version: '3'

services:
  dozzle:
    container_name: dozzle
    hostname: dozzle
    image: amir20/dozzle:latest
    environment:
      - DOZZLE_ADDR=:1234
    labels:
      - traefik.enable=true
      - traefik.http.routers.dozzle.entryPoints=https
      - traefik.http.services.dozzle.loadbalancer.server.port=1234
    ports:
      - 9999:1234
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro

  openvpn:
    container_name: openvpn
    hostname: openvpn
    image: kylemanna/openvpn    
    cap_add:
     - NET_ADMIN
    ports:
     - "1194:1194/tcp"
    restart: always
    volumes:
     - ./appdata/openvpn/conf:/etc/openvpn

  openssh-server:
    container_name: openssh-server
    hostname: openssh-server
    image: lscr.io/linuxserver/openssh-server:latest
    environment:
      - PUID=$PUID
      - PGID=$PGID
      - TZ=$TZ
      - PUBLIC_KEY_FILE=/config/aknlw.com.pub
      - USER_NAME=akanealw
    ports:
      - 2222:2222
    restart: always
    volumes:
      - ./appdata/openssh-server/config:/config

  portainer:
    container_name: portainer
    hostname: portainer
    image: portainer/portainer-ce:latest
    environment:
      - AGENT_SECRET=$ADMIN
    labels:
      - traefik.enable=true
      - traefik.http.routers.portainer.entryPoints=https
      - traefik.http.services.portainer.loadbalancer.server.port=9000
    ports:
      - 9000:9000/tcp
    restart: always
    volumes:
      - ./appdata/portainer/data:/data
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/localtime:/etc/localtime:ro

  portainer-agent:
    container_name: portainer-agent
    hostname: portainer-agent
    image: portainer/agent:latest
    environment:
      - AGENT_SECRET=$ADMIN
    ports:
      - 9001:9001/tcp
    restart: always
    volumes:
      - /var/lib/docker/volumes:/var/lib/docker/volumes
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/localtime:/etc/localtime:ro

  privoxyvpn:
    container_name: privoxyvpn
    hostname: privoxyvpn
    image: binhex/arch-privoxyvpn:latest
    environment:
      - PGID=0
      - PUID=0
      - UMASK=$UMASK
      - TZ=$TZ
      - VPN_ENABLED=yes
      - VPN_PROV=airvpn
      - VPN_CLIENT=wireguard
      - ENABLE_SOCKS=no
      - ENABLE_PRIVOXY=yes
      - DEBUG=false
      - LAN_NETWORK=192.168.1.0/24
      - NAME_SERVERS=209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1
    labels:
      - traefik.enable=true
      - traefik.http.routers.privoxyvpn.entryPoints=https
      - traefik.http.services.privoxyvpn.loadbalancer.server.port=8118
    privileged: true
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    ports:
      - 8118:8118/tcp
    restart: always
    volumes:
      - ./appdata/privoxyvpn/config:/config
      - /etc/localtime:/etc/localtime:ro

  redis:
    container_name: redis
    hostname: redis
    image: redis:alpine
    command: redis-server /redis.conf
    ports:
     - 6379:6379/tcp
    restart: always
    volumes:
      - ./appdata/redis/data:/var/lib/redis
      - ./appdata/redis/redis.conf:/redis.conf

  traefik:
    container_name: traefik
    image: traefik:2.5
    ports:
      - 8080:80
      - 8443:443
      - 8081:8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./appdata/traefik/:/etc/traefik/
    networks:
      - default
    labels:
      traefik.http.routers.api.rule: Host(`traefik.aknlw.com`)
      traefik.http.routers.api.entryPoints: https
      traefik.http.routers.api.service: api@internal
      traefik.enable: true
    environment:
      DO_AUTH_TOKEN: dop_v1_0c437a780149010ce186a09117fa6edec29bda0afecc8831cd8c025798990891
    restart: unless-stopped

networks:
  default: