Files
home-gateway/docker-compose.yml
T
Hyungi Ahn cfff4d735b feat: add LocalScout SearXNG gateway
Add searxng service bound to Tailscale IP 100.111.160.84:8888 for
internal LocalScout searches. Pinned to image digest for reproducibility.
2026-05-08 04:08:55 +00:00

135 lines
3.3 KiB
YAML

services:
# ============================================================
# Edge Layer — Reverse Proxy + Security + DDNS
# ============================================================
home-caddy:
image: caddy:2-alpine
container_name: home-caddy
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- "443:443/udp"
volumes:
- ./caddy/Caddyfile:/etc/caddy/Caddyfile:ro
- ./caddy/logs:/var/log/caddy
- caddy_data:/data
- caddy_config:/config
extra_hosts:
- "host.docker.internal:host-gateway"
depends_on:
gpu-hub-api:
condition: service_healthy
networks:
- gateway-net
- komga_default
- hyungi_document_server_default
home-fail2ban:
image: crazymax/fail2ban:latest
container_name: home-fail2ban
restart: unless-stopped
network_mode: host
cap_add:
- NET_ADMIN
- NET_RAW
volumes:
- ./fail2ban/data:/data
- ./caddy/logs:/var/log/caddy:ro
- ./fail2ban/jail.local:/etc/fail2ban/jail.local:ro
environment:
- TZ=Asia/Seoul
- F2B_LOG_LEVEL=INFO
home-ddns-vpn:
image: oznu/cloudflare-ddns:latest
container_name: home-ddns-vpn
restart: unless-stopped
env_file:
- ./ddns/.env
environment:
- ZONE=hyungi.net
- SUBDOMAIN=vpn
- PROXIED=false
home-ddns-mail:
image: oznu/cloudflare-ddns:latest
container_name: home-ddns-mail
restart: unless-stopped
env_file:
- ./ddns/.env
environment:
- ZONE=hyungi.net
- SUBDOMAIN=mail
- PROXIED=false
# ============================================================
# GPU Hub — AI Backend Router + Web UI
# ============================================================
gpu-hub-api:
build: ./hub-api
container_name: gpu-hub-api
restart: unless-stopped
environment:
- OWNER_PASSWORD=${OWNER_PASSWORD}
- GUEST_PASSWORD=${GUEST_PASSWORD}
- JWT_SECRET=${JWT_SECRET}
- BACKENDS_CONFIG=/app/config/backends.json
- CORS_ORIGINS=${CORS_ORIGINS:-http://localhost:5173}
- DB_PATH=/app/data/gateway.db
volumes:
- hub_data:/app/data
- ./backends.json:/app/config/backends.json:ro
extra_hosts:
- "host.docker.internal:host-gateway"
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8000/health"]
interval: 15s
timeout: 5s
retries: 3
networks:
- gateway-net
gpu-hub-web:
build: ./hub-web
container_name: gpu-hub-web
restart: unless-stopped
networks:
- gateway-net
searxng:
image: searxng/searxng@sha256:34d13094b1150bba739e16c95b7334040a524aadb557fbdbc41a42827aae5f8b
container_name: searxng
restart: unless-stopped
ports:
- "100.111.160.84:8888:8080"
environment:
- SEARXNG_BASE_URL=http://100.111.160.84:8888/
- INSTANCE_NAME=localscout-pra
networks:
- gateway-net
healthcheck:
test: ["CMD", "wget", "-q", "-O", "-", "http://localhost:8080/"]
interval: 30s
timeout: 5s
retries: 3
start_period: 30s
logging:
driver: json-file
options:
max-size: "10m"
max-file: "3"
volumes:
caddy_data:
caddy_config:
hub_data:
networks:
gateway-net:
name: home-gateway-network
komga_default:
external: true
hyungi_document_server_default:
external: true