version: '3' services: traefik: image: traefik container_name: traefik restart: always ports: - "80:80" - "443:443" - "6666:8080" volumes: - ./traefik_data:/etc/traefik - /var/run/docker.sock:/var/run/docker.sock:ro networks: traefik_net: labels: - traefik.enable=true - traefik.http.routers.dashboard.rule=Host(`traefik.ghoscht.com`) - traefik.http.routers.dashboard.entrypoints=websecure - traefik.http.services.dashboard.loadbalancer.server.port=8080 - traefik.http.routers.dashboard.tls=true - traefik.http.routers.dashboard.tls.certresolver=lencrypt env_file: - traefik.env dns: - 1.1.1.1 homarr: container_name: homarr image: ghcr.io/ajnart/homarr:latest restart: always volumes: - homarr_data:/app/data/configs - homarr_icons:/app/public/imgs networks: traefik_net: labels: - traefik.enable=true - traefik.http.routers.homarr.entrypoints=websecure - traefik.http.routers.homarr.rule=Host(`dashboard.ghoscht.com`) - traefik.http.routers.homarr.tls=true - traefik.http.routers.homarr.tls.certresolver=lencrypt dns: - 1.1.1.1 scrutiny: container_name: scrutiny image: ghcr.io/analogj/scrutiny:master-omnibus restart: always cap_add: - SYS_RAWIO volumes: - /run/udev:/run/udev:ro - scrutiny_data:/opt/scrutiny/config - scrutiny_db:/opt/scrutiny/influxdb labels: - traefik.enable=true - traefik.http.routers.scrutiny.entrypoints=websecure - traefik.http.routers.scrutiny.rule=Host(`scrutiny.ghoscht.com`) - traefik.http.services.scrutiny.loadbalancer.server.port=8080 - traefik.http.routers.scrutiny.tls=true - traefik.http.routers.scrutiny.tls.certresolver=lencrypt networks: traefik_net: devices: - "/dev/sda" - "/dev/sdb" ntfy: image: binwiederhier/ntfy container_name: ntfy command: - serve environment: - TZ=UTC # optional: set desired timezone user: 1000:1000 # optional: replace with your own user/group or uid/gid volumes: - ./ntfy_data/server.yml:/etc/ntfy/server.yml labels: - traefik.enable=true - traefik.http.routers.ntfy.entrypoints=websecure - traefik.http.routers.ntfy.rule=Host(`ntfy.ghoscht.com`,`ntfy.local.ghoscht.com`) - traefik.http.routers.ntfy.tls=true - traefik.http.routers.ntfy.tls.certresolver=lencrypt networks: traefik_net: homeassistant: container_name: homeassistant image: "ghcr.io/home-assistant/home-assistant:stable" volumes: - /mnt/hdd/docker/home-assistant_data:/config - /etc/localtime:/etc/localtime:ro - /run/dbus:/run/dbus:ro restart: unless-stopped privileged: true labels: - traefik.enable=true - traefik.http.routers.homeassistant.entrypoints=websecure - traefik.http.routers.homeassistant.rule=Host(`home.ghoscht.com`,`home.local.ghoscht.com`) - traefik.http.routers.homeassistant.tls=true - traefik.http.routers.homeassistant.tls.certresolver=lencrypt - traefik.http.services.homeassistant.loadbalancer.server.port=8123 networks: traefik_net: cloudflared: container_name: cloudflared image: cloudflare/cloudflared:latest restart: always command: tunnel --no-autoupdate --protocol http2 run env_file: - cloudflared.env networks: traefik_net: networks: traefik_net: name: traefik-net driver: bridge external: true volumes: homarr_data: name: homarr_data homarr_icons: name: homarr_icons scrutiny_data: name: scrutiny_data scrutiny_db: name: scrutiny_db