Compare commits

..

180 Commits
1.0.0 ... main

Author SHA1 Message Date
05cd9b7324 readme 2024-10-22 06:27:30 +00:00
03de79513d ssh gitea 2024-10-21 17:12:57 +00:00
e5a8f72019 fix(traefik): ssh 2024-10-21 17:08:32 +00:00
faec745661 fix(traefik): gitea 2024-10-21 17:05:40 +00:00
a7b8eae0e3 feat(code): add zsh 2024-10-21 06:10:12 +00:00
8fd3378e96 feat(code): add volume root 2024-10-21 06:05:54 +00:00
c41155876c feat(traefik): entrypoint ssh 2024-10-21 05:58:46 +00:00
99f653b84e add gitea in trafix 2024-10-21 05:47:27 +00:00
3b356a1f8c feat: confi traefix for code 2024-10-20 15:15:40 +00:00
68238bcd6c feat: add code 2024-10-20 15:08:19 +00:00
1578e1156f cron 2024-07-04 13:45:59 +02:00
714dacc721 cron wtachtower 2024-07-04 13:25:28 +02:00
56794193fa crontab 2024-07-04 12:47:07 +02:00
a966c6a282 wathtower 2024-07-04 12:43:04 +02:00
dd1749aad5 tcp rules 2024-07-03 17:18:18 +02:00
fcdb39a75d fix 2024-07-03 17:17:00 +02:00
afb5c52777 fix rules 2024-07-03 17:15:05 +02:00
9283e9c7c2 dns 2024-07-03 17:14:12 +02:00
bcbf24523c fix 2024-07-03 17:10:29 +02:00
e9234a50a1 fix 2024-07-03 17:08:34 +02:00
6be0c0e500 fix 2024-07-03 17:06:23 +02:00
fd39688611 fix 2024-07-03 17:01:28 +02:00
9be4f95762 config adguard 2024-07-03 16:58:27 +02:00
ebce3a6a2a fix port 2024-07-03 12:45:29 +02:00
de8d02b5fa rule adguard 2024-07-03 12:43:18 +02:00
421c0eb7d2 chore: addhomarr adguard 2024-07-03 12:39:03 +02:00
c43230ee32 grafana 2024-06-21 17:39:36 +02:00
e96408bf02 rules 2024-06-20 18:05:32 +02:00
1d0362f00b vault 2024-06-20 16:24:45 +02:00
37976af9fe rules 2024-06-19 18:27:16 +02:00
9ebe42f1db rules 2024-06-19 18:15:51 +02:00
6a582482b0 rules 2024-06-19 18:09:41 +02:00
8d4254630b rules 2024-06-19 18:05:32 +02:00
a3317429e9 rules 2024-06-19 18:04:37 +02:00
984cd81b64 chore 2024-06-19 18:03:22 +02:00
09cf7785d0 rules 2024-06-19 17:57:24 +02:00
2c877170fa rules 2024-06-19 17:42:26 +02:00
4afe3d2706 firefly 2024-06-19 11:14:57 +02:00
d104787ad0 firefly 2024-06-19 11:12:10 +02:00
1e6499efbd homepage 2024-06-08 15:36:44 +02:00
6b31840491 cert 2024-06-08 15:25:07 +02:00
fd8e77be24 chore: change domain 2024-06-08 15:15:49 +02:00
b313eeda34 fix 2024-06-03 22:43:35 +02:00
a0109b8919 rule 2024-06-03 22:37:10 +02:00
f8f6ffef7b fix 2024-06-03 22:34:05 +02:00
0e1e3ba99f fix 2024-06-03 22:21:30 +02:00
24bae7c70a fix: path 2024-06-03 22:21:01 +02:00
ad7be455d5 env 2024-06-03 22:19:38 +02:00
890b6ff1ff rules 2024-06-03 08:21:40 +02:00
b8e6fe200f rules 2024-06-03 08:18:51 +02:00
517b4b1229 port actual 2024-06-03 08:16:21 +02:00
9bd9d0fa03 actual 2024-06-03 08:14:11 +02:00
0be4c0c38d mail joplin 2024-06-02 16:01:24 +02:00
80543a3034 test 2024-06-02 15:59:06 +02:00
734201d800 fix joplin 2024-06-02 15:58:16 +02:00
a5a8a51f75 rules 2024-06-02 15:57:34 +02:00
547976232b joplin 2024-06-02 15:55:40 +02:00
870beb9fda joplin 2024-06-02 11:41:11 +02:00
c4edf97664 joplin 2024-06-02 11:39:24 +02:00
67bf4f7472 db 2024-05-31 20:23:19 +02:00
03a28926ee db 2024-05-31 20:22:16 +02:00
5869d2eb63 rules 2024-05-29 13:32:42 +02:00
ebe01dd347 rules 2024-05-29 13:29:37 +02:00
6680099146 rule traefik 2024-05-29 11:13:30 +02:00
180697f4b1 config 2024-05-29 11:11:26 +02:00
15bd8b24ba mail 2024-05-29 10:17:47 +02:00
a0553c1bdb env 2024-05-29 08:37:22 +02:00
47d5d8e5cb db 2024-05-28 21:49:29 +02:00
5a869064bc joplin volume 2024-05-27 08:51:13 +02:00
508502d975 joplin db 2024-05-27 08:48:55 +02:00
12ce20d309 joplin config 2024-05-27 08:45:00 +02:00
ce4f7ecb91 rule joplin 2024-05-27 08:44:03 +02:00
b935d82f59 add joplin 2024-05-27 08:42:33 +02:00
e7ff1572cd password firefly 2024-05-26 20:45:10 +02:00
37de6f2b29 rule firefly 2024-05-26 20:07:53 +02:00
da99532097 stripprefixregex 2024-05-26 20:05:57 +02:00
1541c45c31 rules 2024-05-25 23:56:44 +02:00
8d8cfa8d14 rules 2024-05-25 23:54:24 +02:00
f7b5d1b7d5 homepage 2024-05-25 23:48:53 +02:00
1e3191252f rules 2024-05-25 23:33:25 +02:00
8e506a2791 rules 2024-05-25 23:32:09 +02:00
952f24721a rule firefly 2024-05-25 23:27:45 +02:00
a99443ca2f fix rules 2024-05-25 23:27:11 +02:00
d7621f5332 chore(traefik): rules 2024-05-25 23:25:35 +02:00
a4b8d12ad2 firefly 2024-05-25 23:10:38 +02:00
226a180484 level log 2024-05-25 16:12:14 +02:00
4ebe4933bc log 2024-05-25 16:10:09 +02:00
6dc06f5ad2 test 2024-05-25 16:07:43 +02:00
354a1d45fe chore: 2024-05-23 23:07:11 +02:00
d72120776a fix 2024-05-23 23:02:12 +02:00
f290f4688e chore: tls 2024-05-23 23:00:24 +02:00
295d64da8a docker 2024-05-23 22:49:26 +02:00
f23c1d0d88 rules 2024-05-23 22:47:24 +02:00
87a8229124 rules 2024-05-23 22:47:04 +02:00
0a3f4189ad docker 2024-05-23 22:44:32 +02:00
0e817ed877 let encrypt 2024-05-23 22:40:11 +02:00
35da83117b rules 2024-05-23 22:34:07 +02:00
58949030ae tls 2024-05-23 22:27:20 +02:00
2c39863273 tls 2024-05-23 22:25:56 +02:00
39fa98bb6c rule 2024-05-23 22:23:08 +02:00
d87534772c rules 2024-05-23 22:22:14 +02:00
8d16dc6f7f rules 2024-05-23 22:21:47 +02:00
7b074728a0 rules 2024-05-23 22:21:19 +02:00
a92f285ad6 rule 2024-05-23 22:20:52 +02:00
5551626a7c rules 2024-05-23 22:18:11 +02:00
1d34c58830 rules 2024-05-23 22:09:34 +02:00
bb247fec71 rules 2024-05-23 22:02:46 +02:00
354c2d7609 config 2024-05-23 21:59:28 +02:00
32a2484cf4 traefik 2024-05-23 19:13:09 +02:00
985f07d931 docker network 2024-05-23 19:09:50 +02:00
b565efac6f fix 2024-05-22 16:28:40 +02:00
483ecdbcc1 test 2024-05-22 16:27:48 +02:00
7f1949b927 network 2024-05-22 08:28:50 +02:00
4d4120b661 chore:network 2024-05-22 08:28:06 +02:00
79f838d0c6 chore:network mode 2024-05-22 08:26:03 +02:00
c653bdee17 chore:network mode 2024-05-22 08:25:18 +02:00
ff34160027 chore: vault 2024-05-21 23:14:45 +02:00
801b1f8df2 fix 2024-05-21 23:11:00 +02:00
4374e245c0 chore: network 2024-05-21 23:08:11 +02:00
377072306d tls 2024-05-21 08:32:18 +02:00
a9871ead9c tls 2024-05-21 08:25:09 +02:00
5ea362876a chore:tls 2024-05-21 08:17:45 +02:00
6bf9bbefa6 chore: log level 2024-05-21 08:10:15 +02:00
fe87a5413c chore:docker 2024-05-20 17:30:43 +02:00
3a8c01d2b2 chore: traffix 2024-05-20 17:27:34 +02:00
eee2089432 docker 2024-05-20 17:23:41 +02:00
070b5b0a6e fix docker 2024-05-20 17:14:17 +02:00
f154911284 traffik 2024-05-20 17:12:42 +02:00
1bee4fd9d6 fix pqth 2024-05-20 17:04:37 +02:00
64f636b403 chore 2024-05-20 17:02:45 +02:00
0f295d8c9b chore 2024-05-20 16:59:10 +02:00
4207f8a32e middlewares 2024-05-20 16:53:52 +02:00
9ab1e90628 chore: redir 2024-05-20 16:52:15 +02:00
96ed2a03d2 fix 2024-05-20 16:51:25 +02:00
188d4d8822 fix: middlewares 2024-05-20 16:42:35 +02:00
95b8d39f11 chore: middlewares 2024-05-20 16:40:37 +02:00
be861aefcb fix 2024-05-20 13:57:39 +02:00
a95d09fdbe fix 2024-05-20 13:56:14 +02:00
f4f88bb442 fix tls 2024-05-20 13:55:23 +02:00
6d1d9952ee chose: nas 2024-05-20 13:48:16 +02:00
fa886aaac4 choretls 2024-05-20 13:39:50 +02:00
1b32ea1c17 rules 2024-05-19 10:50:22 +02:00
041d2d6c10 chore: rules 2024-05-19 10:39:27 +02:00
41a69ae4c0 rules 2024-05-19 10:28:01 +02:00
c1806e765f conf 2024-05-18 23:54:39 +02:00
228dde635d chore: test rules 2024-05-18 23:42:12 +02:00
55e892c6cd dynamic config 2024-05-18 23:35:51 +02:00
9f5bb0b5cc config 2024-05-18 23:27:35 +02:00
6dfae1869d chore: add dsm 2024-05-18 23:09:27 +02:00
714d474f00 test 2024-05-17 23:53:47 +02:00
37e0e7c512 config 2024-05-17 23:51:56 +02:00
3788bef3d7 config 2024-05-17 23:49:07 +02:00
612bb0e62d whoami 2024-05-17 23:47:22 +02:00
2ef08d1299 fix 2024-05-17 23:42:13 +02:00
e8ac2d2705 fix 2024-05-17 23:41:25 +02:00
0394aef25f config network 2024-05-17 23:40:11 +02:00
d8221806bc chore: chqnge port 2024-05-17 23:31:49 +02:00
adcbe45f48 chore: config ok 2024-05-17 23:26:23 +02:00
ec421605d7 config 2024-05-15 08:34:40 +02:00
656f75c9e2 config 2024-05-15 08:30:32 +02:00
d2aaa48f62 config 2024-05-14 21:10:12 +02:00
51d700b527 docker 2024-05-14 21:06:01 +02:00
0ecf1b59f2 docker 2024-05-14 21:04:16 +02:00
70b4d142ac config 2024-05-14 20:56:56 +02:00
6507abbd9c docker 2024-05-14 19:15:18 +02:00
6987ece63f fds 2024-05-14 19:12:24 +02:00
73b8f9dd71 add log level 2024-05-14 19:00:44 +02:00
b5c735aa6c chore config 2024-05-04 18:42:45 +02:00
3ebabbe7ec chore: config 2024-05-04 18:38:08 +02:00
f9b23d53e2 chore: config 2024-05-04 18:36:40 +02:00
38d21ae64a chore: config 2024-05-04 18:16:41 +02:00
11b1ff6d4c chore: config 2024-05-04 10:03:00 +02:00
2dbed09385 chore: add network 2024-05-03 23:17:55 +02:00
40406e9787 chore: add whoami 2024-05-03 23:16:58 +02:00
190f618437 fix: delete whoami 2024-05-03 23:10:59 +02:00
ad435903da chore: config 2024-05-03 23:10:19 +02:00
faedebcd10 chore: add whoami 2024-05-03 23:05:33 +02:00
4a1d12ad7f chore: config 2024-05-03 23:03:00 +02:00
9f5c29d96a fix: syntax 2024-05-03 23:00:46 +02:00
4bd15bab66 fix: syntax 2024-05-03 22:59:42 +02:00
25 changed files with 1142 additions and 43 deletions

15
actual/docker-compose.yml Normal file
View File

@ -0,0 +1,15 @@
version: '3'
services:
actual_server:
image: docker.io/actualbudget/actual-server:latest
ports:
# This line makes Actual available at port 5006 of the device you run the server on,
# i.e. http://localhost:5006. You can change the first number to change the port, if you want.
- '8085:5006'
environment:
- HTTPS
volumes:
# Change './actual-data' below to the path to the folder you want Actual to store its data in on your server.
# '/data' is the path Actual will look for its files in by default, so leave that as-is.
- /volume1/docker/actual/data:/data
restart: unless-stopped

View File

@ -0,0 +1,19 @@
version: "3"
services:
adguardhome:
image: adguard/adguardhome
container_name: adguardhome
ports:
- 53:53/tcp
- 53:53/udp
- 3999:3000/tcp
- 8089:80/tcp
volumes:
- adguardhome-workdir:/opt/adguardhome/work
- adguardhome-confdir:/opt/adguardhome/conf
restart: unless-stopped
volumes:
adguardhome-confdir: {}
adguardhome-workdir: {}

21
code/docker-compose.yml Normal file
View File

@ -0,0 +1,21 @@
---
services:
code-server:
image: lscr.io/linuxserver/code-server:latest
container_name: code-server
environment:
# - DOCKER_MODS='docker.io/linuxserver/mods:universal-docker|lscr.io/linuxserver/mods:code-server-docker|docker.io/linuxserver/mods:code-server-extension-arguments'
- DOCKER_MODS=linuxserver/mods:universal-docker|linuxserver/mods:code-server-docker|linuxserver/mods:code-server-extension-arguments|linuxserver/mods:code-server-zsh
- VSCODE_EXTENSION_IDS=felipecaputo.git-project-manager|mhutchie.git-graph|ms-azuretools.vscode-docker
# - DOCKER_MODS_FORCE_REGISTRY=true
- PUID=0
- PGID=0
- TZ=Etc/UTC
volumes:
- /volume1/docker/code/config:/config
- /volume1/docker/code/workspace:/home/coder/workspace
- /volume1/docker/code/home:/root
- /var/run/docker.sock:/var/run/docker.sock
ports:
- 8090:8443
restart: unless-stopped

View File

@ -1,40 +0,0 @@
version: '3'
services:
traefik:
image: traefik:latest
container_name: "traefik"
restart: always
ports:
- "8888:80"
- "8443:443"
#networks:
# - web
# - default
env_file:
- './conf/.ovh-api.env'
volumes:
# Mapping sur le socket interne de Docker
- '/var/run/docker.sock:/var/run/docker.sock'
# Mapping du fichier de configuration statique
- '/volume1/docker/traefik/conf/traefik.yml:/traefik.yml'
# Mapping du dossier contenant la configuration dynamique
#- './conf/dyn_traefik/:/dyn_traefik/'
# Mapping du fichier de stockage des certificats
#- './conf/acme.json:/acme.json'
labels:
- "traefik.enable=true"
services:
whoami:
image: traefik/whoami:v1.6.0
container_name: "whoami"
labels:
# On indique que Traefik doit prendre en compte ce conteneur
- "traefik.enable=true"
# On déclare le routeur 'whoami' pour notre application avec une règle qui match sur le hostname
- "traefik.http.routers.whoami.rule=Host(`whoami.my-domain.fr`)"
# On précise le entrypoint sur lequel ce routeur va être effectif
- "traefik.http.routers.whoami.entrypoints=websecure"

4
firefly/.db.env Normal file
View File

@ -0,0 +1,4 @@
MYSQL_RANDOM_ROOT_PASSWORD=yes
MYSQL_USER=firefly
MYSQL_PASSWORD=ZkncfDR8
MYSQL_DATABASE=firefly

300
firefly/.env Normal file
View File

@ -0,0 +1,300 @@
# You can leave this on "local". If you change it to production most console commands will ask for extra confirmation.
# Never set it to "testing".
APP_ENV=production
# Set to true if you want to see debug information in error screens.
APP_DEBUG=false
# This should be your email address.
# If you use Docker or similar, you can set this variable from a file by using SITE_OWNER_FILE
# The variable is used in some errors shown to users who aren't admin.
SITE_OWNER=lecoiffiermathieu@gmail.com
# The encryption key for your sessions. Keep this very secure.
# Change it to a string of exactly 32 chars or use something like `php artisan key:generate` to generate it.
# If you use Docker or similar, you can set this variable from a file by using APP_KEY_FILE
#
# Avoid the "#" character in your APP_KEY, it may break things.
#
APP_KEY=SomeRandomStringOf32CharsExactly
# Firefly III will launch using this language (for new users and unauthenticated visitors)
# For a list of available languages: https://github.com/firefly-iii/firefly-iii/tree/main/resources/lang
#
# If text is still in English, remember that not everything may have been translated.
DEFAULT_LANGUAGE=fr_FR
# The locale defines how numbers are formatted.
# by default this value is the same as whatever the language is.
DEFAULT_LOCALE=equal
# Change this value to your preferred time zone.
# Example: Europe/Amsterdam
# For a list of supported time zones, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ=Europe/Amsterdam
# TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy.
# Set it to ** and reverse proxies work just fine.
TRUSTED_PROXIES=**
# The log channel defines where your log entries go to.
# Several other options exist. You can use 'single' for one big fat error log (not recommended).
# Also available are 'syslog', 'errorlog' and 'stdout' which will log to the system itself.
# A rotating log option is 'daily', creates 5 files that (surprise) rotate.
# A cool option is 'papertrail' for cloud logging
# Default setting 'stack' will log to 'daily' and to 'stdout' at the same time.
LOG_CHANNEL=stack
# Log level. You can set this from least severe to most severe:
# debug, info, notice, warning, error, critical, alert, emergency
# If you set it to debug your logs will grow large, and fast. If you set it to emergency probably
# nothing will get logged, ever.
APP_LOG_LEVEL=notice
# Audit log level.
# The audit log is used to log notable Firefly III events on a separate channel.
# These log entries may contain sensitive financial information.
# The audit log is disabled by default.
#
# To enable it, set AUDIT_LOG_LEVEL to "info"
# To disable it, set AUDIT_LOG_LEVEL to "emergency"
AUDIT_LOG_LEVEL=emergency
#
# If you want, you can redirect the audit logs to another channel.
# Set 'audit_stdout', 'audit_syslog', 'audit_errorlog' to log to the system itself.
# Use audit_daily to log to a rotating file.
# Use audit_papertrail to log to papertrail.
#
# If you do this, the audit logs may be mixed with normal logs because the settings for these channels
# are often the same as the settings for the normal logs.
AUDIT_LOG_CHANNEL=
#
# Used when logging to papertrail:
# Also used when audit logs log to papertrail:
#
PAPERTRAIL_HOST=
PAPERTRAIL_PORT=
# Database credentials. Make sure the database exists. I recommend a dedicated user for Firefly III
# For other database types, please see the FAQ: https://docs.firefly-iii.org/references/faq/install/#i-want-to-use-sqlite
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
# Use "pgsql" for PostgreSQL
# Use "mysql" for MySQL and MariaDB.
# Use "sqlite" for SQLite.
DB_CONNECTION=mysql
DB_HOST=db
DB_PORT=3306
DB_DATABASE=firefly
DB_USERNAME=firefly
DB_PASSWORD=ZkncfDR8
# leave empty or omit when not using a socket connection
DB_SOCKET=
# MySQL supports SSL. You can configure it here.
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MYSQL_USE_SSL=false
MYSQL_SSL_VERIFY_SERVER_CERT=false
# If you're looking for performance improvements, you could install memcached or redis
CACHE_DRIVER=file
SESSION_DRIVER=file
# If you set either of the options above to 'redis', you might want to update these settings too
# If you use Docker or similar, you can set REDIS_HOST_FILE, REDIS_PASSWORD_FILE or
# REDIS_PORT_FILE to set the value from a file instead of from an environment variable
# can be tcp or unix. http is not supported
REDIS_SCHEME=tcp
# use only when using 'unix' for REDIS_SCHEME. Leave empty otherwise.
REDIS_PATH=
# use only when using 'tcp' or 'http' for REDIS_SCHEME. Leave empty otherwise.
REDIS_HOST=127.0.0.1
REDIS_PORT=6379
# Use only with Redis 6+ with proper ACL set. Leave empty otherwise.
REDIS_USERNAME=
REDIS_PASSWORD=
# always use quotes and make sure redis db "0" and "1" exists. Otherwise change accordingly.
REDIS_DB="0"
REDIS_CACHE_DB="1"
# Cookie settings. Should not be necessary to change these.
# If you use Docker or similar, you can set COOKIE_DOMAIN_FILE to set
# the value from a file instead of from an environment variable
# Setting samesite to "strict" may give you trouble logging in.
COOKIE_PATH="/"
COOKIE_DOMAIN=
COOKIE_SECURE=false
COOKIE_SAMESITE=lax
# If you want Firefly III to email you, update these settings
# For instructions, see: https://docs.firefly-iii.org/how-to/firefly-iii/advanced/notifications/#email
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MAIL_MAILER=log
MAIL_HOST=smtp-mail.outlook.com
MAIL_PORT=587
MAIL_FROM=lecoiffiermathieu@outlook.fr
MAIL_USERNAME=lecoiffiermathieu@outlook.fr
MAIL_PASSWORD=I9OKN?./
MAIL_ENCRYPTION=starttls
# Other mail drivers:
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MAILGUN_DOMAIN=
MAILGUN_SECRET=
# If you are on EU region in mailgun, use api.eu.mailgun.net, otherwise use api.mailgun.net
# If you use Docker or similar, you can set this variable from a file by appending it with _FILE
MAILGUN_ENDPOINT=api.mailgun.net
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MANDRILL_SECRET=
SPARKPOST_SECRET=
# Firefly III can send you the following messages.
SEND_ERROR_MESSAGE=true
# These messages contain (sensitive) transaction information:
SEND_REPORT_JOURNALS=true
# Set this value to true if you want to set the location of certain things, like transactions.
# Since this involves an external service, it's optional and disabled by default.
ENABLE_EXTERNAL_MAP=false
#
# Enable or disable exchange rate conversion. This function isn't used yet by Firefly III
#
ENABLE_EXCHANGE_RATES=false
# Set this value to true if you want Firefly III to download currency exchange rates
# from the internet. These rates are hosted by the creator of Firefly III inside
# an Azure Storage Container.
# Not all currencies may be available. Rates may be wrong.
ENABLE_EXTERNAL_RATES=false
# The map will default to this location:
MAP_DEFAULT_LAT=51.983333
MAP_DEFAULT_LONG=5.916667
MAP_DEFAULT_ZOOM=6
#
# Some objects have room for an URL, like transactions and webhooks.
# By default, the following protocols are allowed:
# http, https, ftp, ftps, mailto
#
# To change this, set your preferred comma separated set below.
# Be sure to include http, https and other default ones if you need to.
#
VALID_URL_PROTOCOLS=https
#
# Firefly III authentication settings
#
#
# Firefly III supports a few authentication methods:
# - 'web' (default, uses built in DB)
# - 'remote_user_guard' for Authelia etc
# Read more about these settings in the documentation.
# https://docs.firefly-iii.org/how-to/firefly-iii/advanced/authentication/
#
# LDAP is no longer supported :(
#
AUTHENTICATION_GUARD=web
#
# Remote user guard settings
#
AUTHENTICATION_GUARD_HEADER=REMOTE_USER
AUTHENTICATION_GUARD_EMAIL=
#
# Firefly III generates a basic keypair for your OAuth tokens.
# If you want, you can overrule the key with your own (secure) value.
# It's also possible to set PASSPORT_PUBLIC_KEY_FILE or PASSPORT_PRIVATE_KEY_FILE
# if you're using Docker secrets or similar solutions for secret management
#
PASSPORT_PRIVATE_KEY=
PASSPORT_PUBLIC_KEY=
#
# Extra authentication settings
#
CUSTOM_LOGOUT_URL=
# You can disable the X-Frame-Options header if it interferes with tools like
# Organizr. This is at your own risk. Applications running in frames run the risk
# of leaking information to their parent frame.
DISABLE_FRAME_HEADER=false
# You can disable the Content Security Policy header when you're using an ancient browser
# or any version of Microsoft Edge / Internet Explorer (which amounts to the same thing really)
# This leaves you with the risk of not being able to stop XSS bugs should they ever surface.
# This is at your own risk.
DISABLE_CSP_HEADER=false
# If you wish to track your own behavior over Firefly III, set valid analytics tracker information here.
# Nobody uses this except for me on the demo site. But hey, feel free to use this if you want to.
# Do not prepend the TRACKER_URL with http:// or https://
# The only tracker supported is Matomo.
# You can set the following variables from a file by appending them with _FILE:
TRACKER_SITE_ID=
TRACKER_URL=
#
# Firefly III supports webhooks. These are security sensitive and must be enabled manually first.
#
ALLOW_WEBHOOKS=false
#
# The static cron job token can be useful when you use Docker and wish to manage cron jobs.
# 1. Set this token to any 32-character value (this is important!).
# 2. Use this token in the cron URL instead of a user's command line token that you can find in /profile
#
# For more info: https://docs.firefly-iii.org/how-to/firefly-iii/advanced/cron/
#
# You can set this variable from a file by appending it with _FILE
#
STATIC_CRON_TOKEN=
# You can fine tune the start-up of a Docker container by editing these environment variables.
# Use this at your own risk. Disabling certain checks and features may result in lots of inconsistent data.
# However if you know what you're doing you can significantly speed up container start times.
# Set each value to true to enable, or false to disable.
# Set this to true to build all locales supported by Firefly III.
# This may take quite some time (several minutes) and is generally not recommended.
# If you wish to change or alter the list of locales, start your Docker container with
# `docker run -v locale.gen:/etc/locale.gen -e DKR_BUILD_LOCALE=true`
# and make sure your preferred locales are in your own locale.gen.
DKR_BUILD_LOCALE=false
# Check if the SQLite database exists. Can be skipped if you're not using SQLite.
# Won't significantly speed up things.
DKR_CHECK_SQLITE=true
# Leave the following configuration vars as is.
# Unless you like to tinker and know what you're doing.
APP_NAME=FireflyIII
BROADCAST_DRIVER=log
QUEUE_DRIVER=sync
CACHE_PREFIX=firefly
#
# The v2 layout is very experimental. If it breaks you get to keep both parts.
# Be wary of data loss.
#
FIREFLY_III_LAYOUT=v1
#
# Please make sure this URL matches the external URL of your Firefly III installation.
# It is used to validate specific requests and to generate URLs in emails.
#
APP_URL=https://firefly.huguette.ovh

268
firefly/.importer.env Normal file
View File

@ -0,0 +1,268 @@
# Firefly Data Importer (FIDI) configuration file
# Where is Firefly III?
#
# 1) Make sure you ADD http:// or https://
# 2) Make sure you REMOVE any trailing slash from the end of the URL.
# 3) In case of Docker, refer to the internal IP of your Firefly III installation.
#
# Setting this value is not mandatory. But it is very useful.
#
# This variable can be set from a file if you append it with _FILE
#
FIREFLY_III_URL=http://app:8080
#
# Imagine Firefly III can be reached at "http://172.16.0.2:8082" (internal Docker network or something).
# But you have a fancy URL: "https://personal-finances.bill.microsoft.com/"
#
# In those cases, you can overrule the URL so when the data importer links back to Firefly III, it uses the correct URL.
#
# 1) Make sure you ADD http:// or https://
# 2) Make sure you REMOVE any trailing slash from the end of the URL.
#
# IF YOU SET THIS VALUE, YOU MUST ALSO SET THE FIREFLY_III_URL
#
# This variable can be set from a file if you append it with _FILE
#
VANITY_URL=https://firefly.huguette.ovh/
#
# Set your Firefly III Personal Access Token (OAuth)
# You can create a Personal Access Token on the /profile page:
# go to the OAuth tab, then Personal Access Token and "Create token".
#
# - Do not use the "command line token". That's the WRONG one.
# - Do not use "APP_KEY" value from your Firefly III installation. That's the WRONG one.
#
# Setting this value is not mandatory. Instructions will follow if you omit this field.
#
# This variable can be set from a file if you append it with _FILE
#
FIREFLY_III_ACCESS_TOKEN=
#
# You can also use a public client ID. This is available in Firefly III 5.4.0-alpha.3 and higher.
# This is a number (1, 2, 3). If you use the client ID, you can leave the access token empty and vice versa.
#
# This value is not mandatory to set. Instructions will follow if you omit this field.
#
# This variable can be set from a file if you append it with _FILE
#
FIREFLY_III_CLIENT_ID=
#
# Nordigen information.
# The key and ID can be set from a file if you append it with _FILE
#
NORDIGEN_ID=
NORDIGEN_KEY=
NORDIGEN_SANDBOX=false
#
# Spectre information
#
# The ID and secret can be set from a file if you append it with _FILE
SPECTRE_APP_ID=
SPECTRE_SECRET=
#
# Use cache. No need to do this.
#
USE_CACHE=false
#
# If set to true, the data import will not complain about running into duplicates.
# This will give you cleaner import mails if you run regular imports.
#
# This means that the data importer will not import duplicates, but it will not complain about them either.
#
# This setting has no influence on the settings in your configuration(.json).
#
# Of course, if something goes wrong *because* the transaction is a duplicate you will
# NEVER know unless you start digging in your log files. So be careful with this.
#
IGNORE_DUPLICATE_ERRORS=false
#
# If you set this to true, the importer will not complain about transactions that can't be found after they've
# been imported. This happens when rule on the Firefly III side deletes the transaction immediately after creating it.
# This can be useful when you have a rule that immediately deletes GoCardless' "pending" transactions. Setting this
# to true reduces some noise.
#
IGNORE_NOT_FOUND_TRANSACTIONS=false
#
# Auto import settings. Due to security constraints, you MUST enable each feature individually.
# You must also set a secret. The secret is used for the web routes.
#
# The auto-import secret must be a string of at least 16 characters.
# Visit this page for inspiration: https://www.random.org/passwords/?num=1&len=16&format=html&rnd=new
#
# Submit it using ?secret=X
#
# This variable can be set from a file if you append it with _FILE
#
AUTO_IMPORT_SECRET=
#
# Is the /autoimport even endpoint enabled?
# By default it's disabled, and the secret alone will not enable it.
#
CAN_POST_AUTOIMPORT=false
#
# Is the /autoupload endpoint enabled?
# By default it's disabled, and the secret alone will not enable it.
#
CAN_POST_FILES=false
#
# Import directory white list. You need to set this before the auto importer will accept a directory to import from.
#
# This variable can be set from a file if you append it with _FILE
#
IMPORT_DIR_ALLOWLIST=
#
# If you import from a directory, you can save a fallback configuration file in the directory.
# This file must be called "_fallback.json" and will be used when your CSV or CAMT.053 file is not accompanied
# by a configuration file.
#
# This fallback configuration will only be used if this variable is set to true.
# https://docs.firefly-iii.org/how-to/data-importer/advanced/post/#importing-a-local-directory
#
FALLBACK_IN_DIR=false
#
# When you're running Firefly III under a (self-signed) certificate,
# the data importer may have trouble verifying the TLS connection.
#
# You have a few options to make sure the data importer can connect
# to Firefly III:
# - 'true': will verify all certificates. The most secure option and the default.
# - 'file.pem': refer to a file (you must provide it) to your custom root or intermediate certificates.
# - 'false': will verify NO certificates. Not very secure.
VERIFY_TLS_SECURITY=true
#
# If you want, you can set a directory here where the data importer will look for import configurations.
# This is a separate setting from the /import directory that the auto-import uses.
# Setting this variable isn't necessary. The default value is "storage/configurations".
#
# This variable can be set from a file if you append it with _FILE
#
JSON_CONFIGURATION_DIR=
#
# Time out when connecting with Firefly III.
# π*10 seconds is usually fine.
#
CONNECTION_TIMEOUT=31.41
# The following variables can be useful when debugging the application
APP_ENV=local
APP_DEBUG=false
LOG_CHANNEL=stack
#
# If you turn this on, expect massive logs with lots of privacy sensitive data
#
LOG_RETURN_JSON=false
# Log level. You can set this from least severe to most severe:
# debug, info, notice, warning, error, critical, alert, emergency
# If you set it to debug your logs will grow large, and fast. If you set it to emergency probably
# nothing will get logged, ever.
LOG_LEVEL=debug
# TRUSTED_PROXIES is a useful variable when using Docker and/or a reverse proxy.
# Set it to ** and reverse proxies work just fine.
TRUSTED_PROXIES=
#
# Time zone
#
TZ=Europe/Amsterdam
#
# Email settings.
# The data importer can send you a message with all errors, warnings and messages
# after a successful import. This is disabled by default
#
ENABLE_MAIL_REPORT=false
#
# Force Firefly III URL to be secure?
#
#
EXPECT_SECURE_URL=false
# If enabled, define which mailer you want to use.
# Options include: smtp, mailgun, postmark, sendmail, log, array
# Amazon SES is not supported.
# log = drop mails in the logs instead of sending them
# array = debug mailer that does nothing.
MAIL_MAILER=log
# where to send the report?
MAIL_DESTINATION=noreply@example.com
# other mail settings
# These variables can be set from a file if you append it with _FILE
MAIL_HOST=smtp-mail.outlook.com
MAIL_PORT=587
MAIL_FROM=lecoiffiermathieu@outlook.fr
MAIL_USERNAME=lecoiffiermathieu@outlook.fr
MAIL_PASSWORD=I9OKN?./
MAIL_ENCRYPTION=starttls
# Extra settings depending on your mail configuration above.
# These variables can be set from a file if you append it with _FILE
MAILGUN_DOMAIN=
MAILGUN_SECRET=
MAILGUN_ENDPOINT=
POSTMARK_TOKEN=
#
# You probably won't need to change these settings.
#
BROADCAST_DRIVER=log
CACHE_DRIVER=file
QUEUE_CONNECTION=sync
SESSION_DRIVER=file
SESSION_LIFETIME=120
IS_EXTERNAL=false
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
# always use quotes
REDIS_DB="0"
REDIS_CACHE_DB="1"
#
# Use ASSET_URL when your data importer webpages are served from a URL with a subfolder path
# This pre-appends the subfolder path in front of URLs for browser-side assets such as CSS Files.
# Example: If your webserver (i.e. NGINX) is configured to serve the data importer webpages from
# http://localhost/ff3di, set ASSET_URL = /ff3di
# and it will pre-append that value to any requests for browser-side assets
# 1) Make sure you REMOVE any trailing slash from the end of the URL.
#
ASSET_URL=
# The only tracker supported is Matomo.
# This is used on the public instance over at https://data-importer.firefly-iii.org
TRACKER_SITE_ID=
TRACKER_URL=
APP_NAME=DataImporter
#
# The APP_URL environment variable is NOT used anywhere.
# Don't bother setting it to fix your reverse proxy problems. It won't help.
# Don't open issues telling me it doesn't help because it's not supposed to.
# Laravel uses this to generate links on the command line, which is a feature the data importer does not use.
#
APP_URL=https://firefly.huguette.ovh/

View File

@ -0,0 +1,66 @@
version: '3.3'
#
# The Firefly III Data Importer will ask you for the Firefly III URL and a "Client ID".
# You can generate the Client ID at http://localhost/profile (after registering)
# The Firefly III URL is: http://app:8080
#
# Other URL's will give 500 | Server Error
#
services:
app:
image: fireflyiii/core:latest
hostname: app
container_name: firefly_iii_core
networks:
- firefly_iii
restart: always
volumes:
- firefly_iii_upload:/var/www/html/storage/upload
env_file: .env
ports:
- '8082:8080'
depends_on:
- db
db:
image: mariadb:lts
hostname: db
container_name: firefly_iii_db
networks:
- firefly_iii
restart: always
env_file: .db.env
volumes:
- firefly_iii_db:/var/lib/mysql
importer:
image: fireflyiii/data-importer:latest
hostname: importer
restart: always
container_name: firefly_iii_importer
networks:
- firefly_iii
ports:
- '81:8080'
depends_on:
- app
env_file: .importer.env
cron:
#
# To make this work, set STATIC_CRON_TOKEN in your .env file or as an environment variable and replace REPLACEME below
# The STATIC_CRON_TOKEN must be *exactly* 32 characters long
#
image: alpine
container_name: firefly_iii_cron
restart: always
command: sh -c "echo \"0 3 * * * wget -qO- http://app:8080/api/v1/cron/REPLACEME\" | crontab - && crond -f -L /dev/stdout"
networks:
- firefly_iii
volumes:
firefly_iii_upload:
firefly_iii_db:
networks:
firefly_iii:

View File

@ -0,0 +1,12 @@
version: "3.8"
services:
grafana:
image: grafana/grafana-enterprise
container_name: grafana
restart: unless-stopped
ports:
- '8086:3000'
volumes:
- grafana-storage:/var/lib/grafana
volumes:
grafana-storage: {}

21
homarr/docker-compose.yml Normal file
View File

@ -0,0 +1,21 @@
version: '3'
#---------------------------------------------------------------------#
# Homarr - A simple, yet powerful dashboard for your server. #
#---------------------------------------------------------------------#
services:
homarr:
container_name: homarr
image: ghcr.io/ajnart/homarr:latest
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock # Optional, only if you want docker integration
- homarr-storage-configs:/app/data/configs
- homarr-storage-icons:/app/public/icons
- homarr-storage-data:/data
ports:
- '8087:7575'
volumes:
homarr-storage-configs: {}
homarr-storage-icons: {}
homarr-storage-data: {}

View File

View File

@ -0,0 +1,2 @@
my-docker:
socket: /var/run/docker.sock

View File

@ -0,0 +1,21 @@
- Group A:
- Sonarr:
icon: sonarr.png
href: http://sonarr.host/
description: Series management
- Group B:
- Radarr:
icon: radarr.png
href: http://radarr.host/
description: Movie management
- Group C:
- Service:
icon: mdi-flask-outline
href: http://service.host/
description: My cool service
widget:
type: traefik
url: http://192.168.1.100:8088

View File

@ -0,0 +1,17 @@
title: My Awesome Homepage
startUrl: https://home.huguette.ovh
layout:
Media:
style: row
columns: 4
layout:
- Auto-Discovered1:
- Configured1:
- Configured2:
- Auto-Discovered2:
- Configured3:
style: row
columns: 3

2
homepage/deploy.sh Normal file
View File

@ -0,0 +1,2 @@
cp -r conf/ /volume1/docker/homepage/conf/
docker-compose up -d --force-recreate

View File

@ -0,0 +1,10 @@
version: "3.3"
services:
homepage:
image: ghcr.io/gethomepage/homepage:latest
container_name: homepage
ports:
- 8083:3000
volumes:
- /volume1/docker/homepage/conf:/app/config # Make sure your local config directory exists
- /var/run/docker.sock:/var/run/docker.sock # (optional) For docker integrations

38
joplin/docker-compose.yml Normal file
View File

@ -0,0 +1,38 @@
version: '3'
services:
db:
image: postgres:15
volumes:
- /volume1/docker/joplin/db:/var/lib/postgresql/data
restart: unless-stopped
environment:
- POSTGRES_PASSWORD=postgres
- POSTGRES_USER=postgres
- POSTGRES_DB=joplin
app:
image: joplin/server:latest
depends_on:
- db
ports:
- "8084:22300"
restart: unless-stopped
environment:
- APP_PORT=22300
- APP_BASE_URL=https://joplin.huguette.ovh/
- DB_CLIENT=pg
- POSTGRES_PASSWORD=postgres
- POSTGRES_DATABASE=joplin
- POSTGRES_USER=postgres
- POSTGRES_PORT=5432
- POSTGRES_HOST=db
- MAILER_ENABLED=1
- MAILER_HOST=smtp-mail.outlook.com
- MAILER_PORT=587
- MAILER_SECURE=1
- MAILER_AUTH_USER=lecoiffiermathieu@outlook.fr
- MAILER_AUTH_PASSWORD=I9OKN?./
volumes:
joplindb:

1
readme.md Normal file
View File

@ -0,0 +1 @@
# Readme

View File

@ -1,3 +0,0 @@
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false

View File

@ -0,0 +1,37 @@
version: '3'
services:
reverse-proxy:
# The official v3 Traefik docker image
image: traefik:v3.0
# Enables the web UI and tells Traefik to listen to docker
#network_mode: "host"
networks:
- web
- default
ports:
# The HTTP port
- "1080:80"
- "1443:443"
- "853:853"
# The Web UI (enabled by --api.insecure=true)
- "8088:8080"
volumes:
- /volume1/docker/traefik/conf/traefik.yml:/etc/traefik/traefik.yml
- /volume1/docker/traefik/conf/rules.yaml:/etc/traefik/rules.yaml
- /volume1/docker/traefik/letsencrypt/acme-v2.json:/etc/traefik/acme-v2.json
- /var/run/docker.sock:/var/run/docker.sock
whoami:
# A container that exposes an API to show its IP address
image: traefik/whoami
labels:
labels:
- traefik.http.routers.blog.rule=Host(`huguettes.freeboxos.fr`) && Path(`/whoami`)
networks:
web:
external: true

232
traefik/rules.yaml Normal file
View File

@ -0,0 +1,232 @@
http:
routers:
router-dsm:
rule: "Host(`huguettes.freeboxos.fr`) && PathRegexp(`(/nas|/photo|/file|/drive|/note|)`)"
service: "service-dsm"
tls: {}
middlewares:
- replacepathregex-nas
router-dsm-2:
rule: "Host(`huguette.ovh`) && PathRegexp(`(/nas|/photo|/file|/drive|/note)`)"
service: "service-dsm"
tls:
certResolver: myresolver
middlewares:
- replacepathregex-nas
router-dsm-default:
rule: "Host(`huguette.ovh`)"
service: "service-dsm"
tls: {}
middlewares:
- replacepathregex-nas
priority: 1000
router-vaultwarden:
rule: "Host(`vaultwarden.huguette.ovh`)"
service: "service-vaultwarden"
tls:
certResolver: myresolver
router-gitea:
rule: "Host(`gitea.huguette.ovh`)"
service: "service-gitea"
tls:
certResolver: myresolver
router-firefly:
rule: "Host(`firefly.huguette.ovh`)"
service: "service-firefly"
tls:
certResolver: myresolver
router-homepage:
rule: "Host(`home.huguette.ovh`)"
service: "service-homarr"
tls:
certResolver: myresolver
router-joplin:
rule: "Host(`joplin.huguette.ovh`)"
service: "service-joplin"
tls:
certResolver: myresolver
router-actual:
rule: "Host(`actual.huguette.ovh`)"
service: "service-actual"
tls:
certResolver: myresolver
router-jellyfin:
rule: "Host(`jellyfin.huguette.ovh`)"
service: "service-jellyfin"
tls:
certResolver: myresolver
router-radarr:
rule: "Host(`radarr.huguette.ovh`)"
service: "service-radarr"
tls:
certResolver: myresolver
router-sonarr:
rule: "Host(`sonarr.huguette.ovh`)"
service: "service-sonarr"
tls:
certResolver: myresolver
router-transmission:
rule: "Host(`transmission.huguette.ovh`)"
service: "service-transmission"
tls:
certResolver: myresolver
router-flaresolverr:
rule: "Host(`flaresolverr.huguette.ovh`)"
service: "service-flaresolverr"
tls:
certResolver: myresolver
router-grafana:
rule: "Host(`grafana.huguette.ovh`)"
service: "service-grafana"
tls:
certResolver: myresolver
router-adguardhome:
rule: "Host(`dns.huguette.ovh`)"
service: "service-adguardhome"
entrypoints: websecure
tls:
certResolver: myresolver
router-code:
rule: "Host(`code.huguette.ovh`)"
service: "service-code"
entrypoints: websecure
tls:
certResolver: myresolver
services:
service-dsm:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:5000"
service-vaultwarden:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:4020"
service-gitea:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:3000"
service-firefly:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:8082"
service-homepage:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:8083"
service-joplin:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:8084"
service-actual:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:8085"
service-jellyfin:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:8096"
service-radarr:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:7979"
service-sonarr:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:8989"
service-transmission:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:9091"
service-flaresolverr:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:8191"
service-grafana:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:8086"
service-homarr:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:8087"
service-adguardhome:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:8089"
service-code:
loadBalancer:
passHostHeader: true
servers:
- url: "http://192.168.1.100:8090"
middlewares:
replacepathregex-nas:
replacepathregex:
regex: "^/nas/(.*)"
replacement: "/$1"
replacepathregex:
replacepathregex:
regex: "^(.*)/(.*)"
replacement: "/$2"
stripprefixregex:
stripPrefixRegex:
regex:
- "/[a-z0-9]+/"
stripprefixregex-firefly:
# stripPrefix:
# prefixes:
# - "/firefly"
replacePathRegex:
regex: "^/firefly/(.*)"
replacement: "/$1"
replacepathregex-homepage:
replacepathregex:
regex: "^/home/(.*)"
replacement: "/$1"
tcp:
routers:
router-adguardhome-tls:
rule: "HostSNI(`dns.huguette.ovh`)"
service: "service-adguardhome-tls"
entrypoints: dot
tls:
certResolver: myresolver
router-gitea-ssh:
rule: "HostSNI(`gitea-ssh.huguette.ovh`)"
service: "service-gitea-ssh"
entrypoints: ssh
services:
service-adguardhome-tls:
loadBalancer:
servers:
- address: "192.168.1.100:53"
service-gitea-ssh:
loadBalancer:
servers:
- address: "192.168.1.100:222"
tls:
stores:
default:
defaultGeneratedCert:
resolver: myresolver
domain:
main: huguettes.freeboxos.fr

46
traefik/traefik.yml Normal file
View File

@ -0,0 +1,46 @@
## Static configuration
entryPoints:
web:
address: ":80"
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: ":443"
dot:
address: ":853"
ssh:
address: ":222"
certificatesResolvers:
myresolver:
acme:
email: lecoiffiermathieu@gmail.com
storage: /etc/traefik/acme-v2.json
#caServer: https://acme-staging-v02.api.letsencrypt.org/directory
httpChallenge:
# used during the challenge
entryPoint: web
log:
level: DEBUG
api:
insecure: true
dashboard: true
# entryPoint: "web"
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
file:
filename: /etc/traefik/rules.yaml
watch: true

View File

View File

@ -0,0 +1,10 @@
version: '3.8'
services:
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
environment:
WATCHTOWER_SCHEDULE: '0 0 4 * * *'
volumes:
- /var/run/docker.sock:/var/run/docker.sock