replaced jellyfin and wireguard-pia by plex and expressvpn

[magickarle]

Hi. Thanks for the great package.
I would like to replace jellyfin and wireguard-pia with plex and expressvpn.

I already have a plex server running on another container (I know how to include it in the same network as this package).
But the expressvpn ... it's a bit more complicated i think.
Here is the compose fille i've use and i's getting an error 404 when accessing the homepage container.
I've removed the jellyfin and replaced the wireguard.
I had to change port for expressvpn from 8080 to 8082. Was getting "Error response from daemon: driver failed programming external connectivity on endpoint traefik (bfceefef6fd5aab2fbf085c9e434ad264edec5b099e0384c38d2cb031d0a73e9): Bind for 0.0.0.0:80 failed: port is already allocated"
Had to comment . Was getting "cp: can't stat '/app/config/tpl/*.yaml': No such file or directory"

If you know of an easy way to integrate them, let me know (maybe something obvious will jump)

version: "3.9"
services:
traefik:
image: traefik:v2.9
container_name: traefik
restart: always
environment:
- CLOUDFLARE_EMAIL=${CLOUDFLARE_EMAIL}
- CLOUDFLARE_DNS_API_TOKEN=${CLOUDFLARE_DNS_API_TOKEN}
- CLOUDFLARE_ZONE_API_TOKEN=${CLOUDFLARE_ZONE_API_TOKEN}
- LETS_ENCRYPT_EMAIL=${LETS_ENCRYPT_EMAIL}
command:
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
- --entrypoints.web-secure.address=:443
- --entrypoints.web.http.redirections.entryPoint.to=web-secure
- --entrypoints.web.http.redirections.entryPoint.scheme=https
- --entrypoints.web.http.redirections.entrypoint.permanent=true
- --certificatesresolvers.myresolver.acme.dnschallenge=${DNS_CHALLENGE:-true}
- --certificatesresolvers.myresolver.acme.dnschallenge.provider=${DNS_CHALLENGE_PROVIDER:-cloudflare}
- --certificatesresolvers.myresolver.acme.dnschallenge.resolvers=1.1.1.1:53,8.8.8.8:53
- --certificatesresolvers.myresolver.acme.caserver=${LETS_ENCRYPT_CA_SERVER:-https://acme-v02.api.letsencrypt.org/directory}
- --certificatesresolvers.myresolver.acme.email=${LETS_ENCRYPT_EMAIL}
- --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
ports:
- "80:80"
- "443:443"
volumes:
- ./letsencrypt:/letsencrypt
- "/var/run/docker.sock:/var/run/docker.sock:ro"
sonarr:
image: lscr.io/linuxserver/sonarr
container_name: sonarr
environment:
- PUID=${USER_ID}
- PGID=${GROUP_ID}
- TZ=${TIMEZONE}
volumes:
- ./sonarr:/config
- ${DATA_ROOT}:/data
restart: always
labels:
- traefik.enable=true
- traefik.http.routers.sonarr.rule=(Host(${HOSTNAME}) && PathPrefix(/sonarr))
- traefik.http.routers.sonarr.tls=true
- traefik.http.routers.sonarr.tls.certresolver=myresolver
- traefik.http.services.sonarr.loadbalancer.server.port=8989
- homepage.group=Media
- homepage.name=Sonarr
- homepage.icon=sonarr.png
- homepage.href=/sonarr
- homepage.description=Series management
- homepage.weight=0
- homepage.widget.type=sonarr
- homepage.widget.url=http://sonarr:8989/sonarr
- homepage.widget.key=${SONARR_API_KEY}
radarr:
image: lscr.io/linuxserver/radarr
container_name: radarr
environment:
- PUID=${USER_ID}
- PGID=${GROUP_ID}
- TZ=${TIMEZONE}
volumes:
- ./radarr:/config
- ${DATA_ROOT}:/data
restart: always
labels:
- traefik.enable=true
- traefik.http.routers.radarr.rule=(Host(${HOSTNAME}) && PathPrefix(/radarr))
- traefik.http.routers.radarr.tls=true
- traefik.http.routers.radarr.tls.certresolver=myresolver
- traefik.http.services.radarr.loadbalancer.server.port=7878
- homepage.group=Media
- homepage.name=Radarr
- homepage.icon=radarr.png
- homepage.href=/radarr
- homepage.description=Movies management
- homepage.weight=1
- homepage.widget.type=radarr
- homepage.widget.url=http://radarr:7878/radarr
- homepage.widget.key=${RADARR_API_KEY}
prowlarr:
image: lscr.io/linuxserver/prowlarr:latest
container_name: prowlarr
environment:
- PUID=${USER_ID}
- PGID=${GROUP_ID}
- TZ=${TIMEZONE}
volumes:
- ./prowlarr:/config
restart: always
labels:
- traefik.enable=true
- traefik.http.routers.prowlarr.rule=(Host(${HOSTNAME}) && PathPrefix(/prowlarr))
- traefik.http.routers.prowlarr.tls=true
- traefik.http.routers.prowlarr.tls.certresolver=myresolver
- traefik.http.services.prowlarr.loadbalancer.server.port=9696
- homepage.group=Download
- homepage.name=Prowlarr
- homepage.icon=prowlarr.png
- homepage.href=/prowlarr
- homepage.description=Indexers management
- homepage.weight=4
- homepage.widget.type=prowlarr
- homepage.widget.url=http://prowlarr:9696/prowlarr
- homepage.widget.key=${PROWLARR_API_KEY}
qbittorrent:
image: lscr.io/linuxserver/qbittorrent:libtorrentv1
container_name: qbittorrent
environment:
- PUID=${USER_ID}
- PGID=${GROUP_ID}
- TZ=${TIMEZONE}
- WEBUI_PORT=8080
volumes:
- ./qbittorrent:/config
- ${DOWNLOAD_ROOT}:/data/torrents
restart: always
network_mode: "service:vpn"
depends_on:
vpn:
condition: service_healthy
labels:
- traefik.enable=true
- traefik.http.routers.qbittorrent.rule=(Host(${HOSTNAME}) && PathPrefix(/qbittorrent))
- traefik.http.routers.qbittorrent.tls=true
- traefik.http.routers.qbittorrent.tls.certresolver=myresolver
- traefik.http.services.qbittorrent.loadbalancer.server.port=8080
- traefik.http.routers.qbittorrent.middlewares=qbittorrent-strip-slash,qbittorrent-stripprefix
# qbittorrent/qBittorrent#5693 (comment)
- traefik.http.middlewares.qbittorrent-stripprefix.stripPrefix.prefixes=/qbittorrent
# https://community.traefik.io/t/middleware-to-add-the-if-needed/1895/19
- traefik.http.middlewares.qbittorrent-strip-slash.redirectregex.regex=(^.*/qbittorrent$$)
- traefik.http.middlewares.qbittorrent-strip-slash.redirectregex.replacement=$$1/
- traefik.http.middlewares.qbittorrent-strip-slash.redirectregex.permanent=false
#- com.centurylinklabs.watchtower.depends-on=/vpn
- homepage.group=Download
- homepage.name=qBittorrent
- homepage.icon=qbittorrent.png
- homepage.href=/qbittorrent
- homepage.description=Bittorrent client
- homepage.weight=5
- homepage.widget.type=qbittorrent
- homepage.widget.url=http://vpn:8080
- homepage.widget.username=admin
- homepage.widget.password=adminadmin
vpn:
image: misioslav/expressvpn:latest
container_name: vpn

restart: unless-stopped

ports: # ports from which container that uses vpn connection will be available in local network
  - 8082:80 # example
environment:
  - WHITELIST_DNS=192.168.1.2,8.8.8.8  # Comma seperated list of dns servers you wish to use and whitelist via iptables
  - CODE=My_activation_code # Activation Code from vpn https://www.vpn.com/support/troubleshooting/find-activation-code/
  - SERVER=smart # By default container will connect to smart location, list of available locations you can find below

- DDNS=yourDdnsDomain # optional

- IP=yourStaticIp # optional - won't work if DDNS is setup

- BEAERER=ipInfoAccessToken # optional can be taken from ipinfo.io

  - HEALTHCHECK=healthchecks.ioId # optional can be taken from healthchecks.io
  - NETWORK=on #optional and set to on by default
  - PROTOCOL=lightway_udp \ #optional set default to lightway_udp see protocol and cipher section for more information
  - CIPHER=chacha20 \ #optional set default to chacha20 see protocol and cipher section for more information
cap_add:
  - NET_ADMIN
devices:
  - /dev/net/tun
stdin_open: true
tty: true
command: /bin/bash
privileged: true
volumes:
  - ./pia:/pia
  - ./pia-shared:/pia-shared

healthcheck:
  test: ping -c 1 www.google.com || exit 1
  interval: 30s
  timeout: 10s
  retries: 3
restart: always
labels:
  # network mode is not supported: https://github.com/containrrr/watchtower/issues/1286#issuecomment-1214291660
  - com.centurylinklabs.watchtower.enable=false

homepage:
image: ghcr.io/benphelps/homepage:latest
container_name: homepage
environment:
- HOMEPAGE_VAR_TITLE=${HOMEPAGE_VAR_TITLE}
- HOMEPAGE_VAR_SEARCH_PROVIDER=${HOMEPAGE_VAR_SEARCH_PROVIDER}
- HOMEPAGE_VAR_HEADER_STYLE=${HOMEPAGE_VAR_HEADER_STYLE}
- HOMEPAGE_VAR_WEATHER_CITY=${HOMEPAGE_VAR_WEATHER_CITY}
- HOMEPAGE_VAR_WEATHER_LAT=${HOMEPAGE_VAR_WEATHER_LAT}
- HOMEPAGE_VAR_WEATHER_LONG=${HOMEPAGE_VAR_WEATHER_LONG}
- HOMEPAGE_VAR_WEATHER_TIME=${TIMEZONE}
- HOMEPAGE_VAR_WEATHER_UNIT=${HOMEPAGE_VAR_WEATHER_UNIT}
volumes:
- ./homepage:/app/config
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${DATA_ROOT}:/data
restart: always

command: [sh, -c, "cp -n /app/config/tpl/*.yaml /app/config && node server.js"]

labels:
  - traefik.enable=true
  - traefik.http.routers.homepage.rule=(Host(`${HOSTNAME}`) && PathPrefix(`/`))
  - traefik.http.routers.homepage.tls=true
  - traefik.http.routers.homepage.tls.certresolver=myresolver
  - traefik.http.services.homepage.loadbalancer.server.port=3000

watchtower:
image: containrrr/watchtower
container_name: watchtower
restart: always
environment:
- WATCHTOWER_CLEANUP=true
volumes:
- /var/run/docker.sock:/var/run/docker.sock

networks:
default:
name: docker-compose-nas

[AdrienPoupa]

Hi there,

(bfceefef6fd5aab2fbf085c9e434ad264edec5b099e0384c38d2cb031d0a73e9): Bind for 0.0.0.0:80 failed: port is already allocated"

This means Traefik cannot start on port 80 as you have a different service running on the port already.

As for your other issues, I am afraid they come from using a completely different stack than this one, so I will not be able to provide support, sorry.