Terraform/roles/ind/grail/docker-compose.yml

networks:
  media-network:
    name: media-network
    driver: bridge
    ipam:
      driver: default
      config:
      - subnet: ${DOCKER_SUBNET:?err}
        gateway: ${DOCKER_GATEWAY:?err}

services:
  gluetun:
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    restart: always
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - "8888:8888/tcp"                         # Gluetun Local Network HTTP proxy
      - "8388:8388/tcp"                         # Gluetun Local Network Shadowsocks
      - "8388:8388/udp"                         # Gluetun Local Network Shadowsocks
      - "8200:8200"                             # WebUI Portal: qBittorrent
      - "${QBIT_PORT_TCP:?err}:19841/tcp"        # Transmission Torrent Port TCP
      - "${QBIT_PORT_UDP:?err}:19841/udp"        # Transmission Torrent Port UDP
    env_file:
      - ./docker-compose.env
    volumes:
      - ${FOLDER_FOR_CONFIGS:?err}/gluetun:/gluetun
    environment:
      - PUID=${PUID:?err}
      - PGID=${PGID:?err}
      - TZ=${TIMEZONE:?err}
      - VPN_SERVICE_PROVIDER=${VPN_SERVICE_PROVIDER:?err}
      - OPENVPN_USER=${VPN_USERNAME}
      - OPENVPN_PASSWORD=${VPN_PASSWORD}
      - SERVER_COUNTRIES=${SERVER_COUNTRIES}
      - SERVER_REGION=${SERVER_REGION}
      - SERVER_CITIES=${SERVER_CITIES}
      - SERVER_HOSTNAMES=${SERVER_HOSTNAMES}
      - FIREWALL_OUTBOUND_SUBNETS=${LOCAL_SUBNET:?err}
      - OPENVPN_CUSTOM_CONFIG=${OPENVPN_CUSTOM_CONFIG}
      - VPN_TYPE=${VPN_TYPE}
      - VPN_ENDPOINT_IP=${VPN_ENDPOINT_IP}
      - VPN_ENDPOINT_PORT=${VPN_ENDPOINT_PORT}
      - WIREGUARD_PUBLIC_KEY=${WIREGUARD_PUBLIC_KEY}
      - WIREGUARD_PRIVATE_KEY=${WIREGUARD_PRIVATE_KEY}
      - WIREGUARD_PRESHARED_KEY=${WIREGUARD_PRESHARED_KEY}
      - WIREGUARD_ADDRESSES=${WIREGUARD_ADDRESSES}
      - HTTPPROXY=on
      - SHADOWSOCKS=on
# NOTE: Gluetun VPN container MUST ONLY connect to the media-network
    networks:
      - media-network

  jellyfin:
    image: jellyfin/jellyfin
    container_name: jellyfin
    user: ${PUID:?err}:${PGID:?err}
    restart: unless-stopped
    ports:
      - "${WEBUI_PORT_JELLYFIN:?err}:8096"
    volumes:
      - ${FOLDER_FOR_CONFIGS:?err}/jellyfin/etc/:/config
      - ${FOLDER_FOR_CONFIGS:?err}/jellyfin/var/cache:/cache
      - ${FOLDER_FOR_MEDIA:?err}:/media
      - type: bind
        source: /dev/dri
        target: /dev/dri
        read_only: false
    environment:
      - JELLYFIN_PublishedServerUrl=https://ryantoler.duckdns.org/
    
  jellyseerr:
    image: fallenbagel/jellyseerr:latest
    container_name: jellyseerr
    restart: unless-stopped
    volumes:
      - ${FOLDER_FOR_CONFIGS:?err}/jellyseerr:/app/config
    ports:
      - "${WEBUI_PORT_JELLYSEERR:?err}:5055"
    environment:
      - PUID=${PUID:?err}
      - PGID=${PGID:?err}
      - UMASK=${UMASK:?err}
      - TZ=${TIMEZONE:?err}
    networks:
      - media-network

  prowlarr:
    image: ghcr.io/linuxserver/prowlarr:develop
    container_name: prowlarr
    restart: unless-stopped
    volumes:
      - ${FOLDER_FOR_CONFIGS:?err}/prowlarr:/config
    ports:
      - "${WEBUI_PORT_PROWLARR:?err}:9696"
    environment:
      - PUID=${PUID:?err}
      - PGID=${PGID:?err}
      - TZ=${TIMEZONE:?err}
      - DOCKER_MODS=ghcr.io/gilbn/theme.park:prowlarr
      - TP_THEME=${TP_THEME:?err}
    networks:
      - media-network

  qbittorrent:
    image: ghcr.io/linuxserver/qbittorrent:latest
    container_name: qbittorrent
    restart: unless-stopped
    volumes:
      - ${FOLDER_FOR_CONFIGS:?err}/qbittorrent:/config
      - ${FOLDER_FOR_MEDIA:?err}:/data
      - /downloads:/downloads
    environment:
      - PUID=${PUID:?err}
      - PGID=${PGID:?err}
      - UMASK=${UMASK:?err}
      - TZ=${TIMEZONE:?err}
      - WEBUI_PORT=8200
      #- DOCKER_MODS=ghcr.io/themepark-dev/theme.park:qbittorrent-develop
      #- TP_THEME=${TP_THEME:?err}
    depends_on:
      - gluetun

    network_mode: "service:gluetun"
  qbit-exporter:
    image: caseyscarborough/qbittorrent-exporter:latest
    container_name: qbit-exporter
    ports:
      - "17871:17871"
    environment:
      - QBITTORRENT_USERNAME=admin
      - QBITTORRENT_PASSWORD=hammy1
      - QBITTORRENT_BASE_URL=http://192.168.0.57:8200

  radarr:
    image: ghcr.io/linuxserver/radarr:latest
    container_name: radarr
    restart: unless-stopped
    volumes:
      - /ceph:/downloads
      - ${FOLDER_FOR_CONFIGS:?err}/radarr:/config
      - ${FOLDER_FOR_MEDIA:?err}:/data
    ports:
      - "${WEBUI_PORT_RADARR:?err}:7878"
    environment:
      - PUID=${PUID:?err}
      - PGID=${PGID:?err}
      - TZ=${TIMEZONE:?err}
      - DOCKER_MODS=ghcr.io/gilbn/theme.park:radarr
      - TP_THEME=${TP_THEME:?err}
    networks:
      - media-network