Initial commit

.gitignore

@@ -0,0 +1,3 @@
+docker-compose.yml.backup
+docker-compose.yml.backup.orig
+.env

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+    "python.formatting.provider": "black"
+}

dante/Dockerfile

@@ -0,0 +1,13 @@
+FROM ubuntu
+MAINTAINER rmj014@gmail.com
+RUN apt-get update && apt-get -y upgrade \
+ && apt-get install -y iputils-ping curl net-tools iptables dante-server
+RUN apt-get install -y vim
+
+ADD sockd.conf /etc/danted.conf
+
+RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+ADD run.sh /usr/local/sbin/run
+RUN chmod 755 /usr/local/sbin/run
+ENTRYPOINT /usr/local/sbin/run

dante/Makefile

@@ -0,0 +1,7 @@
+all: build
+
+build:
+	@docker build --tag=dante .
+
+no-cache:
+	@docker build --no-cache --tag=dante .

dante/dante.sh

@@ -0,0 +1,5 @@
+# INTERFACE is either tun0 for openvpn or nordlynx for the obvious
+
+docker kill dante
+docker rm dante
+docker run --privileged -d --name dante --restart unless-stopped -e INTERFACE='tun0' -v /etc/localtime:/etc/localtime:ro --net=container:vpn dante

dante/run.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+[[ -z ${INTERFACE} ]] && INTERFACE=nordlynx
+
+sed -i 's@nordlynx@'"${INTERFACE}"'@g' /etc/danted.conf
+
+service danted restart
+
+while [ 1 ]
+do
+  ifconfig ${INTERFACE}
+  res=$?
+  if [ $res -eq 1 ]
+  then
+    sleep 5
+    exit 0
+  fi
+  sleep 10
+done

dante/sockd.conf

@@ -0,0 +1,34 @@
+debug: 0
+logoutput: stderr
+internal: 0.0.0.0 port = 1080
+external: eth0
+socksmethod: none
+clientmethod: none
+user.privileged: root
+user.unprivileged: nobody
+
+client pass {
+    from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
+    log: error
+}
+
+socks pass {
+    from: 0.0.0.0/0 to: 0.0.0.0/0
+    #socksmethod: username
+    log: error
+}
+
+socks pass {
+    from: 0.0.0.0/0
+    to: 0.0.0.0/0
+    # udp.portrange: 40000-45000
+    command: udpassociate
+    log: error connect disconnect
+}
+
+socks pass {
+    from: 0.0.0.0/0
+    to: 0.0.0.0/0
+    command: bind connect udpassociate bindreply udpreply
+    log: error connect disconnect
+}

dante/sockd.conf.orig

@@ -0,0 +1,34 @@
+debug: 0
+logoutput: stderr
+internal: 0.0.0.0 port = 1080
+external: nordlynx
+socksmethod: none
+clientmethod: none
+user.privileged: root
+user.unprivileged: nobody
+
+client pass {
+    from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
+    log: error
+}
+
+socks pass {
+    from: 0.0.0.0/0 to: 0.0.0.0/0
+    #socksmethod: username
+    log: error
+}
+
+socks pass {
+    from: 0.0.0.0/0
+    to: 0.0.0.0/0
+    # udp.portrange: 40000-45000
+    command: udpassociate
+    log: error connect disconnect
+}
+
+socks pass {
+    from: 0.0.0.0/0
+    to: 0.0.0.0/0
+    command: bind connect udpassociate bindreply udpreply
+    log: error connect disconnect
+}

docker-compose.yml

@@ -0,0 +1,463 @@
+version: "3"
+services:
+  vpn:
+    image: azinchen/nordvpn:latest
+    container_name: vpn
+    cap_add:
+      - NET_ADMIN
+    devices:
+      - /dev/net/tun
+    environment:
+      - USER=${DUSER}
+      - "PASS=${DNORD_PASS}"
+      - COUNTRY=Canada
+      - GROUP=Standard VPN servers
+      - RANDOM_TOP=10
+      - RECREATE_VPN_CRON="5 */3 * * *" -e RANDOM_TOP=10
+      - CHECK_CONNECTION_CRON="*/5 * * * *"
+      - CHECK_CONNECTION_URL="https://www.google.com"
+      - NETWORK=192.168.0.0/24
+      - DNS='8.8.8.8,8.8.4.4'
+      - "TZ=Europe/London"
+      - OPENVPN_OPTS=--mute-replay-warnings --pull-filter ignore "ping-restart" --ping-exit 180
+    ports:
+      # for dante and qbittorrent
+      - 1080:1080
+      - 8082:8082
+    sysctls:
+      - net.ipv6.conf.all.disable_ipv6=1 # Recomended if using ipv4 only
+      - net.ipv4.conf.all.rp_filter=2
+    restart: unless-stopped
+
+  dante:
+    image: dante:latest
+    container_name: dante
+    privileged: true
+    restart: unless-stopped
+    environment:
+      - INTERFACE=tun0
+    network_mode: "service:vpn"
+    depends_on:
+      - "vpn"
+
+  swag:
+    image: lscr.io/linuxserver/swag
+    container_name: swag
+    cap_add:
+      - NET_ADMIN
+    environment:
+      - PUID=1000
+      - PGID=100
+      - URL=${DDOMAIN}
+      - SUBDOMAINS=${DHOSTS}
+      - VALIDATION=http
+      - EMAIL=${DUSER}
+      - ONLY_SUBDOMAINS=false
+      - "TZ=Europe/London"
+      - UMASK_SET=002
+    ports:
+      - 80:80
+      - 443:443
+      - 9091:9091
+    restart: unless-stopped
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/swag/config:/config
+
+  authelia:
+    image: authelia/authelia
+    container_name: authelia
+    environment:
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/authelia/config:/config
+
+  heimdall:
+    image: lscr.io/linuxserver/heimdall
+    container_name: heimdall
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 6465:80
+    volumes:
+      - /srv/docker/heimdall:/config
+
+  sabnzbd:
+    image: lscr.io/linuxserver/sabnzbd:latest
+    container_name: sabnzbd
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "UMASK_SET=002"
+    restart: unless-stopped
+    depends_on:
+      - dante
+    networks:
+      - swag
+    ports:
+      - 8080:8080
+    volumes:
+      - /srv/docker/sabnzbd/config:/config
+      - /srv/docker/sabnzbd/scripts:/scripts
+      - /srv/DL:/downloads
+      - /srv/incomplete-nzb:/incomplete
+
+  qbittorrent:
+    image: lscr.io/linuxserver/qbittorrent
+    container_name: qbittorrent
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "UMASK_SET=002"
+      - "WEBUI_PORT=8082"
+    restart: unless-stopped
+    depends_on:
+      - dante
+    network_mode: "service:vpn"
+    volumes:
+      - /srv/docker/qbittorrent/config:/config
+      - /srv/DL:/downloads
+      - /srv/incomplete:/incomplete
+
+  jackett:
+    image: lscr.io/linuxserver/jackett
+    container_name: jackett
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "dante"
+    networks:
+      - swag
+    ports:
+      - 9117:9117
+    volumes:
+      - /srv/docker/jackett:/config
+
+  radarr:
+    image: lscr.io/linuxserver/radarr
+    container_name: radarr
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "jackett"
+    networks:
+      - swag
+    ports:
+      - 7878:7878
+    volumes:
+      - /srv/docker/radarr/config:/config
+      - /media/qnap1/Movies:/movies
+      - /srv/DL:/downloads
+
+  sonarr:
+    image: lscr.io/linuxserver/sonarr
+    container_name: sonarr
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "jackett"
+    networks:
+      - swag
+    ports:
+      - 8989:8989
+    volumes:
+      - /srv/docker/sonarr/config:/config
+      - /media/qnap1/TV:/tv
+      - /srv/DL:/downloads
+
+  lidarr:
+    image: lscr.io/linuxserver/lidarr
+    container_name: lidarr
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "jackett"
+    networks:
+      - swag
+    ports:
+      - 8686:8686
+    volumes:
+      - /srv/docker/lidarr/config:/config
+      - /media/qnap2/Music/Artists:/music
+      - /srv/DL:/downloads
+
+  tautulli:
+    image: tautulli/tautulli
+    container_name: tautulli
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 8181:8181
+    volumes:
+      - /srv/docker/tautull:/config
+
+  ombi:
+    image: lscr.io/linuxserver/ombi
+    container_name: ombi
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "BASE_URL=/ombi"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 3579:3579
+    volumes:
+      - /srv/docker/ombi/config:/config
+
+  guacamole:
+    image: abesnier/guacamole
+    container_name: guacamole
+    user: root
+    environment:
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 6565:8080
+    volumes:
+      - /srv/docker/guacamole/config:/config
+
+  pyload:
+    image: lscr.io/linuxserver/pyload
+    container_name: pyload
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "BASE_URL=/ombi"
+    restart: unless-stopped
+    ports:
+      - 8000:8000
+      - 7227:7223
+    volumes:
+      - /srv/docker/pyload/config:/config
+      - /srv/DL:/downloads
+
+  redis:
+    image: sameersbn/redis:latest
+    container_name: redis
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/redis:/data
+      - /etc/localtime:/etc/localtime:ro
+
+  postgres:
+    image: sameersbn/postgresql:latest
+    container_name: postgres
+    environment:
+      - 'DB_NAME=gitlabhq_production'
+      - 'DB_USER=gitlab'
+      - 'DB_PASS=${DDB_PASS}'
+      - 'DB_EXTENSION=pg_trgm,btree_gist'
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/postgres:/var/lib/postgresql
+
+  mariadb:
+    image: lscr.io/linuxserver/mariadb
+    container_name: mariadb
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - 'MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}'
+      - TZ=Europe/London
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 3306:3306
+    volumes:
+      - /srv/docker/mariadb:/config
+
+  gitlab:
+    image: sameersbn/gitlab:latest
+    container_name: gitlab
+    environment:
+      - "USERMAP_UID=1000"
+      - "USERMAP_GID=1000"
+      - 'GITLAB_PORT=443'
+      - 'GITLAB_SSH_PORT=10022'
+      - 'GITLAB_HTTPS=true'
+      - 'DB_NAME=gitlabhq_production'
+      - 'DB_HOST=postgres.swag'
+      - 'DB_USER=gitlab'
+      - 'DB_PASS=${DDB_PASS}'
+      - 'GITLAB_HOST=git.${DDOMAIN}'
+      - 'GITLAB_BACKUPS=daily'
+      - 'UNICORN_WORKERS=3'
+      - 'UNICORN_TIMEOUT=240'
+      - 'GITLAB_WEBHOOK_TIMEOUT=240'
+      - 'GITLAB_TIMEOUT=240'
+      - 'SMTP_OPENSSL_VERIFY_MODE=none'
+      - 'REDIS_HOST=redis.swag'
+      - GITLAB_SECRETS_DB_KEY_BASE=${DGITLAB_SECRETS_DB_KEY_BASE}
+      - GITLAB_SECRETS_SECRET_KEY_BASE=${DGITLAB_SECRETS_SECRET_KEY_BASE}
+      - GITLAB_SECRETS_OTP_KEY_BASE=${DGITLAB_SECRETS_OTP_KEY_BASE}
+      - SMTP_USER=${DSMTP_USER}
+      - SMTP_PASS=${DSMTP_PASS}
+      - IMAP_USER=${DSMTP_USER}
+      - IMAP_PASS=${DSMTP_PASS}
+      - GITLAB_INCOMING_EMAIL_ADDRESS=${DGITLAB_INCOMING_EMAIL_ADDRESS}
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+      - "postgres"
+      - "redis"
+    networks:
+      - swag
+    ports:
+      - "10022:22"
+      - "10080:80"
+    volumes:
+      - /var/run/docker.sock:/run/docker.sock
+      - /usr/bin/docker:/bin/docker
+      - /srv/docker/gitlab/data:/home/git/data
+      - /etc/localtime:/etc/localtime:ro
+
+  netdata:
+    image: netdata/netdata
+    container_name: netdata
+    cap_add:
+      - SYS_PTRACE
+    security_opt:
+      - apparmor=unconfined
+    environment:
+      - DOCKER_HOST=docker-proxy:2375
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - "19999:19999"
+    volumes:
+      - /srv/docker/netdata/netdatalib:/var/lib/netdata
+      - /srv/docker/netdata/netdatacache:/var/cache/netdata
+      - /etc/passwd:/host/etc/passwd:ro
+      - /etc/group:/host/etc/group:ro
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+      - /etc/os-release:/host/etc/os-release:ro
+
+  vscode:
+    image: lscr.io/linuxserver/code-server
+    container_name: vscode
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - "TZ=Europe/London"
+      - "PROXY_DOMAIN=code.${DDOMAIN}"
+      - "PASSWORD=${DDEFAULT_PASSWORD}"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - "8443:8443"
+    volumes:
+      - /srv/docker/vscode/config:/config
+
+  cells:
+    image: lscr.io/linuxserver/pydio-cells
+    container_name: cells
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - EXTERNALURL=cells.rmj014.com
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - "8089:8080"
+    volumes:
+      - /srv/docker/cells/config:/config
+
+  wireguard:
+    image: lscr.io/linuxserver/wireguard:latest
+    container_name: wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - "TZ=Europe/London"
+      - SERVERURL=rmj014.com
+      - SERVERPORT=51820
+      - PEERS=10
+      - PEERDNS=auto
+      - ALLOWEDIPS=0.0.0.0/0
+      - LOG_CONFS=true
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 51820:51820/udp
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+    volumes:
+      - /srv/docker/wireguard/config:/config
+      - /lib/modules:/lib/modules
+
+networks:
+  swag:
+    external:
+      name: swag

docker-compose.yml.old_authelia

@@ -0,0 +1,435 @@
+version: "3"
+services:
+  vpn:
+    image: ghcr.io/bubuntux/nordvpn
+    container_name: vpn
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    devices:
+      - "/dev/net/tun"
+    environment:
+      - USER=${DUSER}
+      - "PASS=${DNORD_PASS}"
+      - CONNECT=Canada
+      - TECHNOLOGY=OpenVPN
+      - PROTOCOL=UDP
+      - NETWORK=192.168.0.0/24
+      - DNS='8.8.8.8,8.8.4.4'
+      - "TZ=Europe/London"
+    ports:
+      # for dante and qbittorrent
+      - 1080:1080
+      - 8082:8082
+    sysctls:
+      - net.ipv6.conf.all.disable_ipv6=1 # Recomended if using ipv4 only
+      - net.ipv4.conf.all.rp_filter=2
+    restart: unless-stopped
+
+  dante:
+    image: dante:latest
+    container_name: dante
+    privileged: true
+    restart: unless-stopped
+    environment:
+      - INTERFACE=tun0
+    network_mode: "service:vpn"
+    depends_on:
+      - "vpn"
+
+  swag:
+    image: lscr.io/linuxserver/swag
+    container_name: swag
+    cap_add:
+      - NET_ADMIN
+    environment:
+      - PUID=1000
+      - PGID=100
+      - URL=${DDOMAIN}
+      - SUBDOMAINS=${DHOSTS}
+      - VALIDATION=http
+      - EMAIL=${DUSER}
+      - ONLY_SUBDOMAINS=false
+      - "TZ=Europe/London"
+      - UMASK_SET=002
+    ports:
+      - 80:80
+      - 443:443
+      - 9091:9091
+    restart: unless-stopped
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/swag/config:/config
+
+  authelia:
+    image: authelia/authelia:4.32.2
+    container_name: authelia
+    environment:
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/authelia/config:/config
+    depends_on:
+      - "swag"
+
+  heimdall:
+    image: lscr.io/linuxserver/heimdall
+    container_name: heimdall
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 6465:80
+    volumes:
+      - /srv/docker/heimdall:/config
+    depends_on:
+      - "swag"
+
+  sabnzbd:
+    image: lscr.io/linuxserver/sabnzbd
+    container_name: sabnzbd
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "UMASK_SET=002"
+    restart: unless-stopped
+    depends_on:
+      - dante
+    networks:
+      - swag
+    ports:
+      - 8080:8080
+    volumes:
+      - /srv/docker/sabnzbd/config:/config
+      - /srv/docker/sabnzbd/scripts:/scripts
+      - /srv/DL:/downloads
+      - /srv/incomplete-nzb:/incomplete
+
+  qbittorrent:
+    image: lscr.io/linuxserver/qbittorrent
+    container_name: qbittorrent
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "UMASK_SET=002"
+      - "WEBUI_PORT=8082"
+    restart: unless-stopped
+    depends_on:
+      - dante
+    network_mode: "service:vpn"
+    volumes:
+      - /srv/docker/qbittorrent/config:/config
+      - /srv/DL:/downloads
+      - /srv/incomplete:/incomplete
+
+  jackett:
+    image: lscr.io/linuxserver/jackett
+    container_name: jackett
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "dante"
+    networks:
+      - swag
+    ports:
+      - 9117:9117
+    volumes:
+      - /srv/docker/jackett:/config
+
+  radarr:
+    image: lscr.io/linuxserver/radarr
+    container_name: radarr
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "jackett"
+    networks:
+      - swag
+    ports:
+      - 7878:7878
+    volumes:
+      - /srv/docker/radarr/config:/config
+      - /media/qnap1/Movies:/movies
+      - /srv/DL:/downloads
+
+  sonarr:
+    image: lscr.io/linuxserver/sonarr
+    container_name: sonarr
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "jackett"
+    networks:
+      - swag
+    ports:
+      - 8989:8989
+    volumes:
+      - /srv/docker/sonarr/config:/config
+      - /media/qnap1/TV:/tv
+      - /srv/DL:/downloads
+
+  lidarr:
+    image: lscr.io/linuxserver/lidarr
+    container_name: lidarr
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "jackett"
+    networks:
+      - swag
+    ports:
+      - 8686:8686
+    volumes:
+      - /srv/docker/lidarr/config:/config
+      - /media/qnap2/Music/Artists:/music
+      - /srv/DL:/downloads
+
+  tautulli:
+    image: tautulli/tautulli
+    container_name: tautulli
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 8181:8181
+    volumes:
+      - /srv/docker/tautull:/config
+
+  ombi:
+    image: lscr.io/linuxserver/ombi
+    container_name: ombi
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "BASE_URL=/ombi"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 3579:3579
+    volumes:
+      - /srv/docker/ombi/config:/config
+
+  guacamole:
+    image: abesnier/guacamole
+    container_name: guacamole
+    user: root
+    environment:
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 6565:8080
+    volumes:
+      - /srv/docker/guacamole/config:/config
+
+  pyload:
+    image: lscr.io/linuxserver/pyload
+    container_name: pyload
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "BASE_URL=/ombi"
+    restart: unless-stopped
+    ports:
+      - 8000:8000
+      - 7227:7223
+    volumes:
+      - /srv/docker/pyload/config:/config
+      - /srv/DL:/downloads
+
+  redis:
+    image: sameersbn/redis:latest
+    container_name: redis
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/redis:/data
+      - /etc/localtime:/etc/localtime:ro
+
+  postgres:
+    image: sameersbn/postgresql:latest
+    container_name: postgres
+    environment:
+      - 'DB_NAME=gitlabhq_production'
+      - 'DB_USER=gitlab'
+      - 'DB_PASS=${DDB_PASS}'
+      - 'DB_EXTENSION=pg_trgm,btree_gist'
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/postgres:/var/lib/postgresql
+
+  mariadb:
+    image: lscr.io/linuxserver/mariadb
+    container_name: mariadb
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - 'MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}'
+      - TZ=Europe/London
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 3306:3306
+    volumes:
+      - /srv/docker/mariadb:/config
+
+  gitlab:
+    image: sameersbn/gitlab:latest
+    container_name: gitlab
+    environment:
+      - "USERMAP_UID=1000"
+      - "USERMAP_GID=1000"
+      - 'GITLAB_PORT=443'
+      - 'GITLAB_SSH_PORT=10022'
+      - 'GITLAB_HTTPS=true'
+      - 'DB_NAME=gitlabhq_production'
+      - 'DB_HOST=postgres.swag'
+      - 'DB_USER=gitlab'
+      - 'DB_PASS=${DDB_PASS}'
+      - 'GITLAB_HOST=git.${DDOMAIN}'
+      - 'GITLAB_BACKUPS=daily'
+      - 'UNICORN_WORKERS=3'
+      - 'UNICORN_TIMEOUT=240'
+      - 'GITLAB_WEBHOOK_TIMEOUT=240'
+      - 'GITLAB_TIMEOUT=240'
+      - 'SMTP_OPENSSL_VERIFY_MODE=none'
+      - 'REDIS_HOST=redis.swag'
+      - GITLAB_SECRETS_DB_KEY_BASE=${DGITLAB_SECRETS_DB_KEY_BASE}
+      - GITLAB_SECRETS_SECRET_KEY_BASE=${DGITLAB_SECRETS_SECRET_KEY_BASE}
+      - GITLAB_SECRETS_OTP_KEY_BASE=${DGITLAB_SECRETS_OTP_KEY_BASE}
+      - SMTP_USER=${DSMTP_USER}
+      - SMTP_PASS=${DSMTP_PASS}
+      - IMAP_USER=${DSMTP_USER}
+      - IMAP_PASS=${DSMTP_PASS}
+      - GITLAB_INCOMING_EMAIL_ADDRESS=${DGITLAB_INCOMING_EMAIL_ADDRESS}
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+      - "postgres"
+      - "redis"
+    networks:
+      - swag
+    ports:
+      - "10022:22"
+      - "10080:80"
+    volumes:
+      - /var/run/docker.sock:/run/docker.sock
+      - /usr/bin/docker:/bin/docker
+      - /srv/docker/gitlab/data:/home/git/data
+      - /etc/localtime:/etc/localtime:ro
+
+  netdata:
+    image: netdata/netdata
+    container_name: netdata
+    cap_add:
+      - SYS_PTRACE
+    security_opt:
+      - apparmor=unconfined
+    environment:
+      - DOCKER_HOST=docker-proxy:2375
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - "19999:19999"
+    volumes:
+      - /srv/docker/netdata/netdatalib:/var/lib/netdata
+      - /srv/docker/netdata/netdatacache:/var/cache/netdata
+      - /etc/passwd:/host/etc/passwd:ro
+      - /etc/group:/host/etc/group:ro
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+      - /etc/os-release:/host/etc/os-release:ro
+
+  vscode:
+    image: lscr.io/linuxserver/code-server
+    container_name: vscode
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - "TZ=Europe/London"
+      - "PROXY_DOMAIN=code.${DDOMAIN}"
+      - "PASSWORD=${DDEFAULT_PASSWORD}"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - "8443:8443"
+    volumes:
+      - /srv/docker/vscode/config:/config
+
+  cells:
+    image: lscr.io/linuxserver/pydio-cells
+    container_name: cells
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - EXTERNALURL=cells.rmj014.com
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - "8089:8080"
+    volumes:
+      - /srv/docker/cells/config:/config
+
+networks:
+  swag:
+    external:
+      name: swag

docker-compose.yml.old_vpn

@@ -0,0 +1,464 @@
+version: "3"
+services:
+  vpn:
+    image: ghcr.io/bubuntux/nordvpn
+    container_name: vpn
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    devices:
+      - "/dev/net/tun"
+    environment:
+      - USER=${DUSER}
+      - "PASS=${DNORD_PASS}"
+      - CONNECT=Canada
+      - TECHNOLOGY=OpenVPN
+      - PROTOCOL=UDP
+      - NETWORK=192.168.0.0/24
+      - DNS='8.8.8.8,8.8.4.4'
+      - "TZ=Europe/London"
+    ports:
+      # for dante and qbittorrent
+      - 1080:1080
+      - 8082:8082
+    sysctls:
+      - net.ipv6.conf.all.disable_ipv6=1 # Recomended if using ipv4 only
+      - net.ipv4.conf.all.rp_filter=2
+    restart: unless-stopped
+
+  dante:
+    image: dante:latest
+    container_name: dante
+    privileged: true
+    restart: unless-stopped
+    environment:
+      - INTERFACE=tun0
+    network_mode: "service:vpn"
+    depends_on:
+      - "vpn"
+
+  swag:
+    image: lscr.io/linuxserver/swag
+    container_name: swag
+    cap_add:
+      - NET_ADMIN
+    environment:
+      - PUID=1000
+      - PGID=100
+      - URL=${DDOMAIN}
+      - SUBDOMAINS=${DHOSTS}
+      - VALIDATION=http
+      - EMAIL=${DUSER}
+      - ONLY_SUBDOMAINS=false
+      - "TZ=Europe/London"
+      - UMASK_SET=002
+    ports:
+      - 80:80
+      - 443:443
+      - 9091:9091
+    restart: unless-stopped
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/swag/config:/config
+
+  authelia:
+    image: authelia/authelia
+    container_name: authelia
+    environment:
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/authelia/config:/config
+    depends_on:
+      - "swag"
+
+  heimdall:
+    image: lscr.io/linuxserver/heimdall
+    container_name: heimdall
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 6465:80
+    volumes:
+      - /srv/docker/heimdall:/config
+    depends_on:
+      - "swag"
+
+  sabnzbd:
+    image: lscr.io/linuxserver/sabnzbd:latest
+    container_name: sabnzbd
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "UMASK_SET=002"
+    restart: unless-stopped
+    depends_on:
+      - dante
+    networks:
+      - swag
+    ports:
+      - 8080:8080
+    volumes:
+      - /srv/docker/sabnzbd/config:/config
+      - /srv/docker/sabnzbd/scripts:/scripts
+      - /srv/DL:/downloads
+      - /srv/incomplete-nzb:/incomplete
+
+  qbittorrent:
+    image: lscr.io/linuxserver/qbittorrent
+    container_name: qbittorrent
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "UMASK_SET=002"
+      - "WEBUI_PORT=8082"
+    restart: unless-stopped
+    depends_on:
+      - dante
+    network_mode: "service:vpn"
+    volumes:
+      - /srv/docker/qbittorrent/config:/config
+      - /srv/DL:/downloads
+      - /srv/incomplete:/incomplete
+
+  jackett:
+    image: lscr.io/linuxserver/jackett
+    container_name: jackett
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "dante"
+    networks:
+      - swag
+    ports:
+      - 9117:9117
+    volumes:
+      - /srv/docker/jackett:/config
+
+  radarr:
+    image: lscr.io/linuxserver/radarr
+    container_name: radarr
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "jackett"
+    networks:
+      - swag
+    ports:
+      - 7878:7878
+    volumes:
+      - /srv/docker/radarr/config:/config
+      - /media/qnap1/Movies:/movies
+      - /srv/DL:/downloads
+
+  sonarr:
+    image: lscr.io/linuxserver/sonarr
+    container_name: sonarr
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "jackett"
+    networks:
+      - swag
+    ports:
+      - 8989:8989
+    volumes:
+      - /srv/docker/sonarr/config:/config
+      - /media/qnap1/TV:/tv
+      - /srv/DL:/downloads
+
+  lidarr:
+    image: lscr.io/linuxserver/lidarr
+    container_name: lidarr
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "jackett"
+    networks:
+      - swag
+    ports:
+      - 8686:8686
+    volumes:
+      - /srv/docker/lidarr/config:/config
+      - /media/qnap2/Music/Artists:/music
+      - /srv/DL:/downloads
+
+  tautulli:
+    image: tautulli/tautulli
+    container_name: tautulli
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 8181:8181
+    volumes:
+      - /srv/docker/tautull:/config
+
+  ombi:
+    image: lscr.io/linuxserver/ombi
+    container_name: ombi
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "BASE_URL=/ombi"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 3579:3579
+    volumes:
+      - /srv/docker/ombi/config:/config
+
+  guacamole:
+    image: abesnier/guacamole
+    container_name: guacamole
+    user: root
+    environment:
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 6565:8080
+    volumes:
+      - /srv/docker/guacamole/config:/config
+
+  pyload:
+    image: lscr.io/linuxserver/pyload
+    container_name: pyload
+    environment:
+      - "PUID=1000"
+      - "PGID=100"
+      - "TZ=Europe/London"
+      - "BASE_URL=/ombi"
+    restart: unless-stopped
+    ports:
+      - 8000:8000
+      - 7227:7223
+    volumes:
+      - /srv/docker/pyload/config:/config
+      - /srv/DL:/downloads
+
+  redis:
+    image: sameersbn/redis:latest
+    container_name: redis
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/redis:/data
+      - /etc/localtime:/etc/localtime:ro
+
+  postgres:
+    image: sameersbn/postgresql:latest
+    container_name: postgres
+    environment:
+      - 'DB_NAME=gitlabhq_production'
+      - 'DB_USER=gitlab'
+      - 'DB_PASS=${DDB_PASS}'
+      - 'DB_EXTENSION=pg_trgm,btree_gist'
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    volumes:
+      - /srv/docker/postgres:/var/lib/postgresql
+
+  mariadb:
+    image: lscr.io/linuxserver/mariadb
+    container_name: mariadb
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - 'MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}'
+      - TZ=Europe/London
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 3306:3306
+    volumes:
+      - /srv/docker/mariadb:/config
+
+  gitlab:
+    image: sameersbn/gitlab:latest
+    container_name: gitlab
+    environment:
+      - "USERMAP_UID=1000"
+      - "USERMAP_GID=1000"
+      - 'GITLAB_PORT=443'
+      - 'GITLAB_SSH_PORT=10022'
+      - 'GITLAB_HTTPS=true'
+      - 'DB_NAME=gitlabhq_production'
+      - 'DB_HOST=postgres.swag'
+      - 'DB_USER=gitlab'
+      - 'DB_PASS=${DDB_PASS}'
+      - 'GITLAB_HOST=git.${DDOMAIN}'
+      - 'GITLAB_BACKUPS=daily'
+      - 'UNICORN_WORKERS=3'
+      - 'UNICORN_TIMEOUT=240'
+      - 'GITLAB_WEBHOOK_TIMEOUT=240'
+      - 'GITLAB_TIMEOUT=240'
+      - 'SMTP_OPENSSL_VERIFY_MODE=none'
+      - 'REDIS_HOST=redis.swag'
+      - GITLAB_SECRETS_DB_KEY_BASE=${DGITLAB_SECRETS_DB_KEY_BASE}
+      - GITLAB_SECRETS_SECRET_KEY_BASE=${DGITLAB_SECRETS_SECRET_KEY_BASE}
+      - GITLAB_SECRETS_OTP_KEY_BASE=${DGITLAB_SECRETS_OTP_KEY_BASE}
+      - SMTP_USER=${DSMTP_USER}
+      - SMTP_PASS=${DSMTP_PASS}
+      - IMAP_USER=${DSMTP_USER}
+      - IMAP_PASS=${DSMTP_PASS}
+      - GITLAB_INCOMING_EMAIL_ADDRESS=${DGITLAB_INCOMING_EMAIL_ADDRESS}
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+      - "postgres"
+      - "redis"
+    networks:
+      - swag
+    ports:
+      - "10022:22"
+      - "10080:80"
+    volumes:
+      - /var/run/docker.sock:/run/docker.sock
+      - /usr/bin/docker:/bin/docker
+      - /srv/docker/gitlab/data:/home/git/data
+      - /etc/localtime:/etc/localtime:ro
+
+  netdata:
+    image: netdata/netdata
+    container_name: netdata
+    cap_add:
+      - SYS_PTRACE
+    security_opt:
+      - apparmor=unconfined
+    environment:
+      - DOCKER_HOST=docker-proxy:2375
+      - "TZ=Europe/London"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - "19999:19999"
+    volumes:
+      - /srv/docker/netdata/netdatalib:/var/lib/netdata
+      - /srv/docker/netdata/netdatacache:/var/cache/netdata
+      - /etc/passwd:/host/etc/passwd:ro
+      - /etc/group:/host/etc/group:ro
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+      - /etc/os-release:/host/etc/os-release:ro
+
+  vscode:
+    image: lscr.io/linuxserver/code-server
+    container_name: vscode
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - "TZ=Europe/London"
+      - "PROXY_DOMAIN=code.${DDOMAIN}"
+      - "PASSWORD=${DDEFAULT_PASSWORD}"
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - "8443:8443"
+    volumes:
+      - /srv/docker/vscode/config:/config
+
+  cells:
+    image: lscr.io/linuxserver/pydio-cells
+    container_name: cells
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - EXTERNALURL=cells.rmj014.com
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - "8089:8080"
+    volumes:
+      - /srv/docker/cells/config:/config
+
+  wireguard:
+    image: lscr.io/linuxserver/wireguard:latest
+    container_name: wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - "TZ=Europe/London"
+      - SERVERURL=rmj014.com
+      - SERVERPORT=51820
+      - PEERS=10
+      - PEERDNS=auto
+      - ALLOWEDIPS=0.0.0.0/0
+      - LOG_CONFS=true
+    restart: unless-stopped
+    depends_on:
+      - "swag"
+    networks:
+      - swag
+    ports:
+      - 51820:51820/udp
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+    volumes:
+      - /srv/docker/wireguard/config:/config
+      - /lib/modules:/lib/modules
+
+networks:
+  swag:
+    external:
+      name: swag

env.txt

@@ -0,0 +1,15 @@
+DDEFAULT_PASSWORD=
+DSMTP_PASS=
+DNORD_PASS=
+DDB_PASS=
+DUSER=
+DHOSTS=
+DDOMAIN=
+DGITLAB_SECRETS_DB_KEY_BASE=
+DGITLAB_SECRETS_SECRET_KEY_BASE=
+DGITLAB_SECRETS_OTP_KEY_BASE=
+DSMTP_USER=
+DSMTP_PASS=
+DIMAP_USER=
+DIMAP_PASS=
+DGITLAB_INCOMING_EMAIL_ADDRESS=

monitor.py

@@ -0,0 +1,43 @@
+import subprocess
+import time
+import ipaddress
+
+
+def run_subprocess(cmd, check=True, delay=0):
+    cmd_split = cmd.split(" ")
+    output = subprocess.run(
+        cmd_split, stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=check
+    ).stdout.decode("utf-8")
+    if delay > 0:
+        time.sleep(delay)
+    return output
+
+
+while True:
+    try:
+        myip = run_subprocess("curl ifconfig.co")
+        results1 = run_subprocess("docker exec -it vpn nordvpn status")
+        results2 = run_subprocess("docker exec -it dante curl ifconfig.co")
+
+        NoIP = False
+        try:
+            ip = ipaddress.ip_address(myip.strip())
+            ip = ipaddress.ip_address(results2.strip())
+        except:
+            print("Socks error")
+            NoIP = False
+
+        if NoIP or results1.find("Status: Connected") == -1:  # Not Connected
+            print("Restarting")
+            run_subprocess("docker-compose restart vpn", delay=30)
+            run_subprocess("docker-compose restart dante", delay=10)
+            run_subprocess("docker-compose restart qbittorrent")
+        else:
+            pass
+    except:
+        print("Restarting")
+        run_subprocess("docker-compose restart vpn", delay=30)
+        run_subprocess("docker-compose restart dante", delay=10)
+        run_subprocess("docker-compose restart qbittorrent")
+
+    time.sleep(10 * 60)