mg/homeserver
1
0
Fork 0
Code Issues 1 Pull requests 3 Activity Actions
homeserver/docker-compose/navidrome/docker-compose.yml.j2
Michael Grote b0214bdb9a
All checks were successful
ansible-lint / gitleaks (push) Successful in 2s
Details
ansible-lint / Ansible Lint (push) Successful in 22s
Details
container security (#274) 
https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html
Reviewed-on: #274
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>
2025-01-03 14:57:43 +01:00

78 lines
2.4 KiB
Django/Jinja
Raw Blame History

services:
######## navidrome ########
navidrome:
container_name: "navidrome"
image: "deluan/navidrome:0.54.3"
restart: unless-stopped
pull_policy: missing
deploy:
resources:
limits:
cpus: "4"
memory: "512M"
security_opt:
- no-new-privileges=true
environment:
ND_AUTOIMPORTPLAYLISTS: true
ND_BASEURL: /mg
ND_COVERARTPRIORITY: "embedded, cover.*, folder.*, front.*, external"
ND_DATAFOLDER: /data
ND_ENABLEARTWORKPRECACHE: true
ND_ENABLECOVERANIMATION: false
ND_ENABLEEXTERNALSERVICES: false
ND_ENABLEFAVOURITES: true
ND_ENABLEGRAVATAR: false
ND_ENABLEINSIGHTSCOLLECTOR: false
ND_ENABLELOGREDACTING: true
ND_ENABLEMEDIAFILECOVERART: true
ND_ENABLEREPLAYGAIN: true
ND_ENABLESHARING: false
ND_ENABLESTARRATING: false
ND_ENABLETRANSCODINGCONFIG: true
ND_IMAGECACHESIZE: 100MB
ND_JUKEBOX_ENABLED: false
ND_LASTFM_ENABLED: false
ND_LISTENBRAINZ_ENABLED: false
ND_LOGLEVEL: info
ND_MUSICFOLDER: /music
ND_PLAYLISTSPATH: "playlists"
ND_PROMETHEUS_ENABLED: false
ND_RECENTLYADDEDBYMODTIME: true
ND_SCANSCHEDULE: 0 1 * * *
ND_SESSIONTIMEOUT: 24h
ND_TRANSCODINGCACHESIZE: 500MB
ND_BACKUP_PATH: "/backups"
ND_BACKUP_SCHEDULE: "5 22 * * *"
ND_BACKUP_COUNT: "14"
PUID: 1000
PGID: 1000
TZ: Europe/Berlin
ND_ENABLE_EXTERNAL_SERVICES: false
volumes:
- musik_smb_mg:/music:ro
- data:/data
- backups:/backups
networks:
- traefik
labels:
traefik.http.routers.navidrome-mg.rule: Host(`audio.mgrote.net`)&&PathPrefix(`/mg`)
traefik.enable: true
traefik.http.routers.navidrome-mg.tls: true
traefik.http.routers.navidrome-mg.tls.certresolver: resolver_letsencrypt
traefik.http.routers.navidrome-mg.entrypoints: entry_https
traefik.http.services.navidrome-mg.loadbalancer.server.port: 4533
######## Volumes ########
volumes:
data:
backups:
musik_smb_mg: # Verzeichnis in restic aus Backup ausnehmen!
driver: local
driver_opts:
type: "cifs"
o: "user=navidrome,password={{ lookup('viczem.keepass.keepass', 'fileserver/fileserver_smb_user_navidrome', 'password') }}"
device: "//192.168.2.54/musik/Musik"
######## Networks ########
networks:
traefik:
external: true
Reference in a new issue View git blame Copy permalink