'All' stack

This stack, or a variation of it, is deployed to all of my docker hosts. This contains useful tools such as

The idea here is to have a standard list of containers deployed to all devices. For example, this stack will automatically enroll any new devices into Beszel for performance monitoring. Watchtower is used to update the Portainer agents

The below compose file is deployed to my VMs

https://github.com/trentnbauer/Homelab/blob/main/docker-compose/all/all-vm.yml

version: '3'
services:
  autoheal:
    deploy:
      replicas: 1
    environment:
      AUTOHEAL_CONTAINER_LABEL: autoheal
      AUTOHEAL_INTERVAL: 60
      AUTOHEAL_START_PERIOD: 240
      AUTOHEAL_DEFAULT_STOP_TIMEOUT: 60
      AUTOHEAL_ONLY_MONITOR_RUNNING: true
      WEBHOOK_URL: ${PUSHOVER_WEBHOOK:-""}
    image: willfarrell/autoheal@sha256:76d1f7341bee169cf08ed56f19d0194ff40ad970d8dfa096316499a3ebf148b0
    network_mode: none
    restart: always
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock
    security_opt:
      - apparmor:unconfined
  
  prunemate-proxy:
    image: ghcr.io/tecnativa/docker-socket-proxy:v0.4.2
    restart: unless-stopped
    security_opt:
      - apparmor:unconfined
    ports:
      - 2375:2375
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    environment:
      - ALLOW_START=1
      - ALLOW_STOP=1
      - ALLOW_RESTART=1
      - IMAGES=1
      - CONTAINERS=1
      - VOLUMES=1
      - NETWORKS=1
      - POST=1
    healthcheck:
      test: wget --spider http://localhost:2375/version || exit 1
      interval: "29s"
      timeout: "5s"
      retries: 3
      start_period: "21s"
    labels:
      - autoheal=true
      
  watchtower:
    image: ghcr.io/containrrr/watchtower:1.7.1
    restart: unless-stopped
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - TZ=${TZ:-Australia/Melbourne}
      - WATCHTOWER_ROLLING_RESTART=true
      - WATCHTOWER_CLEANUP=true
      - WATCHTOWER_INCLUDE_STOPPED=true
      - WATCHTOWER_POLL_INTERVAL=86400
      - WATCHTOWER_LABEL_ENABLE=true

  beszel-agent:
    image: ghcr.io/henrygd/beszel/beszel-agent:0.18.4-alpine@sha256:4855ca363653f4c481ded26765410cdd0501f7bcd05d6343d0fadab6a35e17df
    restart: unless-stopped
    network_mode: host
    cap_add:
      - SYS_RAWIO # required for S.M.A.R.T. data
      - SYS_ADMIN # required for NVMe S.M.A.R.T. data
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /dev:/dev:ro
      - /run/udev:/run/udev:ro
    device_cgroup_rules:
      - 'b 8:* rwm'       # /dev/sd* (SCSI/SATA disks)
      - 'b 259:* rwm'     # /dev/nvme*n* (NVMe namespaces)
      - 'c 10:237 rwm'    # /dev/nvme* (NVMe character device, misc major 10, minor 237)
      - 'c 21:* rwm'      # /dev/sg* (SCSI generic, used by smartctl on some setups)
    environment:
      - LISTEN=${BESZELPORT:-45876}
      - KEY=$BESZELKEY
      - GPU="true"
    healthcheck:
      test: ['CMD', '/agent', 'health']
      start_period: 30s
      interval: 120s
      retries: 3
      timeout: 60s
    labels:
      - autoheal=true

  dockflare:
    image: alplat/dockflare:v2.0.4
    restart: unless-stopped
    security_opt:
      - apparmor:unconfined
    healthcheck:
      test: wget --no-verbose --tries=1 --spider http://localhost:5000 -O /dev/null || exit 1
      interval: 30s
      retries: 3
      start_period: 30s
      timeout: 20s 
    ports:
      - ${DOCKFLAREPORT:-5000}:5000
    environment:
      - TUNNEL_NAME=${HOSTNAME:-MissingHostname}
      - LABEL_PREFIX=dfgeneric
      - CLOUDFLARED_NETWORK_NAME=host
      - CLOUDFLARED_IMAGE=cloudflare/cloudflared:2025.11.1
      - TZ=${TZ:-Australia/Melbourne}
      - CF_API_TOKEN=${CF_APITOKEN}
      - CF_ACCOUNT_ID=${CF_ACCOUNTID}
      - AGENT_STATUS_UPDATE_INTERVAL_SECONDS=5
      - SYNC_ALL_CLOUDFLARE_POLICIES=true
      - TZ=${TZ:-Australia/Melbourne}
      - GRACE_PERIOD_SECONDS=28800
      - CLEANUP_INTERVAL_SECONDS=900
      - SCAN_ALL_NETWORKS=true
      - MAX_CONCURRENT_DNS_OPS=${DOCKFLARE_DNSOPS:-2}
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - dockflare:/app/data
    labels:
      - autoheal=true
      - dfgeneric.enable=true
      - dfgeneric.0.hostname=${HOSTNAME:-MissingHostname}-dockflare.${URLTLD}
      - dfgeneric.0.service=http://${HOSTNAME_FQDN:-localhost}:${DOCKLAREPORT:-5000}
      - dfgeneric.0.access.policy=default_tld
      - dfgeneric.0.zonename=${URLTLD}
      #- dfgeneric.path=${URLPATH:-}

volumes:
  dockflare:
  portacker:

And you can find the other variants of the 'all' stack here:

HomelabPublic/docker-compose/all at main · trentnbauer/HomelabPublicGitHub

PreviousGitOps NextPlex Suite

Last updated 3 months ago

hashtagAnd you can find the other variants of the 'all' stack here:

And you can find the other variants of the 'all' stack here: