1. The problem I’m having:
I get an 502 error trying to connect to Jellyseer.
2. Error messages and/or full log output:
INF ts=1683644345.5041645 msg=using provided configuration config_file=/etc/caddy/Caddyfile config_adapter=caddyfile
WRN ts=1683644345.5058622 msg=Caddyfile input is not formatted; run the 'caddy fmt' command to fix inconsistencies adapter=caddyfile file=/etc/caddy/Caddyfile line=5
INF ts=1683644345.5067253 logger=admin msg=admin endpoint started address=localhost:2019 enforce_origin=false origins=["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]
INF ts=1683644345.506974 logger=http msg=server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS server_name=srv0 https_port=443
INF ts=1683644345.5070517 logger=http msg=enabling automatic HTTP->HTTPS redirects server_name=srv0
INF ts=1683644345.5073438 logger=http msg=enabling HTTP/3 listener addr=:443
INF ts=1683644345.5074701 msg=failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Receive-Buffer-Size for details.
DBG ts=1683644345.5075994 logger=http msg=starting server loop address=[::]:443 tls=true http3=true
INF ts=1683644345.507663 logger=http.log msg=server running name=srv0 protocols=["h1","h2","h3"]
DBG ts=1683644345.5077515 logger=http msg=starting server loop address=[::]:80 tls=false http3=false
INF ts=1683644345.5078135 logger=http.log msg=server running name=remaining_auto_https_redirects protocols=["h1","h2","h3"]
INF ts=1683644345.5078692 logger=http msg=enabling automatic TLS certificate management domains=["scuffedflix.no","jellyseer.scuffedflix.no"]
DBG ts=1683644345.5082324 logger=tls msg=loading managed certificate domain=scuffedflix.no expiration=1691266964 issuer_key=acme-v02.api.letsencrypt.org-directory storage=FileStorage:/data/caddy
DBG ts=1683644345.5085125 logger=tls.cache msg=added certificate to cache subjects=["scuffedflix.no"] expiration=1691266964 managed=true issuer_key=acme-v02.api.letsencrypt.org-directory hash=3798585babdaee91efc5d98a629c1ca01d1a4406126346ef0ff05df3e697b3fc cache_size=1 cache_capacity=10000
DBG ts=1683644345.5086002 logger=events msg=event name=cached_managed_cert id=e51a4c8f-35b9-40cd-a08a-cb5978542cc9 origin=tls data={"sans":["scuffedflix.no"]}
DBG ts=1683644345.5089076 logger=tls msg=loading managed certificate domain=jellyseer.scuffedflix.no expiration=1691267837 issuer_key=acme-v02.api.letsencrypt.org-directory storage=FileStorage:/data/caddy
DBG ts=1683644345.5092773 logger=tls.cache msg=added certificate to cache subjects=["jellyseer.scuffedflix.no"] expiration=1691267837 managed=true issuer_key=acme-v02.api.letsencrypt.org-directory hash=dcf41a19e77d9c451592428583fe19dcfce1d00fc32260553d4a6f91e6e9be22 cache_size=2 cache_capacity=10000
DBG ts=1683644345.509367 logger=events msg=event name=cached_managed_cert id=46d9600d-ffcb-4219-85a3-b6e962c78474 origin=tls data={"sans":["jellyseer.scuffedflix.no"]}
INF ts=1683644345.5095363 msg=autosaved config (load with --resume flag) file=/config/caddy/autosave.json
INF ts=1683644345.5096195 msg=serving initial configuration
INF ts=1683644345.5098152 logger=tls.cache.maintenance msg=started background certificate maintenance cache=0xc00041a930
INF ts=1683644345.5099406 logger=tls msg=cleaning storage unit description=FileStorage:/data/caddy
INF ts=1683644345.5105023 logger=tls msg=finished cleaning storage units
DBG ts=1683644361.689582 logger=events msg=event name=tls_get_certificate id=e8f466b1-b10a-4ab6-adf9-8ca2790ede06 origin=tls data={"client_hello":{"CipherSuites":[4865,4866,4867],"ServerName":"jellyseer.scuffedflix.no","SupportedCurves":[29,23,24],"SupportedPoints":null,"SignatureSchemes":[1027,2052,1025,1283,2053,1281,2054,1537,513],"SupportedProtos":["h3"],"SupportedVersions":[772],"Conn":{}}}
DBG ts=1683644361.6896524 logger=tls.handshake msg=choosing certificate identifier=jellyseer.scuffedflix.no num_choices=1
DBG ts=1683644361.6896617 logger=tls.handshake msg=default certificate selection results identifier=jellyseer.scuffedflix.no subjects=["jellyseer.scuffedflix.no"] managed=true issuer_key=acme-v02.api.letsencrypt.org-directory hash=dcf41a19e77d9c451592428583fe19dcfce1d00fc32260553d4a6f91e6e9be22
DBG ts=1683644361.6896667 logger=tls.handshake msg=matched certificate in cache remote_ip=172.28.10.1 remote_port=45981 subjects=["jellyseer.scuffedflix.no"] managed=true expiration=1691267837 hash=dcf41a19e77d9c451592428583fe19dcfce1d00fc32260553d4a6f91e6e9be22
DBG ts=1683644361.6957102 logger=http.handlers.reverse_proxy msg=selected upstream dial=jellyseer:5055 total_upstreams=1
DBG ts=1683644361.7237878 logger=http.handlers.reverse_proxy msg=upstream roundtrip upstream=jellyseer:5055 duration=0.028022488 request={"remote_ip":"172.28.10.1","remote_port":"45981","proto":"HTTP/3.0","method":"GET","host":"jellyseer.scuffedflix.no","uri":"/","headers":{"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Ch-Ua":["\"Chromium\";v=\"112\", \"Not:A-Brand\";v=\"99\""],"Sec-Ch-Ua-Mobile":["?0"],"X-Forwarded-Proto":["https"],"Sec-Fetch-User":["?1"],"Sec-Fetch-Site":["cross-site"],"Cache-Control":["max-age=0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Accept-Language":["nb-NO,nb;q=0.9,en-GB;q=0.8,en;q=0.7,no;q=0.6,nn;q=0.5,en-US;q=0.4,pl;q=0.3"],"Upgrade-Insecure-Requests":["1"],"Dnt":["1"],"X-Forwarded-For":["172.28.10.1"],"Sec-Fetch-Mode":["navigate"],"Sec-Ch-Ua-Platform":["\"Linux\""],"Sec-Fetch-Dest":["document"],"X-Forwarded-Host":["jellyseer.scuffedflix.no"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"jellyseer.scuffedflix.no"}} error=dial tcp: lookup jellyseer on 127.0.0.11:53: server misbehaving
ERR ts=1683644361.723847 logger=http.log.error msg=dial tcp: lookup jellyseer on 127.0.0.11:53: server misbehaving request={"remote_ip":"172.28.10.1","remote_port":"45981","proto":"HTTP/3.0","method":"GET","host":"jellyseer.scuffedflix.no","uri":"/","headers":{"Accept-Encoding":["gzip, deflate, br"],"Sec-Ch-Ua":["\"Chromium\";v=\"112\", \"Not:A-Brand\";v=\"99\""],"Sec-Ch-Ua-Mobile":["?0"],"Dnt":["1"],"Sec-Fetch-Dest":["document"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Accept-Language":["nb-NO,nb;q=0.9,en-GB;q=0.8,en;q=0.7,no;q=0.6,nn;q=0.5,en-US;q=0.4,pl;q=0.3"],"Sec-Ch-Ua-Platform":["\"Linux\""],"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"],"Cache-Control":["max-age=0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"],"Sec-Fetch-Site":["cross-site"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"jellyseer.scuffedflix.no"}} duration=0.028171338 status=502 err_id=98y11hh78 err_trace=reverseproxy.statusError (reverseproxy.go:1299)
DBG ts=1683644364.085273 logger=events msg=event name=tls_get_certificate id=d512cc9c-667f-407b-9c7a-9d1616d9632d origin=tls data={"client_hello":{"CipherSuites":[56026,4865,4866,4867,49195,49199,49196,49200,52393,52392,49171,49172,156,157,47,53],"ServerName":"scuffedflix.no","SupportedCurves":[56026,29,23,24],"SupportedPoints":"AA==","SignatureSchemes":[1027,2052,1025,1283,2053,1281,2054,1537],"SupportedProtos":["h2","http/1.1"],"SupportedVersions":[51914,772,771],"Conn":{}}}
DBG ts=1683644364.085343 logger=tls.handshake msg=choosing certificate identifier=scuffedflix.no num_choices=1
DBG ts=1683644364.085357 logger=tls.handshake msg=default certificate selection results identifier=scuffedflix.no subjects=["scuffedflix.no"] managed=true issuer_key=acme-v02.api.letsencrypt.org-directory hash=3798585babdaee91efc5d98a629c1ca01d1a4406126346ef0ff05df3e697b3fc
DBG ts=1683644364.0853634 logger=tls.handshake msg=matched certificate in cache remote_ip=172.28.10.1 remote_port=53320 subjects=["scuffedflix.no"] managed=true expiration=1691266964 hash=3798585babdaee91efc5d98a629c1ca01d1a4406126346ef0ff05df3e697b3fc
DBG ts=1683644364.0892344 logger=http.handlers.reverse_proxy msg=selected upstream dial=jellyfin:8096 total_upstreams=1
DBG ts=1683644364.6019523 logger=http.handlers.reverse_proxy msg=upstream roundtrip upstream=jellyfin:8096 duration=0.512666277 request={"remote_ip":"172.28.10.1","remote_port":"53320","proto":"HTTP/2.0","method":"GET","host":"scuffedflix.no","uri":"/Items/7c6e27f3305d1ecdf185b5a434db9bbe/Images/Backdrop/0?tag=58e71794ebcb68e1c18296636edf2349&maxWidth=1920&quality=80","headers":{"X-Forwarded-Proto":["https"],"X-Forwarded-For":["172.28.10.1"],"X-Forwarded-Host":["scuffedflix.no"],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Fetch-Site":["same-origin"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Ch-Ua":["\"Chromium\";v=\"112\", \"Not:A-Brand\";v=\"99\""],"Sec-Fetch-Mode":["no-cors"],"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"],"Dnt":["1"],"Sec-Fetch-Dest":["image"],"Accept-Language":["nb-NO,nb;q=0.9,en-GB;q=0.8,en;q=0.7,no;q=0.6,nn;q=0.5,en-US;q=0.4,pl;q=0.3"],"Sec-Ch-Ua-Platform":["\"Linux\""],"Accept":["image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"scuffedflix.no"}} headers={"Cache-Control":["public, max-age=31536000"],"Transfermode.dlna.org":["Interactive"],"Content-Length":["504454"],"Content-Type":["image/webp"],"Age":["1787059"],"Last-Modified":["Tue, 18 Apr 2023 22:35:06 GMT"],"Vary":["Accept"],"Realtimeinfo.dlna.org":["DLNA.ORG_TLAG=*"],"X-Response-Time-Ms":["383"],"Date":["Tue, 09 May 2023 14:59:24 GMT"],"Server":["Kestrel"]} status=200
DBG ts=1683644381.6823142 logger=http.handlers.reverse_proxy msg=selected upstream dial=jellyfin:8096 total_upstreams=1
DBG ts=1683644381.7208679 logger=http.handlers.reverse_proxy msg=upstream roundtrip upstream=jellyfin:8096 duration=0.038494104 request={"remote_ip":"172.28.10.1","remote_port":"53320","proto":"HTTP/2.0","method":"GET","host":"scuffedflix.no","uri":"/Items/91e28599898565d254c48d8e9936f2b9/Images/Backdrop/0?tag=df100ab7e32cebb7565d98f4844d030c&maxWidth=1920&quality=80","headers":{"X-Forwarded-For":["172.28.10.1"],"X-Forwarded-Proto":["https"],"Sec-Fetch-Dest":["image"],"Sec-Ch-Ua":["\"Chromium\";v=\"112\", \"Not:A-Brand\";v=\"99\""],"Dnt":["1"],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Ch-Ua-Platform":["\"Linux\""],"X-Forwarded-Host":["scuffedflix.no"],"Accept":["image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8"],"Accept-Language":["nb-NO,nb;q=0.9,en-GB;q=0.8,en;q=0.7,no;q=0.6,nn;q=0.5,en-US;q=0.4,pl;q=0.3"],"Sec-Fetch-Mode":["no-cors"],"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Fetch-Site":["same-origin"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"scuffedflix.no"}} headers={"Content-Length":["540538"],"Age":["1723266"],"Last-Modified":["Wed, 19 Apr 2023 16:18:35 GMT"],"X-Response-Time-Ms":["31"],"Content-Type":["image/webp"],"Date":["Tue, 09 May 2023 14:59:41 GMT"],"Server":["Kestrel"],"Cache-Control":["public, max-age=31536000"],"Vary":["Accept"],"Transfermode.dlna.org":["Interactive"],"Realtimeinfo.dlna.org":["DLNA.ORG_TLAG=*"]} status=200
DBG ts=1683644405.6726646 logger=http.handlers.reverse_proxy msg=selected upstream dial=jellyfin:8096 total_upstreams=1
DBG ts=1683644405.6869266 logger=http.handlers.reverse_proxy msg=upstream roundtrip upstream=jellyfin:8096 duration=0.014129928 request={"remote_ip":"172.28.10.1","remote_port":"53320","proto":"HTTP/2.0","method":"GET","host":"scuffedflix.no","uri":"/Items/9894d57025925c3aa96815382b5a0457/Images/Backdrop/0?tag=ada70b15a9777077930b78ed410eb924&maxWidth=1920&quality=80","headers":{"Sec-Fetch-Site":["same-origin"],"Sec-Ch-Ua":["\"Chromium\";v=\"112\", \"Not:A-Brand\";v=\"99\""],"Sec-Fetch-Mode":["no-cors"],"Sec-Fetch-Dest":["image"],"Sec-Ch-Ua-Platform":["\"Linux\""],"Accept":["image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8"],"Accept-Language":["nb-NO,nb;q=0.9,en-GB;q=0.8,en;q=0.7,no;q=0.6,nn;q=0.5,en-US;q=0.4,pl;q=0.3"],"Sec-Ch-Ua-Mobile":["?0"],"X-Forwarded-Host":["scuffedflix.no"],"Accept-Encoding":["gzip, deflate, br"],"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"],"X-Forwarded-For":["172.28.10.1"],"X-Forwarded-Proto":["https"],"Dnt":["1"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"scuffedflix.no"}} headers={"Realtimeinfo.dlna.org":["DLNA.ORG_TLAG=*"],"Content-Length":["492118"],"Date":["Tue, 09 May 2023 15:00:05 GMT"],"Server":["Kestrel"],"Cache-Control":["public, max-age=31536000"],"Vary":["Accept"],"Content-Type":["image/webp"],"Age":["1788363"],"Last-Modified":["Tue, 18 Apr 2023 22:14:02 GMT"],"Transfermode.dlna.org":["Interactive"],"X-Response-Time-Ms":["12"]} status=200
DBG ts=1683644429.6655765 logger=http.handlers.reverse_proxy msg=selected upstream dial=jellyfin:8096 total_upstreams=1
DBG ts=1683644429.6697612 logger=http.handlers.reverse_proxy msg=upstream roundtrip upstream=jellyfin:8096 duration=0.004118453 request={"remote_ip":"172.28.10.1","remote_port":"53320","proto":"HTTP/2.0","method":"GET","host":"scuffedflix.no","uri":"/Items/118a8eb3c501a3bb4325353550fddf7d/Images/Backdrop/0?tag=031e68c0e0704a090f221661a8d76da8&maxWidth=1920&quality=80","headers":{"Sec-Fetch-Mode":["no-cors"],"Accept-Language":["nb-NO,nb;q=0.9,en-GB;q=0.8,en;q=0.7,no;q=0.6,nn;q=0.5,en-US;q=0.4,pl;q=0.3"],"Dnt":["1"],"X-Forwarded-For":["172.28.10.1"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Fetch-Site":["same-origin"],"Sec-Ch-Ua-Mobile":["?0"],"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"],"Accept":["image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8"],"X-Forwarded-Proto":["https"],"X-Forwarded-Host":["scuffedflix.no"],"Sec-Ch-Ua":["\"Chromium\";v=\"112\", \"Not:A-Brand\";v=\"99\""],"Sec-Fetch-Dest":["image"],"Sec-Ch-Ua-Platform":["\"Linux\""]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"scuffedflix.no"}} headers={"Content-Length":["149256"],"Date":["Tue, 09 May 2023 15:00:29 GMT"],"Server":["Kestrel"],"Age":["1910066"],"Vary":["Accept"],"Content-Type":["image/webp"],"Cache-Control":["public, max-age=31536000"],"Last-Modified":["Mon, 17 Apr 2023 12:26:03 GMT"],"Transfermode.dlna.org":["Interactive"],"Realtimeinfo.dlna.org":["DLNA.ORG_TLAG=*"],"X-Response-Time-Ms":["3"]} status=200
DBG ts=1683644453.661118 logger=http.handlers.reverse_proxy msg=selected upstream dial=jellyfin:8096 total_upstreams=1
DBG ts=1683644454.1144319 logger=http.handlers.reverse_proxy msg=upstream roundtrip upstream=jellyfin:8096 duration=0.453266559 request={"remote_ip":"172.28.10.1","remote_port":"53320","proto":"HTTP/2.0","method":"GET","host":"scuffedflix.no","uri":"/Items/8e1a82232c868dd772c7173965895c79/Images/Backdrop/0?tag=ec288721ef62c919ca4db2a51162a841&maxWidth=1920&quality=80","headers":{"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36"],"Accept-Language":["nb-NO,nb;q=0.9,en-GB;q=0.8,en;q=0.7,no;q=0.6,nn;q=0.5,en-US;q=0.4,pl;q=0.3"],"X-Forwarded-For":["172.28.10.1"],"Sec-Ch-Ua-Mobile":["?0"],"Accept":["image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8"],"Sec-Fetch-Mode":["no-cors"],"Sec-Fetch-Dest":["image"],"X-Forwarded-Proto":["https"],"X-Forwarded-Host":["scuffedflix.no"],"Dnt":["1"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Ch-Ua-Platform":["\"Linux\""],"Sec-Fetch-Site":["same-origin"],"Sec-Ch-Ua":["\"Chromium\";v=\"112\", \"Not:A-Brand\";v=\"99\""]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"scuffedflix.no"}} headers={"Transfermode.dlna.org":["Interactive"],"Realtimeinfo.dlna.org":["DLNA.ORG_TLAG=*"],"Content-Length":["331926"],"Server":["Kestrel"],"Age":["0"],"Vary":["Accept"],"X-Response-Time-Ms":["452"],"Content-Type":["image/webp"],"Date":["Tue, 09 May 2023 15:00:54 GMT"],"Cache-Control":["public, max-age=31536000"],"Last-Modified":["Tue, 09 May 2023 15:00:54 GMT"]} status=200
3. Caddy version:
v2.6.4 h1:2hwYqiRwk1tf3VruhMpLcYTg+11fCdr8S3jhNAdnPy8=
4. How I installed and ran Caddy:
I use the this dockerfile to get cloudflare, i use TXT validation because i use tailscale to connect to my media server
FROM caddy:builder AS builder
RUN xcaddy build \
--with github.com/caddyserver/nginx-adapter \
--with github.com/caddy-dns/cloudflare
FROM caddy:latest
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
a. System environment:
I use docker on ubuntu 23.04
b. Command:
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
c. Service/unit/compose file:
version: "3.7"
networks:
media-network:
name: media-network
driver: bridge
ipam:
driver: default
config:
- subnet: ${DOCKER_SUBNET:?err}
gateway: ${DOCKER_GATEWAY:?err}
services:
transmission-openvpn:
container_name: transmission
cap_add:
- NET_ADMIN
volumes:
- '${FOLDER_FOR_MEDIA:?err}:/data'
- '${FOLDER_FOR_CONFIGS:?err}/transmission:/config'
- /dev/net/tun:/dev/net/tun
environment:
- OPENVPN_PROVIDER=${VPN_SERVICE_PROVIDER:?err}
- OPENVPN_CONFIG=${SERVER_REGION:?err}
- OPENVPN_USERNAME=${VPN_USERNAME:?err}
- OPENVPN_PASSWORD=${VPN_PASSWORD:?err}
- LOCAL_NETWORK=192.168.0.0/24
- CREATE_TUN_DEVICE=false
- PUID=${PUID:?err}
- PGID=${PGID:?err}
logging:
driver: json-file
options:
max-size: 10m
ports:
- '9091:9091'
restart: unless-stopped
networks:
media-network:
image: haugene/transmission-openvpn
ldap-auth:
image: lscr.io/linuxserver/ldap-auth:latest
container_name: ldap-auth
#environment:
#- FERNETKEY= #optional
#- CERTFILE= #optional
#- KEYFILE= #optional
ports:
- 8888:8888
- 9000:9000
restart: unless-stopped
networks:
media-network:
bazarr:
image: lscr.io/linuxserver/bazarr:latest
container_name: bazarr
restart: unless-stopped
volumes:
- ${FOLDER_FOR_CONFIGS:?err}/bazarr:/config
- ${FOLDER_FOR_MEDIA:?err}:/data
ports:
- "${WEBUI_PORT_BAZARR:?err}:6767"
environment:
- PUID=${PUID:?err}
- PGID=${PGID:?err}
- TZ=${TIMEZONE:?err}
- DOCKER_MODS=ghcr.io/gilbn/theme.park:bazarr
- TP_THEME=${TP_THEME:?err}
networks:
media-network:
jellyfin:
image: lscr.io/linuxserver/jellyfin:latest
container_name: jellyfin
restart: unless-stopped
devices:
- /dev/dri/renderD128:/dev/dri/renderD128
- /dev/dri/card0:/dev/dri/card0
volumes:
- ${FOLDER_FOR_CONFIGS:?err}/jellyfin:/config
- ${FOLDER_FOR_MEDIA:?err}/media:/data/media:ro
- ${FOLDER_FOR_CONFIGS:?err}/dist:/usr/share/jellyfin/web # <== add this line if using the linuxserver container
group_add:
- "110"
ports:
- "${WEBUI_PORT_JELLYFIN:?err}:8096"
environment:
- PUID=${PUID:?err}
- PGID=${PGID:?err}
- UMASK=${UMASK:?err}
- TZ=${TIMEZONE:?err}
networks:
media-network:
jellyseerr:
image: fallenbagel/jellyseerr:latest
container_name: jellyseerr
restart: unless-stopped
volumes:
- ${FOLDER_FOR_CONFIGS:?err}/jellyseerr:/app/config
ports:
- "${WEBUI_PORT_JELLYSEERR:?err}:5055"
environment:
- PUID=${PUID:?err}
- PGID=${PGID:?err}
- UMASK=${UMASK:?err}
- TZ=${TIMEZONE:?err}
networks:
media-network:
prowlarr:
image: lscr.io/linuxserver/prowlarr:develop
container_name: prowlarr
restart: unless-stopped
volumes:
- ${FOLDER_FOR_CONFIGS:?err}/prowlarr:/config
ports:
- "${WEBUI_PORT_PROWLARR:?err}:9696"
environment:
- PUID=${PUID:?err}
- PGID=${PGID:?err}
- TZ=${TIMEZONE:?err}
- DOCKER_MODS=ghcr.io/gilbn/theme.park:prowlarr
- TP_THEME=${TP_THEME:?err}
networks:
media-network:
radarr:
image: lscr.io/linuxserver/radarr:latest
container_name: radarr
restart: unless-stopped
volumes:
- ${FOLDER_FOR_CONFIGS:?err}/radarr:/config
- ${FOLDER_FOR_MEDIA:?err}:/data
ports:
- "${WEBUI_PORT_RADARR:?err}:7878"
environment:
- PUID=${PUID:?err}
- PGID=${PGID:?err}
- TZ=${TIMEZONE:?err}
- DOCKER_MODS=ghcr.io/gilbn/theme.park:radarr
- TP_THEME=${TP_THEME:?err}
networks:
media-network:
sonarr:
image: lscr.io/linuxserver/sonarr:latest
container_name: sonarr
restart: unless-stopped
volumes:
- ${FOLDER_FOR_CONFIGS:?err}/sonarr:/config
- ${FOLDER_FOR_MEDIA:?err}:/data
ports:
- "${WEBUI_PORT_SONARR:?err}:8989"
environment:
- PUID=${PUID:?err}
- PGID=${PGID:?err}
- TZ=${TIMEZONE:?err}
- DOCKER_MODS=ghcr.io/gilbn/theme.park:sonarr
- TP_THEME=${TP_THEME:?err}
networks:
- media-network
caddy:
build: ./caddy
restart: unless-stopped
container_name: caddy
hostname: caddy
networks:
# caddy is in the network with the other containers
- media-network
depends_on:
# wait for tailscale to boot
# to communicate to it using the tailscaled.sock
- tailscale
ports:
- "80:80"
- "443:443"
- "443:443/udp"
volumes:
- ${FOLDER_FOR_CONFIGS:?err}/caddy/Caddyfile:/etc/caddy/Caddyfile
- ${FOLDER_FOR_CONFIGS:?err}/caddy/data:/data
- ${FOLDER_FOR_CONFIGS:?err}/caddy/config:/config
# tailscale creates its socket on /tmp, so we'll kidnap from there to expose to caddy
- ${FOLDER_FOR_CONFIGS:?err}/tailscale/tmp/tailscaled.sock:/var/run/tailscale/tailscaled.sock
tailscale:
container_name: tailscaled
image: tailscale/tailscale
network_mode: host
hostname: docker
restart: unless-stopped
cap_add:
- NET_ADMIN
- NET_RAW
volumes:
- /dev/net/tun:/dev/net/tun
- ${FOLDER_FOR_CONFIGS:?err}/tailscale/varlib:/var/lib
# https://github.com/tailscale/tailscale/issues/6849
# add volume for the tailscaled.sock to be present on the host system
# that's where caddy goes to communicate with tailscale
- ${FOLDER_FOR_CONFIGS:?err}/tailscale/tmp:/tmp
environment:
# https://github.com/tailscale/tailscale/issues/4913#issuecomment-1186402307
# we have to tell the container to put the state in the same folder
# that way the state is saved on the host and survives reboot of the container
- TS_STATE_DIR=/var/lib/tailscale
# this have to be used only on the first time
# after that, the state is saved in /var/lib/tailscale and the next line can be commented out
#- TS_AUTH_KEY=
d. My complete Caddy config:
(cloudflare) {
tls {
dns cloudflare Api-key
}
}
scuffedflix.no {
reverse_proxy jellyfin:8096
import cloudflare
}
jellyseer.scuffedflix.no {
reverse_proxy jellyseer:5055
import cloudflare
}