: $G$LOAD1$W (1m), $G$LOAD5$W (5m), $G$LOAD15$W (15m)
$W Processes...:$W $G$PROCESS_ROOT$W (root), $G$PROCESS_USER$W (user), $G$PROCESS_ALL$W (total)
$W CPU.........: $W$PROCESSOR_NAME ($G$PROCESSOR_COUNT$W vCPU)
$W Memory......: $G$USED$W used, $G$FREE$W free, $G$TOTAL$W total$W"
Raw
35-diskspace
#!/bin/bash
# /etc/update-motd.d/35-diskspace
# config
max_usage=90
bar_width=50
# colors
white="\e[39m"
green="\e[1;32m"
red="\e[1;31m"
dim="\e[2m"
undim="\e[0m"
# disk usage: ignore zfs, squashfs & tmpfs
mapfile -t dfs < <(df -H -x zfs -x squashfs -x tmpfs -x devtmpfs -x overlay --output=target,pcent,size | tail -n+2)
printf "\ndisk usage:\n"
for line in "${dfs[@]}"; do
# get disk usage
usage=$(echo "$line" | awk '{print $2}' | sed 's/%//')
used_width=$((($usage*$bar_width)/100))
# color is green if usage < max_usage, else red
if [ "${usage}" -ge "${max_usage}" ]; then
color=$red
else
color=$green
fi
# print green/red bar until used_width
bar="[${color}"
for ((i=0; i<$used_width; i++)); do
bar+="="
done
# print dimmmed bar until end
bar+="${white}${dim}"
for ((i=$used_width; i<$bar_width; i++)); do
bar+="="
done
bar+="${undim}]"
# print usage line & bar
echo "${line}" | awk '{ printf("%-31s%+3s used out of %+4s\n", $1, $2, $3); }' | sed -e 's/^/ /'
echo -e "${bar}" | sed -e 's/^/ /'
done
Raw
40-services
#!/bin/bash
# /etc/update-motd.d/40-services
# set column width
COLUMNS=3
# colors
green="\e[1;32m"
red="\e[1;31m"
undim="\e[0m"
services=("fail2ban" "docker" "exim4")
# sort services
IFS=$'\n' services=($(sort <<<"${services[*]}"))
unset IFS
service_status=()
# get status of all services
for service in "${services[@]}"; do
service_status+=($(systemctl is-active "$service"))
done
out=""
for i in ${!services[@]}; do
# color green if service is active, else red
if [[ "${service_status[$i]}" == "active" ]]; then
out+="${services[$i]}:,${green}${service_status[$i]}${undim},"
else
out+="${services[$i]}:,${red}${service_status[$i]}${undim},"
fi
# insert \n every $COLUMNS column
if [ $((($i+1) % $COLUMNS)) -eq 0 ]; then
out+="\n"
fi
done
out+="\n"
printf "\nservices:\n"
printf "$out" | column -ts $',' | sed -e 's/^/ /'
Raw
50-fail2ban
#!/bin/bash
# /etc/update-motd.d/50-fail2ban
logfile='/var/log/fail2ban.log*'
mapfile -t lines < <(grep -hioP '(\[[a-z-]+\]) (ban|unban)' $logfile | sort | uniq -c)
jails=($(printf -- '%s\n' "${lines[@]}" | grep -oP '\[\K[^\]]+' | sort | uniq))
out=""
for jail in ${jails[@]}; do
bans=$(printf -- '%s\n' "${lines[@]}" | grep -iP "[[:digit:]]+ \[$jail\] ban" | awk '{print $1}')
unbans=$(printf -- '%s\n' "${lines[@]}" | grep -iP "[[:digit:]]+ \[$jail\] unban" | awk '{print $1}')
bans=${bans:-0} # default value
unbans=${unbans:-0} # default value
diff=$(($bans-$unbans))
out+=$(printf "$jail, %+3s bans, %+3s unbans, %+3s active" $bans $unbans $diff)"\n"
done
printf "\nfail2ban status (monthly):\n"
printf "$out" | column -ts $',' | sed -e 's/^/ /'
Raw
50-fail2ban-status
#!/bin/bash
# /etc/update-motd.d/50-fail2ban-status
# fail2ban-client status to get all jails, takes about ~70ms
jails=($(fail2ban-client status | grep "Jail list:" | sed "s/ //g" | awk '{split($2,a,",");for(i in a) print a[i]}'))
out="jail,failed,total,banned,total\n"
for jail in ${jails[@]}; do
# slow because fail2ban-client has to be called for every jail (~70ms per jail)
status=$(fail2ban-client status ${jail})
failed=$(echo "$status" | grep -ioP '(?<=Currently failed:\t)[[:digit:]]+')
totalfailed=$(echo "$status" | grep -ioP '(?<=Total failed:\t)[[:digit:]]+')
banned=$(echo "$status" | grep -ioP '(?<=Currently banned:\t)[[:digit:]]+')
totalbanned=$(echo "$status" | grep -ioP '(?<=Total banned:\t)[[:digit:]]+')
out+="$jail,$failed,$totalfailed,$banned,$totalbanned\n"
done
printf "\nfail2ban status:\n"
printf $out | column -ts $',' | sed -e 's/^/ /'
Raw
60-docker
#!/bin/bash
# /etc/update-motd.d/60-docker
# set column width
COLUMNS=2
# colors
green="\e[1;32m"
red="\e[1;31m"
undim="\e[0m"
mapfile -t containers < <(docker ps -a --format '{{.Names}}\t{{.Status}}' | awk '{ print $1,$2 }')
out=""
for i in "${!containers[@]}"; do
IFS=" " read name status <<< ${containers[i]}
# color green if service is active, else red
if [[ "${status}" == "Up" ]]; then
out+="${name}:,${green}${status,,}${undim},"
else
out+="${name}:,${red}${status,,}${undim},"
fi
# insert \n every $COLUMNS column
if [ $((($i+1) % $COLUMNS)) -eq 0 ]; then
out+="\n"
fi
done
out+="\n"
printf "\ndocker status:\n"
printf "$out" | column -ts $',' | sed -e 's/^/ /'
Raw
docker-compose.yml
version: "3.6"
services:
traefik:
hostname: traefik
image: traefik:latest
container_name: traefik
restart: always
domainname: ${DOMAINNAME}
networks:
- default
- traefik_proxy
ports:
- "80:80"
- "443:443"
- "8080:8080"
labels:
- "traefik.enable=true"
- "traefik.backend=traefik"
- "traefik.frontend.rule=Host:traefik.${DOMAINNAME}"
- "traefik.port=8080"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
- "traefik.frontend.auth.basic.users=${HTTP_USERNAME}:${HTTP_PASSWORD}"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${USERDIR}/dockers/traefik:/etc/traefik
- ${USERDIR}/dockers/shared:/shared
portainer:
image: portainer/portainer
container_name: portainer
restart: always
command: -H unix:///var/run/docker.sock
ports:
- "9000:9000"
networks:
- traefik_proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ${USERDIR}/dockers/portainer/data:/data
- ${USERDIR}/dockers/shared:/shared
environment:
- TZ=${TZ}
labels:
- "traefik.enable=true"
- "traefik.backend=portainer"
- "traefik.frontend.rule=Host:portainer.${DOMAINNAME}"
- "traefik.port=9000"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
grafana:
container_name: grafana
hostname: grafana
image: rroethof/grafana:1.0
networks:
- traefik_proxy
links:
- influxdb:influxdb
environment:
GF_SECURITY_ADMIN_USER: admin
GF_SECURITY_ADMIN_PASSWORD: ${GF_SECURITY_ADMIN_PASSWORD}
GF_SECURITY_SECRET_KEY: ${GF_SECURITY_SECRET_KEY}
GF_USERS_ALLOW_SIGN_UP: "false"
GF_USERS_ALLOW_ORG_CREATE: "false"
GF_AUTH_ANONYMOUS_ENABLED: "true"
GF_AUTH_ANONYMOUS_ORG_NAME: "Main Org."
GF_DASHBOARDS_JSON_ENABLED: "true"
GF_DASHBOARDS_JSON_PATH: /opt/grafana
restart: always
volumes:
- ${USERDIR}/dockers/grafana/data:/var/lib/grafana
- ${USERDIR}/dockers/grafana/logs:/var/log/grafana
- ${USERDIR}/dockers/grafana/plugins:/var/lib/grafana/plugins
- ${USERDIR}/dockers/grafana/opt:/opt/grafana
labels:
- "traefik.enable=true"
- "traefik.backend=grafana"
- "traefik.frontend.rule=Host:grafana.${DOMAINNAME}"
- "traefik.port=3000"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
influxdb:
container_name: influxdb
hostname: influxdb
image: rroethof/influxdb:1.0
networks:
- default
- traefik_proxy
restart: always
environment:
INFLUX_DATABASE: "telegraf"
INLFUX_ADMIN_USER: "grafana"
INFLUX_ADMIN_PASS: "grafana"
volumes:
- ${USERDIR}/dockers/influxdb:/var/lib/influxdb
labels:
- "traefik.enable=false"
telegraf:
container_name: telegraf
hostname: telegraf
image: rroethof/telegraf:1.0
networks:
- default
- traefik_proxy
links:
- influxdb:influxdb
environment:
HOST_NAME: "telegraf"
INFLUXDB_HOST: "influxdb"
INFLUXDB_PORT: "8086"
DATABASE: "telegraf"
restart: always
tty: true
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
- "traefik.enable=false"
privileged: true
phpmyadmin:
hostname: phpmyadmin
container_name: phpmyadmin
image: phpmyadmin/phpmyadmin
restart: always
networks:
- default
- traefik_proxy
links:
- mariadb:db
environment:
- PMA_HOST=mariadb
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
labels:
- "traefik.enable=true"
- "traefik.backend=phpmyadmin"
- "traefik.frontend.rule=Host:phpmyadmin.${DOMAINNAME}"
- "traefik.port=80"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
mariadb:
image: "linuxserver/mariadb"
container_name: "mariadb"
hostname: mariadb
volumes:
- ${USERDIR}/dockers/mariadb:/config
networks:
- default
ports:
- 3306:3306
restart: always
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
conpot_ipmi:
container_name: honeypot_conpot_ipmi
restart: always
environment:
- CONPOT_CONFIG=/etc/conpot/conpot.cfg
- CONPOT_JSON_LOG=/var/log/conpot/conpot_ipmi.json
- CONPOT_LOG=/var/log/conpot/conpot_ipmi.log
- CONPOT_TEMPLATE=ipmi
- CONPOT_TMP=/tmp/conpot
tmpfs:
- /tmp/conpot:uid=${PUID},gid=${PGID}
networks:
- conpot_local_ipmi
ports:
- "623:623"
image: "dtagdevsec/conpot:1903"
read_only: true
volumes:
- ${USERDIR}/dockers/conpot/log:/var/log/conpot
user: ${PUID}
# Cowrie service
cowrie:
container_name: honeypot_cowrie
restart: always
tmpfs:
- /tmp/cowrie:uid=${PUID},gid=${PGID}
- /tmp/cowrie/data:uid=${PUID},gid=${PGID}
networks:
- default
- cowrie_local
ports:
- "22:22"
- "23:23"
image: "dtagdevsec/cowrie:1903"
read_only: true
volumes:
- ${USERDIR}/dockers/cowrie/downloads:/home/cowrie/cowrie/dl
- ${USERDIR}/dockers/cowrie/keys:/home/cowrie/cowrie/etc
- ${USERDIR}/dockers/cowrie/etc/cowrie.cfg:/home/cowrie/cowrie/etc/cowrie.cfg
- ${USERDIR}/dockers/cowrie/log:/home/cowrie/cowrie/log
- ${USERDIR}/dockers/cowrie/log_tty:/home/cowrie/cowrie/log/tty
user: ${PUID}
tautulli:
hostname: tautulli
image: linuxserver/tautulli
container_name: tautulli
restart: always
domainname: ${DOMAINNAME}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=tautulli"
- "traefik.frontend.rule=Host:plexstats.${DOMAINNAME}"
- "traefik.port=8181"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- ${USERDIR}/dockers/tautulli/config:/config
- ${USERDIR}/dockers/tautulli/logs:/logs:ro
- ${USERDIR}/dockers/shared:/shared
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
ombi:
hostname: ombi
image: linuxserver/ombi
restart: always
container_name: ombi
domainname: ${DOMAINNAME}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=ombi"
- "traefik.frontend.rule=Host:requests.${DOMAINNAME}"
- "traefik.port=3579"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- ${USERDIR}/dockers/ombi:/config
- ${USERDIR}/dockers/shared:/shared
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
hydra:
hostname: hydra
image: linuxserver/hydra
restart: always
container_name: hydra
domainname: ${DOMAINNAME}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=hydra"
- "traefik.frontend.rule=Host:hydra.${DOMAINNAME}"
- "traefik.port=5075"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- ${USERDIR}/dockers/hydra:/config
- ${USERDIR}/dockers/shared:/shared
- /data/Downloads:/downloads
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
jackett:
hostname: jackett
image: linuxserver/jackett
restart: always
container_name: jackett
domainname: ${DOMAINNAME}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=jackett"
- "traefik.frontend.rule=Host:jackett.${DOMAINNAME}"
- "traefik.port=9117"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- "/etc/localtime:/etc/localtime:ro"
- ${USERDIR}/dockers/jackett:/config
- ${USERDIR}/dockers/shared:/shared
- /data/Downloads/completed:/downloads
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
transmission:
hostname: transmission
image: linuxserver/transmission
restart: always
container_name: transmission
domainname: ${DOMAINNAME}
networks:
- traefik_proxy
ports:
- 51413:51413
- 51413:51413/udp
labels:
- "traefik.enable=true"
- "traefik.backend=transmission"
- "traefik.frontend.rule=Host:torrent.${DOMAINNAME}"
- "traefik.port=9091"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- ${USERDIR}/dockers/transmission:/config
- ${USERDIR}/dockers/shared:/shared
- /data/Downloads:/downloads
- /data/watch:/watch
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
- UMASK_SET=002
sabnzbd:
hostname: sabnzbd
image: linuxserver/sabnzbd
restart: always
container_name: sabnzbd
domainname: ${DOMAINNAME}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=sabnzbd"
- "traefik.frontend.rule=Host:sabnzbd.${DOMAINNAME}"
- "traefik.port=8080"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- ${USERDIR}/dockers/sabnzbd:/config
- ${USERDIR}/dockers/shared:/shared
- /data/Downloads/completed:/downloads
- /data/Downloads/incomplete:/incomplete-downloads
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
radarr:
hostname: radarr
image: linuxserver/radarr
restart: always
container_name: radarr
domainname: ${DOMAINNAME}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=radarr"
- "traefik.frontend.rule=Host:radarr.${DOMAINNAME}"
- "traefik.port=7878"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- "/etc/localtime:/etc/localtime:ro"
- ${USERDIR}/dockers/radarr:/config
- ${USERDIR}/dockers/shared:/shared
- /data/Downloads/completed:/downloads
- /data/movies:/movies
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
couchpotato:
hostname: couchpotato
image: linuxserver/couchpotato
restart: always
container_name: couchpotato
domainname: ${DOMAINNAME}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=couchpotato"
- "traefik.frontend.rule=Host:couchpotato.${DOMAINNAME}"
- "traefik.port=5050"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- ${USERDIR}/dockers/couchpotato:/config
- ${USERDIR}/dockers/shared:/shared
- /data/Downloads/completed:/downloads
- /data/movies:/movies
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
- UMASK_SET=002
sonarr:
hostname: sonarr
image: linuxserver/sonarr
restart: always
container_name: sonarr
domainname: ${DOMAINNAME}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=sonarr"
- "traefik.frontend.rule=Host:sonarr.${DOMAINNAME}"
- "traefik.port=8989"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- "/etc/localtime:/etc/localtime:ro"
- ${USERDIR}/dockers/sonarr:/config
- ${USERDIR}/dockers/shared:/shared
- /data/Downloads/completed:/downloads
- /data/tvshows:/tv
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
- UMASK_SET=002
sickrage:
hostname: sickrage
image: linuxserver/sickrage
restart: always
container_name: sickrage
domainname: ${DOMAINNAME}
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=sickrage"
- "traefik.frontend.rule=Host:sickrage.${DOMAINNAME}"
- "traefik.port=8081"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- ${USERDIR}/dockers/sickrage:/config
- ${USERDIR}/dockers/shared:/shared
- /data/Downloads/completed:/downloads
- /data/tvshows:/tv
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
plexms:
hostname: plexms
image: linuxserver/plex
restart: always
container_name: plexms
domainname: ${DOMAINNAME}
networks:
- traefik_proxy
ports:
- "32400:32400/tcp"
- "3005:3005/tcp"
- "8324:8324/tcp"
- "32469:32469/tcp"
- "1900:1900/udp"
- "32410:32410/udp"
- "32412:32412/udp"
- "32413:32413/udp"
- "32414:32414/udp"
labels:
- "traefik.enable=true"
- "traefik.backend=plexms"
- "traefik.frontend.rule=Host:plex.${DOMAINNAME}"
- "traefik.port=8081"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- ${USERDIR}/dockers/plexms:/config
- ${USERDIR}/dockers/shared:/shared
- /data/plex_tmp:/transcode
- /data:/data
environment:
- TZ=${TZ}
- HOSTNAME="Fam Roethof Docker Plex"
- PLEX_UID=${PUID}
- PLEX_GID=${PGID}
iperf:
container_name: iperf
image: networkstatic/iperf3
command: -s
restart: unless-stopped
network_mode: host
netdata:
container_name: netdata
image: titpetric/netdata
restart: unless-stopped
cap_add:
- SYS_PTRACE
network_mode: host
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
volumes:
- ${USERDIR}/dockers/netdata:/etc/netdata
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /var/run/docker.sock:/var/run/docker.sock
dokuwiki:
hostname: dokuwiki
image: bitnami/dokuwiki
container_name: dokuwiki
restart: always
networks:
- traefik_proxy
labels:
- "traefik.enable=true"
- "traefik.backend=dokuwiki"
- "traefik.frontend.rule=Host:wiki.${DOMAINNAME}"
- "traefik.port=80"
- "traefik.docker.network=traefik_proxy"
- "traefik.frontend.headers.SSLRedirect=true"
- "traefik.frontend.headers.STSSeconds=315360000"
- "traefik.frontend.headers.browserXSSFilter=true"
- "traefik.frontend.headers.contentTypeNosniff=true"
- "traefik.frontend.headers.forceSTSHeader=true"
- "traefik.frontend.headers.SSLHost=${DOMAINNAME}"
- "traefik.frontend.headers.STSIncludeSubdomains=true"
- "traefik.frontend.headers.STSPreload=true"
- "traefik.frontend.headers.frameDeny=true"
volumes:
- ${USERDIR}/dockers/dokuwiki:/bitnami
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
networks:
traefik_proxy:
external:
name: traefik_proxy
conpot_local_ipmi:
external:
name: honeypots_conpot_local_ipmi
cowrie_local:
external:
name: honeypots_cowrie_local
default:
driver: bridge
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment