-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
87 lines (83 loc) · 2.07 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
services:
gluetun:
image: qmcgaw/gluetun:latest
container_name: gluetun
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- 8080:8080/tcp
- 8888:8888/tcp
volumes:
- /home/searxng/gluetun:/gluetun
environment:
- PUID=1001
- PGID=1001
- TZ=Europe/Paris
- VPN_SERVICE_PROVIDER=${VPN_SERVICE_PROVIDER}
- OPENVPN_USER=${OPENVPN_USER}
- OPENVPN_PASSWORD=${OPENVPN_PASSWORD}
- SERVER_COUNTRIES=${VPN_COUNTRIES}
- HTTPPROXY=off
- SHADOWSOCKS=off
- UPDATER_PERIOD=24h
labels:
- com.centurylinklabs.watchtower.enable=false
security_opt:
- no-new-privileges:true
restart: always
searxng:
image: searxng/searxng
container_name: SearXNG
network_mode: service:gluetun
mem_limit: 512mb
depends_on:
gluetun:
condition: service_healthy
security_opt:
- no-new-privileges:true
volumes:
- /home/searxng/searxng:/etc/searxng:rw
environment:
- SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME}/
restart: always
caddy:
container_name: caddy
image: docker.io/library/caddy:2-alpine
network_mode: host
restart: always
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- caddy-data:/data:rw
- caddy-config:/config:rw
environment:
- SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME}
- SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal}
cap_drop:
- ALL
cap_add:
- NET_BIND_SERVICE
logging:
driver: "json-file"
options:
max-size: "1m"
max-file: "1"
authelia:
container_name: authelia
image: authelia/authelia
network_mode: host
environment:
- TZ=${TIMEZONE}
- X_AUTHELIA_CONFIG_FILTERS=template
- JWT_SECRET=${JWT_SECRET}
- SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME}
- ENCRYPTION_KEY=${ENCRYPTION_KEY}
- SESSION_SECRET=${SESSION_SECRET}
volumes:
- ./authelia/config:/config
hostname: authelia
restart: unless-stopped
volumes:
caddy-data:
caddy-config: