feat: network configure

backups/zerobyte/docker-compose.yml

@@ -10,14 +10,15 @@ services:
       traefik.http.routers.zerobyte.rule: "Host(`zerobyte.${DOMAIN}`)"
       traefik.http.routers.zerobyte.entrypoints: "https"
       traefik.http.routers.zerobyte.tls.certresolver: "cloudflare"
-      traefik.http.services.zerobyte.loadbalancer.server.url: "http://${HOST_IP}:4096"
+      traefik.http.routers.zerobyte.service: "zerobyte"
+      traefik.http.services.zerobyte.loadbalancer.server.port: "4096"
     image: ghcr.io/nicotsx/zerobyte:v0.19
     container_name: zerobyte
     restart: unless-stopped
     cap_add:
       - SYS_ADMIN
-    ports:
+    expose:
-      - "4096:4096"
+      - "4096"
     devices:
       - /dev/fuse:/dev/fuse
     environment:
@@ -27,3 +28,9 @@ services:
       - /etc/localtime:/etc/localtime:ro
       - /var/lib/zerobyte:/var/lib/zerobyte
       - /home/naivegarmur/.config/rclone:/root/.config/rclone
+    networks:
+      - traefik_public
+
+networks:
+  traefik_public:
+    external: true

container_management/portainer/docker-compose.yml

@@ -13,14 +13,19 @@ services:
       traefik.http.routers.portainer.rule: "Host(`portainer.${DOMAIN}`)"
       traefik.http.routers.portainer.entrypoints: "https"
       traefik.http.routers.portainer.tls.certresolver: "cloudflare"
-      traefik.http.services.portainer.loadbalancer.server.url: "https://${HOST_IP}:9443"
+      traefik.http.routers.portainer.service: "portainer"
+      traefik.http.services.portainer.loadbalancer.server.port: "9443"
+      traefik.http.services.portainer.loadbalancer.server.scheme: "https"
       traefik.http.services.portainer.loadbalancer.serverstransport: "insecure@file"
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
       - portainer_data:/data
-    ports:
+    expose:
-      - 9443:9443
+      - 9443
-      - 8000:8000  # Remove if you do not intend to use Edge Agents
+      - 8000  # Remove if you do not intend to use Edge Agents
+    networks:
+      - default
+      - traefik_public
 
 volumes:
   portainer_data:
@@ -29,3 +34,5 @@ volumes:
 networks:
   default:
     name: kendricklab
+  traefik_public:
+    external: true

dashboards/homepage/docker-compose.yml

@@ -2,8 +2,8 @@ services:
   homepage:
     image: ghcr.io/gethomepage/homepage:latest
     container_name: homepage
-    ports:
+    expose:
-      - 3001:3000
+      - 3000
     volumes:
       - ${CONFIG_ROOT}/homepage/config:/app/config
       - /var/run/docker.sock:/var/run/docker.sock:ro
@@ -20,4 +20,11 @@ services:
       traefik.http.routers.homepage.rule: "Host(`${DOMAIN}`)"
       traefik.http.routers.homepage.entrypoints: "https"
       traefik.http.routers.homepage.tls.certresolver: "cloudflare"
-      traefik.http.services.homepage.loadbalancer.server.url: "http://${HOST_IP}:3001"
+      traefik.http.routers.homepage.service: "homepage"
+      traefik.http.services.homepage.loadbalancer.server.port: "3000"
+    networks:
+      - traefik_public
+
+networks:
+  traefik_public:
+    external: true

dns/duckdns/docker-compose.yml

@@ -15,3 +15,9 @@ services:
       homepage.icon: "duckdns.png"
       homepage.href: "https://www.duckdns.org"
       homepage.description: "Dynamic DNS Updater"
+    networks:
+      - traefik_public
+
+networks:
+  traefik_public:
+    external: true

games/core-keeper/docker-compose.yml

@@ -17,3 +17,9 @@ services:
       - ${CONFIG_ROOT}/core-keeper/server-data:/home/steam/core-keeper-data
     environment:
       - DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/1449377878192947241/_fBMK0aw42CB4WCae-xJZSI887APRjOGCB1XwYK9gDEMPVdHeqH2OncvCNg9q1VNxDVn
+    networks:
+      - traefik_public
+
+networks:
+  traefik_public:
+    external: true

media/jellyfin/docker-compose.yml

@@ -11,22 +11,25 @@ services:
     volumes:
       - ${DOCKER_PATH}/jellyfin/config:/config
       - ${MEDIA_PATH}:/media
-    ports:
+    expose:
-      - 8096:8096
+      - 8096
     restart: unless-stopped
     labels:
       # Traefik
       traefik.enable: "true"
       traefik.http.routers.jellyfin.rule: "Host(`jellyfin.${DOMAIN}`)"
       traefik.http.routers.jellyfin.entrypoints: "https"
+      traefik.http.routers.jellyfin.service: "jellyfin"
       traefik.http.routers.jellyfin.tls.certresolver: "cloudflare"
-      traefik.http.services.jellyfin.loadbalancer.server.url: "http://${HOST_IP}:8096"
+      traefik.http.services.jellyfin.loadbalancer.server.port: "8096"
       # Homepage
       homepage.group: "Media"
       homepage.name: "Jellyfin"
       homepage.icon: "jellyfin.svg"
       homepage.href: "https://jellyfin.${DOMAIN}"
       homepage.description: "Media Server"
+    networks:
+      - traefik_public
   jellyseerr:
     image: fallenbagel/jellyseerr
     container_name: jellyseerr
@@ -36,19 +39,26 @@ services:
       - TZ=Etc/UTC
     volumes:
       - ${DOCKER_PATH}/jellyseerr/config:/config
-    ports:
+    expose:
-      - 5055:5055
+      - 5055
     restart: unless-stopped
     labels:
       # Traefik
       traefik.enable: "true"
       traefik.http.routers.jellyseerr.rule: "Host(`jellyseerr.${DOMAIN}`)"
       traefik.http.routers.jellyseerr.entrypoints: "https"
+      traefik.http.routers.jellyseerr.service: "jellyseerr"
       traefik.http.routers.jellyseerr.tls.certresolver: "cloudflare"
-      traefik.http.services.jellyseerr.loadbalancer.server.url: "http://${HOST_IP}:5055"
+      traefik.http.services.jellyseerr.loadbalancer.server.port: "5055"
       # Homepage
       homepage.group: "Media"
       homepage.name: "Jellyseerr"
       homepage.icon: "jellyseerr.svg"
       homepage.href: "https://jellyseerr.${DOMAIN}"
       homepage.description: "Request management"
+    networks:
+      - traefik_public
+
+networks:
+  traefik_public:
+    external: true

monitoring/uptime-kuma/docker-compose.yml

@@ -18,7 +18,14 @@ services:
       traefik.http.routers.uptime-kuma.rule: "Host(`status.${DOMAIN}`)"
       traefik.http.routers.uptime-kuma.entrypoints: "https"
       traefik.http.routers.uptime-kuma.tls.certresolver: "cloudflare"
-      traefik.http.services.uptime-kuma.loadbalancer.server.url: "http://${HOST_IP}:3222"
+      traefik.http.routers.uptime-kuma.service: "uptime-kuma"
-    ports:
+      traefik.http.services.uptime-kuma.loadbalancer.server.port: "3001"
+    expose:
       # <Host Port>:<Container Port>
-      - "3222:3001"
+      - "3001"
+    networks:
+      - traefik_public
+
+networks:
+  traefik_public:
+    external: true

proxies/traefik/docker-compose.yml

@@ -31,7 +31,11 @@ services:
       - "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$apr1$$q8eZFHjF$$Fj9U0fCH4d13F5j3v3v3w0 
       - "traefik.http.routers.traefik.middlewares=traefik-auth"
     networks:
-      - traefik_proxy
+      - traefik_public
+
+networks:
+  traefik_public:
+    name: traefik_public
 
 secrets:
   cf_dns_api_token:

remote_access/cloudflared/docker-compose.yml

@@ -14,3 +14,9 @@ services:
       homepage.icon: "cloudflare.png"
       homepage.href: "https://one.dash.cloudflare.com"
       homepage.description: "Cloudflare Tunnel"
+    networks:
+      - traefik_public
+
+networks:
+  traefik_public:
+    external: true

version_control/gittea/docker-compose.yml

@@ -3,6 +3,8 @@ version: "3"
 networks:
   gitea:
     external: false
+  traefik_public:
+    external: true
 
 services:
   server:
@@ -23,7 +25,8 @@ services:
       traefik.http.routers.gitea.rule: "Host(`gitea.${DOMAIN}`)"
       traefik.http.routers.gitea.entrypoints: "https"
       traefik.http.routers.gitea.tls.certresolver: "cloudflare"
-      traefik.http.services.gitea.loadbalancer.server.url: "http://${HOST_IP}:3000"
+      traefik.http.routers.gitea.service: "gitea"
+      traefik.http.services.gitea.loadbalancer.server.port: "3000"
       # SSH
       traefik.tcp.routers.gitea-ssh.rule: "HostSNI(`git.${DOMAIN}`)"
       traefik.tcp.routers.gitea-ssh.entrypoints: "https"
@@ -32,10 +35,12 @@ services:
       traefik.tcp.services.gitea-ssh.loadbalancer.server.address: "${HOST_IP}:222"
     networks:
       - gitea
+      - traefik_public
     volumes:
       - ${CONFIG_ROOT}/gitea:/data
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
+    expose:
+      - "3000"
     ports:
-      - "3000:3000"
       - "222:22"