hermes-docker/core_services/docker-compose.yaml

version: '3.6'
services:
        zerotier:
                image: "zyclonite/zerotier:router"
                container_name: core_zerotier
                devices:
                        - /dev/net/tun
                networks:
                        internal_traffic:
                                ipv4_address: 192.168.2.254
                volumes:
                        - data_zerotier:/var/lib/zerotier-one
                cap_add:
                        - NET_ADMIN
                        - SYS_ADMIN
                        - NET_RAW
                restart: unless-stopped
                deploy:
                        resources:
                                limits:
                                    cpus: '1'
                                    memory: 128M  
                environment:
                        - TZ=Etc/UTC
                        - PUID=999
                        - PGID=994
                        - ZEROTIER_ONE_LOCAL_PHYS=eth0
                        - ZEROTIER_ONE_USE_IPTABLES_NFT=false
                        - ZEROTIER_ONE_GATEWAY_MODE=both
                        - ZEROTIER_ONE_NETWORK_IDS=8286ac0e4750c5f3
                depends_on:
                        - http_proxy
        mail:
                image: 'boky/postfix'
                container_name: core_mail
                networks:
                        internal_traffic:
                                ipv4_address: 192.168.2.20
                restart: unless-stopped
                deploy:
                        resources:
                                limits:
                                    cpus: '0.50'
                                    memory: 128M
                environment:
                       - RELAYHOST=smtp.gmail.com:587
                       - RELAYHOST_USERNAME=${RELAYHOST_USERNAME}
                       - RELAYHOST_PASSWORD=${RELAYHOST_PASSWORD}
                       - ALLOWED_SENDER_DOMAINS=gmail.com gierwialo.com eldorado.city radziel.com                         
        http_proxy:
                image: 'jc21/nginx-proxy-manager:2.9.14'
                container_name: core_proxy
                restart: unless-stopped
                deploy:
                        resources:
                                limits:
                                    cpus: '0.50'
                                    memory: 256M
                networks:
                        internal_traffic:
                                ipv4_address: 192.168.2.253
                volumes:
                        - data_nginx_manager:/data
                        - data_letsencrypt:/etc/letsencrypt
                depends_on:
                        - syslog
        http_proxy2:
                image: docker.io/zoeyvid/npmplus:latest
                container_name: core_proxy2
                restart: unless-stopped
                deploy:
                        resources:
                                limits:
                                    cpus: '0.50'
                                    memory: 256M
                networks:
                        internal_traffic:
                                ipv4_address: 192.168.2.253
                volumes:
                        - "data_nginx_managerplus:/data"
                environment:
                        - "TZ=Europe/Warsaw"
                        - "ACME_EMAIL=certs@radziel.com" # email address which should be used for acme, currently optional, may be required in the future, so I recommend you to enter your email here, optional for letsencrypt, but required for zerossl and google public ca
                depends_on:
                        - syslog

        syslog:
                image: rgsyslog
                hostname: syslog
                container_name: core_syslog
                network_mode: host
                restart: always
                deploy:
                        resources:
                                limits:
                                    cpus: '0.50'
                                    memory: 128M
                volumes:
                        - data_logs:/var/log
                ports:
                        - 514:514
                        - 514:514/udp
                cap_add:
                        - SYSLOG

        ups:
                image: instantlinux/nut-upsd
                container_name: core_ups
                network_mode: host
                privileged: true
                restart: always
                deploy:
                        resources:
                                limits:
                                    cpus: '0.50'
                                    memory: 128M
                devices:
                        - /dev/bus/usb:/dev/bus/usb
                environment:
                        - PORT=auto
                        - NAME=eaton3s
                        - API_USER=upsmon
                        - API_PASSWORD=pass
                        - VENDORID=0463
                        - PRODUCTID=ffff
                        - POLLINTERVAL=5
                        - SDORDER=-1
                cap_add:
                  - SYS_ADMIN
                volumes:
                        - data_ups:/etc/nut
volumes:

        data_zerotier:
                external: true

        data_nginx_managerplus:
                external: true

        data_nginx_manager:
                external: true

        data_letsencrypt_backup:
                external: true
        
        data_letsencrypt:
                external: true

        data_logs:
                external: true

        data_ups:
                external: true

networks:
        internal_traffic:
                external: true
Initial commit 2025-04-01 18:03:17 +00:00			`version: '3.6'`
			`services:`
			`zerotier:`
			`image: "zyclonite/zerotier:router"`
			`container_name: core_zerotier`
			`devices:`
			`- /dev/net/tun`
			`networks:`
			`internal_traffic:`
			`ipv4_address: 192.168.2.254`
			`volumes:`
			`- data_zerotier:/var/lib/zerotier-one`
			`cap_add:`
			`- NET_ADMIN`
			`- SYS_ADMIN`
			`- NET_RAW`
			`restart: unless-stopped`
			`deploy:`
			`resources:`
			`limits:`
			`cpus: '1'`
			`memory: 128M`
			`environment:`
			`- TZ=Etc/UTC`
			`- PUID=999`
			`- PGID=994`
			`- ZEROTIER_ONE_LOCAL_PHYS=eth0`
			`- ZEROTIER_ONE_USE_IPTABLES_NFT=false`
			`- ZEROTIER_ONE_GATEWAY_MODE=both`
			`- ZEROTIER_ONE_NETWORK_IDS=8286ac0e4750c5f3`
			`depends_on:`
			`- http_proxy`
			`mail:`
			`image: 'boky/postfix'`
			`container_name: core_mail`
			`networks:`
			`internal_traffic:`
			`ipv4_address: 192.168.2.20`
			`restart: unless-stopped`
			`deploy:`
			`resources:`
			`limits:`
			`cpus: '0.50'`
			`memory: 128M`
			`environment:`
			`- RELAYHOST=smtp.gmail.com:587`
			`- RELAYHOST_USERNAME=${RELAYHOST_USERNAME}`
			`- RELAYHOST_PASSWORD=${RELAYHOST_PASSWORD}`
			`- ALLOWED_SENDER_DOMAINS=gmail.com gierwialo.com eldorado.city radziel.com`
			`http_proxy:`
			`image: 'jc21/nginx-proxy-manager:2.9.14'`
			`container_name: core_proxy`
			`restart: unless-stopped`
			`deploy:`
			`resources:`
			`limits:`
			`cpus: '0.50'`
			`memory: 256M`
			`networks:`
			`internal_traffic:`
			`ipv4_address: 192.168.2.253`
			`volumes:`
			`- data_nginx_manager:/data`
			`- data_letsencrypt:/etc/letsencrypt`
			`depends_on:`
			`- syslog`
			`http_proxy2:`
			`image: docker.io/zoeyvid/npmplus:latest`
			`container_name: core_proxy2`
			`restart: unless-stopped`
			`deploy:`
			`resources:`
			`limits:`
			`cpus: '0.50'`
			`memory: 256M`
			`networks:`
			`internal_traffic:`
			`ipv4_address: 192.168.2.253`
			`volumes:`
			`- "data_nginx_managerplus:/data"`
			`environment:`
			`- "TZ=Europe/Warsaw"`
			`- "ACME_EMAIL=certs@radziel.com" # email address which should be used for acme, currently optional, may be required in the future, so I recommend you to enter your email here, optional for letsencrypt, but required for zerossl and google public ca`
			`depends_on:`
			`- syslog`

			`syslog:`
			`image: rgsyslog`
			`hostname: syslog`
			`container_name: core_syslog`
			`network_mode: host`
			`restart: always`
			`deploy:`
			`resources:`
			`limits:`
			`cpus: '0.50'`
			`memory: 128M`
			`volumes:`
			`- data_logs:/var/log`
			`ports:`
			`- 514:514`
			`- 514:514/udp`
			`cap_add:`
			`- SYSLOG`

			`ups:`
			`image: instantlinux/nut-upsd`
			`container_name: core_ups`
			`network_mode: host`
			`privileged: true`
			`restart: always`
			`deploy:`
			`resources:`
			`limits:`
			`cpus: '0.50'`
			`memory: 128M`
			`devices:`
			`- /dev/bus/usb:/dev/bus/usb`
			`environment:`
			`- PORT=auto`
			`- NAME=eaton3s`
			`- API_USER=upsmon`
			`- API_PASSWORD=pass`
			`- VENDORID=0463`
			`- PRODUCTID=ffff`
			`- POLLINTERVAL=5`
			`- SDORDER=-1`
			`cap_add:`
			`- SYS_ADMIN`
			`volumes:`
			`- data_ups:/etc/nut`
			`volumes:`

			`data_zerotier:`
			`external: true`

			`data_nginx_managerplus:`
			`external: true`

			`data_nginx_manager:`
			`external: true`

			`data_letsencrypt_backup:`
			`external: true`

			`data_letsencrypt:`
			`external: true`

			`data_logs:`
			`external: true`

			`data_ups:`
			`external: true`

			`networks:`
			`internal_traffic:`
			`external: true`