version: '3'

services:
  cloudflareddns:
    container_name: cloudflareddns
    hostname: cloudflareddns
    image: hotio/cloudflareddns:latest
    environment:
      - PGID=1000
      - PUID=1000
      - TZ=America/Chicago
      - CF_APITOKEN=eSH_TXT95jL2NrHL8cT6kcrx4X-sdJswxGH1rbT6
      - CF_HOSTS=aknlw.com
      - CF_RECORDTYPES=A
      - CF_USER=akanealw@gmail.com
      - CF_ZONES=aknlw.com
      - DETECTION_MODE=dig-whoami.cloudflare
      - INTERVAL=300
      - LOG_LEVEL=2
    restart: always
    volumes:
      - /docker/appdata/cloudflareddns/config:/config
      - /etc/localtime:/etc/localtime:ro
      
  nginxproxymanager:
    container_name: nginxproxymanager
    hostname: nginxproxymanager
    image: jc21/nginx-proxy-manager:latest
    environment:
      - X_FRAME_OPTIONS=sameorigin
      - DB_SQLITE_FILE=/data/database.sqlite
    ports:
      - 8443:443/tcp
      - 80:80/tcp
      - 81:81/tcp
    restart: always
    volumes:
      - /docker/appdata/nginxproxymanager/data:/data
      - /docker/appdata/nginxproxymanager/letsencrypt:/etc/letsencrypt
      - /etc/localtime:/etc/localtime:ro

  portainer:
    container_name: portainer
    hostname: portainer
    image: portainer/portainer-ce:latest
    environment:
      - AGENT_SECRET=8ung1e1!
    ports:
      - 9000:9000/tcp
    restart: always
    volumes:
      - /docker/appdata/portainer/data:/data
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/localtime:/etc/localtime:ro

  portainer-agent:
    container_name: portainer-agent
    hostname: portainer-agent
    image: portainer/agent:latest
    environment:
      - AGENT_SECRET=8ung1e1!
    ports:
      - 9001:9001/tcp
    restart: always
    volumes:
      - /var/lib/docker/volumes:/var/lib/docker/volumes
      - /var/run/docker.sock:/var/run/docker.sock
      - /etc/localtime:/etc/localtime:ro

  privoxyvpn:
    container_name: privoxyvpn
    hostname: privoxyvpn
    image: binhex/arch-privoxyvpn:latest
    environment:
      - PGID=0
      - PUID=0
      - UMASK=000
      - TZ=America/Chicago
      - VPN_ENABLED=yes
      - VPN_PROV=airvpn
      - VPN_CLIENT=wireguard
      - ENABLE_SOCKS=no
      - ENABLE_PRIVOXY=yes
      - DEBUG=false
      - LAN_NETWORK=192.168.1.0/24
      - NAME_SERVERS=209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1
    privileged: true
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    ports:
      - 8118:8118/tcp
    restart: always
    volumes:
      - /docker/appdata/privoxyvpn/config:/config
      - /etc/localtime:/etc/localtime:ro

  wireguard:
    container_name: wireguard
    hostname: wireguard
    image: lscr.io/linuxserver/wireguard
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Chicago
      - SERVERURL=wg.aknlw.com
      - SERVERPORT=443
      - PEERS=GamingPC,LaptopPC,LGV30S
      - INTERNAL_SUBNET=10.13.13.0
      - ALLOWEDIPS=192.168.1.0/24
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    ports:
      - 51820:51820/udp
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: always
    volumes:
      - /docker/appdata/wireguard/config:/config
      - /lib/modules:/lib/modules