Oh boy! where do I even begin.

Lots of changes in this commit: 1. Moved some of the apps to Synology docker stack (dockerc-compose-t2-synology.yml) - Portainer, MariaDB, InfluxDB, Mosquitto MQTT Broker, Cloudflare DDNS, Redis. Add my NUC stack as a separate endpoint NAS Portainer. 2. Implemented Tecnativa Socket Proxy - Traefik, Portainer, Glances, Dozzle, Ouroboros, Docker-GC, Cloudflare Companion 3. Moved from Home Assistant Supervised to Home Assistant Core 4. Fixed multihost CNAME creation in Cloudflare Companion 5. Fully rolled out Docker secrets - Traefik, Authelia, Plex, Guacamole, OAuth, MariaDB, etc.. There are still some images that do not support secrets. 6. Renamed docker-compose-synology-t2.yml to docker-compose-t2-synology.yml 7. Obsoleted SmokePing - no use for me 8. Obsoleted HA-DockerMon - could live without it. Tried to simplify my Home Assistant setup. 9. Obsoleted UniFi Controller - moved it to cloud. 10. Obsoleted Postgres - Hoping to use MySQL for StatPing 11. Updated readme with current information 12. Updated Authelia configuration.yml.example 13. Obsoleted ZoneMinder. Moved to MotionEye, which is much simpler to setup and use. And last a big one that I have been working on: 13. Added docker-compose-t2-web.yml - This is contains all the apps that I run on my Digitial Ocean Virtual Private server. This server runs wordpress and couple of other dynamic (PHP) sites.
fairfield4103 · Aug 17, 2020 · 9e4a061 · 9e4a061
1 parent e5e1ad7
commit 9e4a061
Show file tree

Hide file tree

Showing 8 changed files with 1,143 additions and 871 deletions.
diff --git a/.gitignore b/.gitignore
@@ -9,7 +9,8 @@
 !docker-compose-t2.yml
 !docker-compose-t2-vpn.yml
 !docker-compose-t2-obsolete.yml
-!docker-compose-synology-t2.yml
+!docker-compose-t2-synology.yml
+!docker-compose-t2-web.yml
 !.env.example
 !README.md
 !CHANGELOG.md

diff --git a/README.md b/README.md
@@ -5,7 +5,8 @@ This is the updated docker-compose repo of all the media and home server apps de
 - Docker Media Server with Traefik 2 Reverse Proxy: [https://www.smarthomebeginner.com/traefik-2-docker-tutorial/](https://www.smarthomebeginner.com/traefik-2-docker-tutorial/)
 - Cloudflare Settings for Traefik Docker: DDNS, CNAMEs, & Tweaks: [https://www.smarthomebeginner.com/cloudflare-settings-for-traefik-docker/](https://www.smarthomebeginner.com/cloudflare-settings-for-traefik-docker/)
 - Synology Docker Media Server with Traefik, Docker Compose, and Cloudflare: [https://www.smarthomebeginner.com/synology-docker-media-server/](https://www.smarthomebeginner.com/synology-docker-media-server/)
-- Docker with Google OAuth 2 - [https://www.smarthomebeginner.com/google-oauth-with-traefik-docker/](https://www.smarthomebeginner.com/google-oauth-with-traefik-docker/)
+- Google OAuth 2 MFA Protection for Docker - [https://www.smarthomebeginner.com/google-oauth-with-traefik-docker/](https://www.smarthomebeginner.com/google-oauth-with-traefik-docker/)
+- Authelia MFA Protection for Docker - [https://www.smarthomebeginner.com/docker-authelia-tutorial/](https://www.smarthomebeginner.com/docker-authelia-tutorial/)
 
 ### Old Posts:
 
@@ -23,10 +24,11 @@ The following posts have been combined and updated for Traefik v2 (linked above)
 - docker-compose-t2.yml
 - docker-compose-t2-vpn.yml
 - docker-compose-t2-obsolete.yml (Apps that I do not use anymore)
+- docker-compose-t2-web.yml (Docker stack on Virtual Private Server that Runs Wordpress and Other Websites)
 
 ### Traefik 2 (CURRENT - SYNOLOGY)
 
-- docker-compose-synology-t2.yml (Apps that I run on Synology NAS using Docker Compose)
+- docker-compose-t2-synology.yml (Apps that I run on Synology NAS using Docker Compose)
 - Almost any app from the Traefik v2 docker-compose files listed above can be copy-pasted to the Synology Docker-Compose. I run a few on Synology and the rest on my Intel NUC Linux home server.
 
 ### Traefik 1 (NOT ACTIVELY MAINTAINED)
@@ -55,19 +57,19 @@ We will try to keep this repo up-to-date. For now, here are the apps currently i
 
 ### SMART HOME
 
-- Home Assistant Core - Home Automation (OBSOLETE - since Home Assistant Supervised now works on Docker)
-- HA-Dockermon - Manage Docker containers in Home Assistant
+- Home Assistant Core - Home Automation
+- HA-Dockermon - Manage Docker containers in Home Assistant (OBSOLETE)
 - Mosquitto - MQTT Broker
 - MotionEye - Video Surveillance
-- ZoneMinder - Video Surveillance
+- ZoneMinder - Video Surveillance (OBSOLETE)
 - MiFlora - MiFlora MQTT Daemon (MiFlora Plant Sensors) (OBSOLETE)
 
 ### DATABASE
 
 - MariaDB - MySQL Database
 - phpMyAdmin - Database management
 - InfluxDB - Database for sensor data
-- Postgres - Database
+- Postgres - Database (OBSOLETE)
 - Grafana - Graphical data visualization for InfluxDB data
 - Varken - Monitor Plex, Sonarr, Radarr, and Other Data (OBSOLETE)
 - Redis - Key value store
@@ -126,7 +128,7 @@ We will try to keep this repo up-to-date. For now, here are the apps currently i
 - Dozzle - Docker logs viewer
 - qDirStat - Directory Statistics
 - StatPing - Status Page & Monitoring Server
-- SmokePing - Network Latency Monitoring
+- SmokePing - Network Latency Monitoring (OBSOLETE)
 - VS Code Server - Code Editor
 - Logarr - Log Management (OBSOLETE)
 - Monitorr - Webfront to display the status of any webapp or service (OBSOLETE)

diff --git a/authelia/configuration.yml.example b/authelia/configuration.yml.example
@@ -8,7 +8,7 @@ log_level: warn
 
 # This secret can also be set using the env variables AUTHELIA_JWT_SECRET_FILE
 # I used this site to generate the secret: https://www.grc.com/passwords.htm
-jwt_secret: ENTER_SECRET_HERE
+# jwt_secret: SECRET_GOES_HERE # use docker secret file instead AUTHELIA_JWT_SECRET_FILE
 
 # https://docs.authelia.com/configuration/miscellaneous.html#default-redirection-url
 default_redirection_url: https://authelia.example.com
@@ -19,11 +19,12 @@ totp:
   skew: 1
 
 # Enable the following for Duo Push Notification support
+# https://www.authelia.com/docs/features/2fa/push-notifications.html
 #duo_api:
 #  hostname: api-123456789.example.com
 #  integration_key: ABCDEF
 #  # This secret can also be set using the env variables AUTHELIA_DUO_API_SECRET_KEY_FILE
-#  secret_key: 1234567890abcdefghifjkl
+#  secret_key: # use docker secret file instead AUTHELIA_DUO_API_SECRET_KEY_FILE
 
 authentication_backend:
   file:
@@ -34,7 +35,7 @@ authentication_backend:
       iterations: 1
       salt_length: 16
       parallelism: 8
-      memory: 1024
+      memory: 1024 # blocks this much of the RAM. Tune this.
 
 # https://docs.authelia.com/configuration/access-control.html
 access_control:
@@ -55,12 +56,11 @@ access_control:
     - domain: "example.com"
       policy: two_factor
 
-
 session:
   name: authelia_session
   # This secret can also be set using the env variables AUTHELIA_SESSION_SECRET_FILE
   # Used a different secret, but the same site as jwt_secret above.
-  secret: ENTER_SECRET_HERE
+  # secret: SECRET_GOES_HERE # use docker secret file instead AUTHELIA_SESSION_SECRET_FILE
   expiration: 3600 # 1 hour
   inactivity: 300 # 5 minutes
   domain: example.com # Should match whatever your root protected domain is
@@ -88,13 +88,13 @@ storage:
     database: authelia
     username: DBUSERNAME
     # Password can also be set using a secret: https://docs.authelia.com/configuration/secrets.html
-    password: DBPASSWORD
+    # password: use docker secret file instead AUTHELIA_STORAGE_MYSQL_PASSWORD_FILE
 
 notifier:
   smtp:
     username: SMTP_USERNAME
     # This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE
-    password: SMTP_PASSWORD
+    # password: # use docker secret file instead AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE
     host: SMTP_HOST
     port: 587 #465
     sender: SENDER_EMAIL