version: '3'

services:
  authelia:
    container_name: authelia
    hostname: authelia
    image: authelia/authelia
    environment:
      - TZ=America/Chicago
    ports:
      - 9091:9091
    restart: always
    volumes:
      - ./appdata/authelia/config:/config
    
  dozzle:
    container_name: dozzle
    hostname: dozzle
    image: amir20/dozzle:latest
    environment:
      - DOZZLE_ADDR=:1234
    ports:
      - 9999:1234
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro

  nginxproxymanager:
    container_name: nginxproxymanager
    hostname: nginxproxymanager
    image: jc21/nginx-proxy-manager:latest
    environment:
      - X_FRAME_OPTIONS=sameorigin
      - DB_SQLITE_FILE=/data/database.sqlite
    ports:
      - 8443:443/tcp
      - 8080:80/tcp
      - 8081:81/tcp
    restart: always
    volumes:
      - ./appdata/nginxproxymanager/data:/data
      - ./appdata/nginxproxymanager/letsencrypt:/etc/letsencrypt
      - /etc/localtime:/etc/localtime:ro

  openvpn:
    container_name: openvpn
    hostname: openvpn
    image: kylemanna/openvpn    
    cap_add:
     - NET_ADMIN
    ports:
     - "1194:1194/tcp"
    restart: always
    volumes:
     - ./appdata/openvpn/conf:/etc/openvpn

  openssh-server:
    container_name: openssh-server
    hostname: openssh-server
    image: lscr.io/linuxserver/openssh-server:latest
    environment:
      - PUID=$PUID
      - PGID=$PGID
      - TZ=$TZ
      - PUBLIC_KEY_FILE=/config/aknlw.com.pub
      - USER_NAME=akanealw
    ports:
      - 2222:2222
    restart: always
    volumes:
      - ./appdata/openssh-server/config:/config

  portainer:
    container_name: portainer
    hostname: portainer
    image: portainer/portainer-ce:latest
    environment:
      - AGENT_SECRET=$ADMIN
    ports:
      - 9000:9000/tcp
    restart: always
    volumes:
      - ./appdata/portainer/data:/data
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/localtime:/etc/localtime:ro

  portainer-agent:
    container_name: portainer-agent
    hostname: portainer-agent
    image: portainer/agent:latest
    environment:
      - AGENT_SECRET=$ADMIN
    ports:
      - 9001:9001/tcp
    restart: always
    volumes:
      - /var/lib/docker/volumes:/var/lib/docker/volumes
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/localtime:/etc/localtime:ro

#  privoxyvpn:
#   container_name: privoxyvpn
#    hostname: privoxyvpn
#    image: binhex/arch-privoxyvpn:latest
#    environment:
#      - PGID=0
#      - PUID=0
#      - UMASK=$UMASK
#      - TZ=$TZ
#      - VPN_ENABLED=yes
#      - VPN_PROV=airvpn
#      - VPN_CLIENT=wireguard
#      - ENABLE_SOCKS=no
#      - ENABLE_PRIVOXY=yes
#      - DEBUG=false
#      - LAN_NETWORK=192.168.1.0/24
#      - NAME_SERVERS=209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1
#    privileged: true
#    sysctls:
#      - net.ipv4.conf.all.src_valid_mark=1
#    ports:
#      - 8118:8118/tcp
#    restart: always
#    volumes:
#      - ./appdata/privoxyvpn/config:/config
#      - /etc/localtime:/etc/localtime:ro

  gluetun:
    container_name: gluetun    
    hostname: gluetun
    image: qmcgaw/gluetun
    environment:
      - VPN_SERVICE_PROVIDER=mullvad
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=2FvoteYGU2iKkP80VHNdeRU9+zIOTC1Ksj1EW+P3m0o=
      - WIREGUARD_ADDRESSES=10.66.209.114/32
      - HTTPPROXY=on
      - SERVER_CITIES=Chicago IL
      - TZ=$TZ
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
    volumes:
      - ./appdata/gluetun:/gluetun

networks:
  default: