This is the updated docker-compose repo of all the media, home, and web server apps described in the following guides on our website:
- Docker Media Server Ubuntu: Compose for 23 Awesome Apps
- Ultimate Traefik Docker Compose Guide [2022] with LetsEncrypt
- WordPress on Docker with Nginx, Traefik, LE SSL, Security, and Speed
- Ultimate Synology NAS Docker Compose Media Server 2022
Documenting, writing guides, and keeping this repo update-to-date takes hundreds of hours of work. Please consider supporting my work to show your appreciation.
- Become a patron and show us your strongest support.
- Please consider buying us a coffee (or two) as a token of appreciation.
- Do you need support or just want to chat with like-minded people. Join our discord.
- The authors will try our best to help but support is not guaranteed. But you will find others who might have went through what you are going through and may be willing to pay it forward and help.
When you are ready to upgrade to Traefik or prefer Traefik over Nginx Proxy Manager, I strongly suggest getting Traefik and Traefik dashboard up and running before adding any other app.
Go step-by-step. If you bite too big of a piece, I guarantee you will choke.
Supporting Guides:
- How to Install Docker and Docker Compose on Ubuntu 22.04 LTS [VIDEO]
- How to Install Docker and Docker Compose on Ubuntu 20.04 LTS
- Cloudflare Settings for Traefik Docker: DDNS, CNAMEs, & Tweaks
- Ultimate Docker to Podman Migration Guide: It's NOT difficult
- Nextcloud Docker with Traefik Reverse Proxy for Beginners
Security Guides:
- Google OAuth 2 MFA Protection for Docker
- Authelia MFA Protection for Docker
- Traefik Docker Security Best Practices
- Crowdsec Docker Compose Guide Part 1: Powerful IPS with Firewall Bouncer
- CrowdSec Docker Part 2: Improved IPS with Cloudflare Bouncer
- CrowdSec Docker Part 3: Traefik Bouncer for Additional Security
- CrowdSec Multiserver Docker (Part 4): For Ultimate Protection
For security, I implemented CrowdSec multi-server setup in 2022. From the stats, it is blocking/mitigating well over 600 intrusion attempts per day on my servers. I will cover this in a separate guide later but you will find the docker-compose CrowdSec, Traefik Bouncer, and Cloudflare Bouncer Bouncers in my repo already.
The following posts have been updated/replaced by the posts linked above:
- Docker Media Server with Traefik 2 Reverse Proxy
- Docker Media Server without Reverse Proxy
- Docker Media Server with Traefik 1 Reverse Proxy
- Synology Docker Media Server with Traefik, Docker Compose, and Cloudflare
- docker-compose-t2.yml - this is my main stack with most apps/services (home aserver), including Traefik
- docker-compose-npm.yml - this is the basic media server stack with Nginx Proxy Manager instead of Traefik
- docker-compose-t2-web.yml - web server specific stack for WordPress and non-WordPress sites with Nginx and Traefik
- docker-compose-t2-synology.yml - apps/services that I run on Synology NAS using Docker Compose for Homelab use
Almost any app/service from the docker-compose files listed above can be copy-pasted to any other compose file in this repo.
- Home Server (docker-compose-t2.yml) - Ubuntu 22.04 Proxmox LXC Container on AMD Ryzen 7 4800u ASROCK 4x4 Box
- Media Server (docker-compose-t2-media-db.yml) - Ubuntu 22.04 Proxmox LXC Container on AMD Ryzen 7 4800u ASROCK 4x4 Box
- Web Server (docker-compose-t2-web.yml) - Digital Ocean VPS (2 cores and 2 GB RAM)
- Synology (docker-compose-t2-synology.yml) - Synology DS918+ NAS.
I use Syncthing to keep certain key files synched between various systems.
The apps I use are scattered around in several different docker-compose files. Click the links below for specific installation guides.
Some apps are used in more than one host and some on only one.
- Traefik - Reverse Proxy
- Nginx Proxy Manager - Reverse Proxy
- Docker Socket Proxy - Secure Proxy for Docker API
- Traefik Custom Error Pages
- OAuth - Google OAuth 2 Forward Authentication
- Authelia - Private Forward Authentication
- Portainer - Container Management
- Organizr - Dashboard for Apps
- Heimdall - Dashboard for Apps
- Homepage - Dashboard for Apps
- Dashy - Dashboard for Apps
- Autoindex - Plain text Index to All Files
- Home Assistant Core - Home Automation
- HA-Dockermon - Manage Docker containers in Home Assistant
- Mosquitto - MQTT Broker
- MotionEye - Video Surveillance
- ZoneMinder - Video Surveillance
- MiFlora - MiFlora MQTT Daemon (MiFlora Plant Sensors)
- MariaDB - MySQL Database
- phpMyAdmin - Database management
- InfluxDB - Database for sensor data
- Postgres - Database
- Grafana - Graphical data visualization for InfluxDB data
- Varken - Monitor Plex, Sonarr, Radarr, and Other Data
- Redis - Key value store
- Redis Commander - Redis management
- jDownloader - Download management
- TransmissionBT with VPN - Torrent Downloader.
- SABnzbd - Binary newsgrabber, NZB downloader
- Nzbget - Binary newsgrabber, NZB downloader
- qBittorrent with Wireguard VPN from Surfshark - Torrent downloader
- NZBHydra2 - NZB meta search
- Jackett - Torrent proxy
- Prowlarr - Torrent proxy
- Lidarr - Music Management
- Radarr - Movie management
- Sonarr - TV Shows management
- LazyLibrarian - Books Management
- Readarr - Books Management
- AirSonic - Music Server
- NaviDrome - Music Server
- FunkWhale - Music Server
- Calibre - Ebook/Audiobook Server
- Calibre-Web - Ebook/Audiobook Reader
- Plex - Media Server
- Emby - Media Server
- Jellyfin - Media Server
- Ombi - Media Requests
- Tautulli - Previously PlexPy. Plex statistics and monitoring
- Plex-Sync - For Syncing watched status between plex servers
- PhotoShow - Personal Photo Gallery and viewer
- TellyTv- IPTV proxy for Plex
- xTeve- IPTV proxy for Plex
- Bazarr - Subtitle Management
- Picard - Music Library Tagging and Management
- Handbrake - Video Conversion, Transcoding, and Compression
- MKVToolNix - Video Editing, Remuxing (changing media container while keeping original source quality)
- MakeMKV - Video Editing (Ripping from Disks)
- FileBot - File renamer
- Tiny Media Manager - Media Files Management
- Firefox - Web Broswer
- Glances - System Information
- APCUPSD - APC UPS Management
- Guacamole - Remote desktop, SSH, on Telnet on any HTML5 Browser
- Guacamole Daemon - Needed for Guacamole
- Dozzle - Docker logs viewer
- qDirStat - Directory Statistics
- StatPing - Status Page & Monitoring Server
- SmokePing - Network Latency Monitoring
- VS Code Server - Code Editor
- Logarr - Log Management
- Monitorr - Webfront to display the status of any webapp or service
- Cloud Commander - Web File Manager
- Cloud9 - Cloud IDE
- SMTP To Telegram - Sends all incoming Email messages to Telegram
- UniFi Controller - Controller for Ubiquiti UniFi Network Gear
- Rclone - Mount Cloud/Google Drive
- MergerFS - Merge local and remote file systems
- Gluetun - VPN client for docker containers and more
- DeUnhealth - Auto restart containers on VPN restart
- AdGuard Home - DNS Sinkhole / Ad-blocker
- Nginx - Web Server
- php7 - PHP-FPM
- Watchtower - Automatic Docker Container Updates
- Docker-GC - Automatic Docker Garbage Collection
- Traefik Certificate Dumper - Extract Traefik SSL Certs
- Cloudflare DDNS - Dynamic IP Updater
- Cloudflare Companion - Automatic CNAME creation for services
- WhoAmI - For testing.
I use bash_aliases to simplify starting and stopping containers/stack. Included in the repo is an example of bash_aliases I use (replace USER with your Linux username). Here are some example alias commands:
- dcup - Start Docker Traefik 2 stack
- dcdown - Stop Docker Traefik 2 stack
- dcrec - Start or recreate a specific service
- dcstop - Stop a specific service
- dcrestart - Restart a specific service
- dclogs - See real-time logs for the corresponding stack or service
- dcpull - Pull new images for the corresponding stack or service