docker-compose.yaml

version: '3.8'
services:
    swag:
        image: ghcr.io/linuxserver/swag:2.4.0-ls195
        container_name: swag
        cap_add:
            - NET_ADMIN
        extra_hosts: 
            - "host.docker.internal:host-gateway"
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Europe/Madrid
            - URL="${DOMAIN}"
            - SUBDOMAINS=wildcard
            - VALIDATION=dns
            - CERTPROVIDER=zerossl
            - DNSPLUGIN=cloudflare
            - PROPAGATION=30
            - EMAIL="${EMAIL}"
            - DOCKER_MODS=ghcr.io/linuxserver/mods:swag-crowdsec
            - CROWDSEC_API_KEY=${CROWDSEC_API_KEY}
            - CROWDSEC_LAPI_URL=http://crowdsec:8080
        volumes:
            - /home/pi/repo/swag:/config
        ports:
            - 443:443
            - 80:80 #optional
        restart: unless-stopped
    wireguard-web:
        environment:
        - WG_HOST=${DOMAIN}
        - PASSWORD=${WG_PASSWORD}
        image: weejewel/wg-easy
        container_name: wireguard-web
        volumes:
          - /home/pi/wg-easy:/etc/wireguard
        ports:
          - "51820:51820/udp"
        restart: unless-stopped
        cap_add:
          - NET_ADMIN
          - SYS_MODULE
        sysctls:
          - net.ipv4.ip_forward=1
          - net.ipv4.conf.all.src_valid_mark=1
    wireguard:
        image: lscr.io/linuxserver/wireguard:latest
        container_name: wireguard
        cap_add:
          - NET_ADMIN
          - SYS_MODULE
        environment:
          - PUID=1000
          - PGID=1000
          - TZ=Europe/Madrid
          - SERVERURL=haum.cc #optional
          - SERVERPORT=51820 #optional
          - PEERS=ipad,nil_iphone,steve_iphone,mac_scopely,nil_iphone_14 #optional
          - PEERDNS=auto #optional
          - LOG_CONFS=true #optional
        volumes:
          - /home/pi/wireguard:/config
          - /lib/modules:/lib/modules
        ports:
          - 51820:51820/udp
        restart: unless-stopped
    heimdall:
        image: ghcr.io/linuxserver/heimdall
        container_name: heimdall
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Europe/London
        volumes:
            - /home/pi/heimdall:/config
        expose:
            - 80
            - 443
        restart: unless-stopped
    authelia:
        image: authelia/authelia:4.37.5
        container_name: authelia
        ports: 
            - 9091:9091
        secrets:
            - google_pwd
        environment:
            - TZ=Europe/Madrid
            - PUID=1000
            - PGID=1000
        volumes:
            - /home/pi/authelia:/config
        restart: unless-stopped
    homeassistant:
        container_name: homeassistant
        environment:
            - TZ=Europe/Madrid
        volumes:
            - '/home/pi/repo:/config'
        build:
            dockerfile: ./Dockerfile
            context: patch_homeassistant/
        network_mode: host
        restart: always
    scrypted:
        image: koush/scrypted
        container_name: scrypted
        restart: unless-stopped
        network_mode: host
        volumes:
            - '/home/pi/scrypted/volume:/server/volume'
    google-assistant-relay:
        container_name: assistant-relay
        image: 'tijunoi/rpi-assistant-relay'
        command: npm run start
        volumes:
            - '/home/pi/repo/assistant_relay/config.json:/assistant_relay/bin/config.json:rw'
            - '/home/pi/repo/assistant_relay/audio-responses:/assistant_relay/bin/audio-responses:rw'
        ports:
            - '3000:3000'
        restart: always
    deconz:
        container_name: deconz
        image: deconzcommunity/deconz
        network_mode: host
        privileged: true
        restart: always
        volumes:
            - '/home/pi/deconz:/opt/deCONZ'
            - '/etc/localtime:/etc/localtime:ro'
        devices:
            - /dev/ttyACM0
        environment:
            - DECONZ_DEVICE=/dev/ttyACM0
            - DECONZ_WEB_PORT=8080
            - DECONZ_WS_PORT=8443
            - DEBUG_INFO=1
            - TZ=Europe/Madrid
            - DECONZ_VNC_MODE=1
            - DECONZ_VNC_PASSWORD="${DECONZ_VNC_PASSWORD}"
    webserver:
        container_name: webserver
        image: 'httpd:2.4'
        volumes: 
            - '/home/pi/repo/www/:/usr/local/apache2/htdocs'
        ports:
            - 8084:80
        restart: always
    homebridge:
        container_name: homebridge
        image: oznu/homebridge
        restart: always
        network_mode: host
        environment:
            - TZ=Europe/Madrid
            - PGID=1000
            - PUID=1000
            - HOMEBRIDGE_CONFIG_UI=1
            - HOMEBRIDGE_CONFIG_UI_PORT=8085
        volumes:
            - '/home/pi/repo/homebridge:/homebridge'
    portainer:
        image: portainer/portainer-ce:alpine
        container_name: portainer
        restart: always
        volumes: 
            - '/var/run/docker.sock:/var/run/docker.sock'
        expose:
            - 9000
        ports:
            - 8083:9000
    mqtt:
        container_name: mqtt
        image: eclipse-mosquitto
        restart: unless-stopped
        user: '1000'
        ports:
            - 1883:1883
            - 9001:9001
        volumes:
            - './mosquitto/mosquitto.conf:/mosquitto/config/mosquitto.conf'
            - '/home/pi/mosquitto/data:/mosquitto/data'
    valetudo-mapper:
        container_name: valetudo-mapper
        image: rand256/valetudo-mapper
        restart: always
        volumes:
            - './valetudo-mapper/config.json:/app/config.json'
    duplicati:
        container_name: duplicati
        image: linuxserver/duplicati
        restart: always
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Europe/Madrid
        volumes:
            - '/home/pi/repo/duplicati:/config'
            - '/home/pi:/source'
        ports:
            - 8200:8200
    code-server:
        image: ghcr.io/linuxserver/code-server
        container_name: code-server
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Europe/Madrid
        volumes:
            - /home/pi/vscode:/config
            - /home/pi/homer/:/config/homer
            - /home/pi:/config/pihost
        expose:
            - 8443
        restart: unless-stopped
    homer:
        image: b4bz/homer
        container_name: homer
        volumes:
            - /home/pi/homer:/www/assets
        expose:
            - 8080
        environment:
            - UID=1000
            - GID=1000
        restart: unless-stopped
    kuma:
        container_name: kuma
        image: louislam/uptime-kuma:1
        restart: always
        environment:
            - UID=1000
            - GUD=1000
        volumes:
            - /home/pi/kuma:/app/data
        expose:
            - 3001
    duckdns:
        image: lscr.io/linuxserver/duckdns
        container_name: duckdns
        environment:
            - PUID=1000
            - PGID=1000
            - TZ=Europe/Madrid
            - SUBDOMAINS=hoio
            - FILE__TOKEN=/run/secrets/duckdns_token
        restart: unless-stopped
        secrets:
            - duckdns_token
secrets:
    google_pwd:
        file: ../.secrets/google_pwd.txt
    jwt:
        file: ../.secrets/jwt.txt
    session:
        file: ../.secrets/session.txt
    duckdns_token:
        file: ../.secrets/duckdns_token.txt