Last active
January 27, 2024 10:24
-
-
Save wouterds/3c4ae4af30a56146cb35be7319caec6d to your computer and use it in GitHub Desktop.
Umbrel behind (traefik) reverse proxy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3.7' | |
| x-logging: &default-logging | |
| driver: journald | |
| options: | |
| tag: "{{.Name}}" | |
| services: | |
| tor: | |
| container_name: tor | |
| image: lncm/tor:0.4.4.7@sha256:48094db3afff76472b20cd7b6a41151ef5e380e5ec5e6042c36b0f861236c45f | |
| user: toruser | |
| restart: on-failure | |
| logging: *default-logging | |
| volumes: | |
| - ${PWD}/tor/torrc:/etc/tor/torrc | |
| - ${PWD}/tor/data:/var/lib/tor/ | |
| - ${PWD}/tor/run:/var/run/tor/ | |
| ports: | |
| - "127.0.0.1:$TOR_PROXY_PORT:$TOR_PROXY_PORT" | |
| networks: | |
| default: | |
| ipv4_address: $TOR_PROXY_IP | |
| nginx: | |
| container_name: nginx | |
| image: nginx:1.17.8@sha256:380eb808e2a3b0dd954f92c1cae2f845e6558a15037efefcabc5b4e03d666d03 | |
| logging: *default-logging | |
| depends_on: [ dashboard, manager ] | |
| volumes: | |
| - ${PWD}/nginx:/etc/nginx | |
| restart: on-failure | |
| stop_grace_period: 30s | |
| labels: | |
| - "traefik.enable=true" | |
| - 'traefik.docker.network=reverse-proxy' | |
| - "traefik.http.routers.umbrel.rule=Host(`umbrel.local`)" | |
| - "traefik.http.routers.umbrel.entrypoints=web" | |
| networks: | |
| reverse-proxy: | |
| default: | |
| ipv4_address: $NGINX_IP | |
| bitcoin: | |
| container_name: bitcoin | |
| image: lncm/bitcoind:v0.21.0@sha256:3d1a817524951f1dfe8ca924af34f08c7e07ba99b7d2a2aba176ed9a054f87a4 | |
| logging: *default-logging | |
| depends_on: [ tor, manager, nginx ] | |
| volumes: | |
| - ${PWD}/bitcoin:/data/.bitcoin | |
| restart: on-failure | |
| stop_grace_period: 15m30s | |
| ports: | |
| - "$BITCOIN_P2P_PORT:$BITCOIN_P2P_PORT" | |
| networks: | |
| default: | |
| ipv4_address: $BITCOIN_IP | |
| lnd: | |
| container_name: lnd | |
| image: lncm/lnd:v0.12.1@sha256:bdc442c00bc4dd4d5bfa42efd7d977bfe4d21a08d466c933b9cff7cfc83e0c0e | |
| logging: *default-logging | |
| depends_on: [ tor, manager ] | |
| volumes: | |
| - ${PWD}/lnd:/data/.lnd | |
| restart: on-failure | |
| stop_grace_period: 5m30s | |
| ports: | |
| - "9735:9735" | |
| - "$LND_REST_PORT:$LND_REST_PORT" | |
| - "$LND_GRPC_PORT:$LND_GRPC_PORT" | |
| networks: | |
| default: | |
| ipv4_address: $LND_IP | |
| dashboard: | |
| container_name: dashboard | |
| image: getumbrel/dashboard:v0.3.17@sha256:db9789c29db44db545efbbb8ffdad243afb270ed19a2d23c83710ecc5ffcfb1a | |
| logging: *default-logging | |
| restart: on-failure | |
| stop_grace_period: 1m30s | |
| networks: | |
| default: | |
| ipv4_address: $DASHBOARD_IP | |
| manager: | |
| container_name: manager | |
| image: getumbrel/manager:v0.2.10@sha256:aaeddfd7bd861dc9c418b34a4a4aa83a873e8b0304e28999d1d594eabf0e1b70 | |
| logging: *default-logging | |
| depends_on: [ tor ] | |
| restart: on-failure | |
| stop_grace_period: 5m30s | |
| volumes: | |
| - ${PWD}:${PWD} | |
| - ${PWD}/info.json:/info.json | |
| - ${PWD}/db:/db | |
| - ${PWD}/events/signals:/signals | |
| - ${PWD}/apps:/apps | |
| - ${PWD}/lnd:/lnd:ro | |
| - ${PWD}/statuses:/statuses | |
| - ${PWD}/tor/data:/var/lib/tor/ | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| - ${DOCKER_BINARY:-/usr/bin/docker}:/usr/bin/docker | |
| - jwt-public-key:/jwt-public-key | |
| - jwt-private-key:/jwt-private-key | |
| environment: | |
| PORT: "3006" | |
| USER_PASSWORD_FILE: "/db/user.json" | |
| JWT_PUBLIC_KEY_FILE: "/jwt-public-key/jwt.pem" | |
| JWT_PRIVATE_KEY_FILE: "/jwt-private-key/jwt.key" | |
| JWT_EXPIRATION: "3600" | |
| DOCKER_COMPOSE_DIRECTORY: $PWD | |
| DEVICE_HOSTS: ${DEVICE_HOSTS:-"http://umbrel.local"} | |
| DEVICE_HOSTNAME: ${DEVICE_HOSTNAME:-""} | |
| MIDDLEWARE_API_URL: "http://$MIDDLEWARE_IP" | |
| UMBREL_SEED_FILE: "/db/umbrel-seed/seed" | |
| UMBREL_DASHBOARD_HIDDEN_SERVICE_FILE: "/var/lib/tor/web/hostname" | |
| BITCOIN_P2P_HIDDEN_SERVICE_FILE: "/var/lib/tor/bitcoin-p2p/hostname" | |
| BITCOIN_P2P_PORT: $BITCOIN_P2P_PORT | |
| BITCOIN_RPC_HIDDEN_SERVICE_FILE: "/var/lib/tor/bitcoin-rpc/hostname" | |
| BITCOIN_RPC_PORT: $BITCOIN_RPC_PORT | |
| BITCOIN_RPC_USER: $BITCOIN_RPC_USER | |
| BITCOIN_RPC_PASSWORD: $BITCOIN_RPC_PASS | |
| LND_REST_HIDDEN_SERVICE_FILE: "/var/lib/tor/lnd-rest/hostname" | |
| LND_GRPC_HIDDEN_SERVICE_FILE: "/var/lib/tor/lnd-grpc/hostname" | |
| LND_CERT_FILE: "/lnd/tls.cert" | |
| LND_ADMIN_MACAROON_FILE: "/lnd/data/chain/bitcoin/${BITCOIN_NETWORK}/admin.macaroon" | |
| SHUTDOWN_SIGNAL_FILE: "/signals/shutdown" | |
| REBOOT_SIGNAL_FILE: "/signals/reboot" | |
| GITHUB_REPO: "getumbrel/umbrel" | |
| UMBREL_VERSION_FILE: "/info.json" | |
| UPDATE_STATUS_FILE: "/statuses/update-status.json" | |
| UPDATE_SIGNAL_FILE: "/signals/update" | |
| UPDATE_LOCK_FILE: "/statuses/update-in-progress" | |
| BACKUP_STATUS_FILE: "/statuses/backup-status.json" | |
| TOR_PROXY_IP: "${TOR_PROXY_IP}" | |
| TOR_PROXY_PORT: "${TOR_PROXY_PORT}" | |
| TOR_HIDDEN_SERVICE_DIR: "/var/lib/tor" | |
| networks: | |
| default: | |
| ipv4_address: $MANAGER_IP | |
| middleware: | |
| container_name: middleware | |
| image: getumbrel/middleware:v0.1.9@sha256:8001338c3e6804afc9078eb08e8ee820e9d2c908a44303a3e4968ab57c8ad90b | |
| logging: *default-logging | |
| depends_on: [ manager, bitcoin, lnd ] | |
| command: ["./wait-for-node-manager.sh", $MANAGER_IP, "npm", "start"] | |
| restart: on-failure | |
| volumes: | |
| - ${PWD}/lnd:/lnd | |
| - jwt-public-key:/jwt-public-key | |
| environment: | |
| PORT: "3005" | |
| BITCOIN_HOST: $BITCOIN_IP | |
| RPC_PORT: $BITCOIN_RPC_PORT | |
| RPC_USER: $BITCOIN_RPC_USER | |
| RPC_PASSWORD: $BITCOIN_RPC_PASS | |
| LND_NETWORK: $BITCOIN_NETWORK | |
| LND_HOST: "${LND_IP}" | |
| JWT_PUBLIC_KEY_FILE: "/jwt-public-key/jwt.pem" | |
| DEVICE_HOSTS: ${DEVICE_HOSTS:-"http://umbrel.local"} | |
| networks: | |
| default: | |
| ipv4_address: $MIDDLEWARE_IP | |
| neutrino-switcher: | |
| container_name: neutrino-switcher | |
| image: getumbrel/neutrino-switcher:v1.2.0@sha256:4d9636aabd9d06ed3693173870d6ab57d4e08716c618a0457512d542c4cf9b01 | |
| logging: *default-logging | |
| depends_on: [ bitcoin, lnd ] | |
| restart: on-failure | |
| volumes: | |
| - ${PWD}/lnd:/lnd | |
| - ${PWD}/bitcoin:/bitcoin | |
| - ${PWD}/statuses:/statuses | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| environment: | |
| JSONRPCURL: "http://${BITCOIN_IP}:${BITCOIN_RPC_PORT}" | |
| RPCUSER: $BITCOIN_RPC_USER | |
| RPCPASS: $BITCOIN_RPC_PASS | |
| LND_CONTAINER_NAME: lnd | |
| BITCOIN_CONTAINER_NAME: bitcoin | |
| SLEEPTIME: 3600 | |
| networks: | |
| default: | |
| ipv4_address: $NEUTRINO_SWITCHER_IP | |
| frontail: | |
| container_name: frontail | |
| image: getumbrel/frontail:v4.9.1@sha256:9fa345b7a947361e2732909db8bd316b8157749d7dd9949abd8150eb023906db | |
| logging: *default-logging | |
| restart: on-failure | |
| command: "/var/log/syslog --url-path /logs --number 100 --disable-usage-stats" | |
| volumes: | |
| - /var/log/syslog:/var/log/syslog:ro | |
| networks: | |
| default: | |
| ipv4_address: $FRONTAIL_IP | |
| electrs: | |
| container_name: electrs | |
| image: getumbrel/electrs:v0.8.6@sha256:ecca81b063b23f08414bab91b4cf164b6cb6a485ddede5c1f5810883318954e3 | |
| logging: *default-logging | |
| depends_on: [ bitcoin ] | |
| volumes: | |
| - ${PWD}/bitcoin:/data/.bitcoin:ro | |
| - ${PWD}/electrs:/data | |
| restart: on-failure | |
| stop_grace_period: 5m | |
| ports: | |
| - "$ELECTRUM_PORT:$ELECTRUM_PORT" | |
| networks: | |
| default: | |
| ipv4_address: $ELECTRUM_IP | |
| networks: | |
| default: | |
| name: umbrel_main_network | |
| ipam: | |
| driver: default | |
| config: | |
| - subnet: "$NETWORK_IP/24" | |
| reverse-proxy: | |
| external: true | |
| volumes: | |
| jwt-public-key: | |
| jwt-private-key: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment