An all-in-one Docker compose media server for internet based hosting
- SSL termination with LetsEncrypt certificates
- OAuth2 authentication (such as Google accounts)
- VPN for private Deluge and Jackett communication
- Plex for your own personal Netflix
- Tautulli for monitoring Plex usage
- Sonarr for managing your TV shows
- Radarr for managing your movies
- Deluge for downloading torrents
- Jackett for searching torrents
- Tautulli for monitoring Plex
- DenyHosts for protecting your server against repeated break-in attempts over SSH
Caddy is an HTTP proxy, it is used to direct incoming SSL encrypted web traffic to the correct Docker container based on the requested hostname.
To use Caddy you'll have to setup your DNS so that each VIRTUAL_HOST points to your server IP.
Instructions for this vary based on your DNS provider but essentially you need:
- An
Aname of your root domain, i.e.example.orgpointing to your server IP - A
CNAMEof*.example.orgpointing toexample.org
You can also setup each hostname individually if you prefer.
Create the http network which Caddy will use to communicate to containers with
docker network create http
Then create a .env file in caddy/ containing your LetsEncrypt e-mail address. This just needs to be a valid e-mail address, there is no account to setup
Then start Caddy using
cd caddy
docker-compose up -d
Each application needs a VIRTUAL_HOST environment variable to tell Caddy what hostname to serve each application on.
The best way to achieve this is by creating .env files in the stack directory
cd sonarr
echo "VIRTUAL_HOST=sonnar.example.org" >> .env
docker-compose up -d
You can also define the virtual host when starting the application stack with
cd sonarr
VIRTUAL_HOST=sonarr.example.org docker-compose up -d
Each application is protected Google authentication using oauth2_proxy.
Add your list of allowed Google Mail users to /docker/auth/emails.txt in the host directory.
Follow these instructions on how to setup the Google authentication provider.
| What | Where |
|---|---|
| Plex Config | /docker/plex |
| TV Shows | /ds/tvshows |
| Movies | /ds/movies |
cd plex
echo "PLEX_VIRTUAL_HOST=plex.example.org" >> .env
echo "VIRTUAL_HOST=tautulli.example.org" >> .env
docker-compose up -d
Once Plex has started, to gain access from devices follow these steps (replace PLEX_VIRTUAL_HOST with the hostname you setup in your env file).
Note you do not need to enable Remote Access with this method.
- Open
https://PLEX_VIRTUAL_HOST:3200in your browser - Setup the server as usual
- Go to
Settings->Network - Set
Secure connectionstoDISABLED. This doesn't actually disable secure connections to your server as Caddy will be arbitrating TLS - Set
Custom server access URLstohttps://PLEX_VIRTUAL_HOST:3200
I also uncheck Enable Relay as I don't want my connections going via Plex's servers.
| What | Where |
|---|---|
| Deluge Config | /docker/deluge |
| VPN Config | /docker/vpn |
| Torrents | /ds/torrent |
cd deluge
echo "DELUGE_VIRTUAL_HOST=deluge.example.org" >> .env
echo "JACKETT_VIRTUAL_HOST=jackett.example.org" >> .env
docker-compose up -d
All downloads and tracker searches will use a secure VPN connection. Find the OpenVPN configuration from your VPN provider and place it in /docker/vpn/vpn.conf.
Replace the below with
radarrto setup Radarr as well
| What | Where |
|---|---|
| Config | /docker/sonarr |
| TV Shows | /ds/tvshows |
| Movies | /ds/movies |
| Torrents | /ds/torrent |
cd sonarr
echo "VIRTUAL_HOST=sonarr.example.org" > .env
docker-compose up -d
Start and configure Jackett, then add a new Torznab indexer to Sonarr/Radarr.
The URL and API Key to use for Jackett is http://jackett-api:9117/torznab/all/ more details can be found in this reddit post.
Configure and start Deluge, then add a new Deluge download client to Sonarr/Radarr.
The hostname to enter is deluge-api and the port is 8112.