Created
September 20, 2020 22:00
-
-
Save johnf/7777e798cbb33a7c50ddf6506dc44c96 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/netplan/00-installer-config.yaml | |
| ## Comment out everything in here so that eth0 isn't configured | |
| ## Trap for young players - this generates a systemd network config in /run which overrides the one in /etc that you created above and it will take you hours to work that out | |
| # This is the network config written by 'subiquity' | |
| #network: | |
| # ethernets: | |
| # eth0: | |
| # dhcp4: true | |
| # dhcp6: true | |
| # version: 2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /srv/docker/docker-compose.yaml | |
| version: '2.4' | |
| networks: | |
| lan: | |
| name: lan | |
| driver: macvlan | |
| driver_opts: | |
| parent: eth0 | |
| enable_ipv6: true | |
| ipam: | |
| config: | |
| - subnet: 192.168.XX.0/24 | |
| gateway: 192.168.XX.1 | |
| ip_range: 192.168.XX.32/27 | |
| - subnet: 2403:XX00:XX00:XX00::/64 | |
| services: | |
| watchtower: | |
| container_name: watchtower | |
| hostname: watchtower | |
| image: containrrr/watchtower | |
| volumes: | |
| - /run/docker.sock:/var/run/docker.sock | |
| environment: | |
| - TZ=Australia/Sydney | |
| - WATCHTOWER_NOTIFICATIONS=email | |
| - [email protected] | |
| - [email protected] | |
| - WATCHTOWER_NOTIFICATION_EMAIL_SERVER=mail.example.com | |
| - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=587 | |
| - [email protected] | |
| - WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD=XXXXXXX | |
| - WATCHTOWER_CLEANUP=true | |
| - WATCHTOWER_POLL_INTERVAL=3600 | |
| - WATCHTOWER_INCLUDE_STOPPED=true | |
| labels: | |
| traefik.enable: false | |
| restart: always | |
| network_mode: bridge | |
| smokeping: | |
| container_name: smokeping | |
| hostname: smokeping | |
| image: dperson/smokeping | |
| volumes: | |
| - /srv/docker/smokeping/etc:/etc/smokeping:rw | |
| - /srv/docker/smokeping/data:/var/lib/smokeping:rw | |
| # We add the log pipe here because soemthing wierd is breakng it and causing it to hang | |
| - /srv/docker/smokeping/log:/tmp/log:rw | |
| ports: | |
| - 80/tcp | |
| environment: | |
| - TZ=Australia/Sydney | |
| - [email protected] | |
| - OWNER="John Doe" | |
| labels: | |
| traefik.http.routers.smokeping.entrypoints: https | |
| traefik.http.routers.smokeping.tls.certresolver: letsencrypt | |
| traefik.http.services.smokeping.loadbalancer.server.port: 80 | |
| restart: always | |
| networks: | |
| lan: | |
| ipv4_address: 192.168.XX.32 | |
| unifi: | |
| container_name: unifi | |
| hostname: unifi | |
| image: jacobalberty/unifi:stable-6 | |
| volumes: | |
| - /srv/docker/unifi:/unifi | |
| - /srv/docker/certbot-route53/etc/live/unifi.home.example.com:/unifi/cert | |
| - /srv/docker/certbot-route53/etc/archive:/archive | |
| ports: | |
| - 3478/udp # STUN | |
| - 5514/udp # Syslog | |
| - 8080/tcp # Control | |
| - 80/tcp # Web | |
| - 443/tcp # Secure Web | |
| - 6789/tcp # Mobile Speed Test | |
| - 10001/udp # Discovery | |
| - 1900/udp # L2 Discovery | |
| environment: | |
| - RUNAS_UID0=false | |
| - UNIFI_HTTP_PORT=80 | |
| - UNIFI_HTTPS_PORT=443 | |
| - TZ=Australia/Sydney | |
| labels: | |
| traefik.enable: false | |
| restart: always | |
| networks: | |
| lan: | |
| ipv4_address: 192.168.XX.240 | |
| syslog: | |
| container_name: syslog | |
| hostname: syslog | |
| image: balabit/syslog-ng | |
| volumes: | |
| - /srv/docker/syslog/log:/var/log | |
| ports: | |
| - 514/udp | |
| labels: | |
| traefik.enable: false | |
| restart: always | |
| networks: | |
| lan: | |
| ipv4_address: 192.168.XX.33 | |
| certbot-route53: | |
| container_name: certbot-route53 | |
| hostname: certbot-route53 | |
| image: certbot/dns-route53:latest | |
| volumes: | |
| - /srv/docker/certbot-route53/etc:/etc/letsencrypt | |
| - /srv/docker/certbot-route53/varlib:/var/lib/letsencrypt | |
| - /srv/docker/certbot-route53/log:/var/log/letsencrypt | |
| environment: | |
| - AWS_REGION=ap-southeast-2 | |
| - AWS_ACCESS_KEY_ID=XXXX | |
| - AWS_SECRET_ACCESS_KEY=YYYY | |
| # Use this to create the furst time | |
| # command: certonly --dns-route53 -d unifi.home.example.com --agree-tos -m [email protected] --non-interactive | |
| command: renew --force-renewal --no-random-sleep-on-renew | |
| labels: | |
| traefik.enable: false | |
| network_mode: bridge | |
| influxdb: | |
| container_name: influxdb | |
| hostname: influxdb | |
| image: influxdb:latest | |
| volumes: | |
| - /srv/docker/influxdb:/var/lib/influxdb:rw | |
| expose: | |
| - 8086 | |
| environment: | |
| - INFLUXDB_DB=grafana | |
| labels: | |
| traefik.http.routers.influxdb.entrypoints: influxdb | |
| restart: always | |
| network_mode: bridge | |
| telegraf: | |
| container_name: telegraf | |
| hostname: telegraf | |
| image: telegraf:latest | |
| command: telegraf --config-directory /etc/telegraf/telegraf.d | |
| links: | |
| - influxdb:influxdb | |
| volumes: | |
| - /run/docker.sock:/var/run/docker.sock | |
| - /srv/docker/telegraf/telegraf.conf:/etc/telegraf/telegraf.conf:ro | |
| - /srv/docker/telegraf/telegraf.d:/etc/telegraf/telegraf.d:ro | |
| - /srv/docker/telegraf/mibs:/root/.snmp/mibs:ro | |
| labels: | |
| traefik.enable: false | |
| restart: always | |
| network_mode: bridge | |
| traefik: | |
| container_name: traefik | |
| hostname: traefik | |
| image: traefik:latest | |
| volumes: | |
| - /run/docker.sock:/var/run/docker.sock | |
| - /srv/docker/traefik/traefik.yaml:/etc/traefik/traefik.yaml | |
| - /srv/docker/traefik/file.yaml:/etc/traefik/file.yaml | |
| - /srv/docker/traefik/acme.json:/etc/traefik/acme.json | |
| environment: | |
| - AWS_ACCESS_KEY_ID=XXXX | |
| - AWS_SECRET_ACCESS_KEY=YYY | |
| - AWS_REGION=ap-southeast-2 | |
| - AWS_HOSTED_ZONE_ID=ZZZ | |
| labels: | |
| traefik.enable: false | |
| restart: always | |
| network_mode: host | |
| grafana: | |
| container_name: grafana | |
| hostname: grafana | |
| image: grafana/grafana:latest | |
| volumes: | |
| - /srv/docker/grafana:/var/lib/grafana:rw | |
| links: | |
| - influxdb:influxdb | |
| labels: | |
| traefik.http.routers.grafana.entrypoints: https | |
| traefik.http.routers.grafana.tls.certresolver: letsencrypt | |
| restart: always | |
| network_mode: bridge | |
| ampache: | |
| container_name: ampache | |
| hostname: ampache | |
| image: ampache/ampache:latest | |
| volumes: | |
| - /srv/docker/ampache/var/www/config:/var/www/config:rw | |
| - /srv/docker/ampache/var/log/ampache:/var/log/ampache:rw | |
| - /srv/docker/ampache/media:/media:rw | |
| - /srv/docker/ampache/var/lib/mysql:/var/lib/mysql:rw | |
| - /srv/docker/ampache/etc/mysql:/etc/mysql:rw | |
| - /srv/docker/ampache/etc/php.ini:/etc/php/7.3/apache2/php.ini | |
| - /srv/docker/ampache/var/www/themes:/var/www/themes:rw | |
| ports: | |
| - 4041:80/tcp | |
| labels: | |
| traefik.http.routers.ampache.entrypoints: ampache | |
| traefik.http.routers.ampache.tls.certresolver: letsencrypt | |
| restart: always | |
| network_mode: bridge | |
| amber-electric-influxdb: | |
| container_name: amber-electric-influxdb | |
| hostname: amber-electric-influxdb | |
| image: johnf/amber-electric-influxdb | |
| environment: | |
| - [email protected] | |
| - AE_PASSWORD=ZZZZ | |
| - TZ=Australia/Sydney | |
| links: | |
| - influxdb:influxdb | |
| labels: | |
| traefik.enable: false | |
| restart: always | |
| network_mode: bridge |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/systemd/network/eth.network | |
| [Match] | |
| Name=eth0 | |
| [Network] | |
| MACVLAN=mv0 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/systemd/network/mv0.netdev | |
| [NetDev] | |
| Name=mv0 | |
| Kind=macvlan | |
| MACAddress=00:16:3e:BB:CC:XX # https://www.hellion.org.uk/cgi-bin/randmac.pl?scope=global&oui=00%3A16%3A3e&type=unicast | |
| [MACVLAN] | |
| Mode=bridge |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/systemd/network/mv0.network | |
| [Match] | |
| Name=mv0 | |
| [Network] | |
| DHCP=yes | |
| LinkLocalAddressing=ipv6 | |
| [DHCP] | |
| RouteMetric=100 | |
| UseMTU=true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment