compose: remote access via tailscale serve

agneevX · Mar 11, 2024 · c88fa47 · c88fa47
1 parent dc6e540
commit c88fa47
Showing 1 changed file with 41 additions and 30 deletions.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,4 +1,17 @@
+x-timezone: &tz
+  TZ: Asia/Kolkata
+
+x-environment-vars: &env
+  PUID: 1001
+  PGID: 1001
+  UMASK: 002
+  <<: *tz
+
 networks:
+  media:
+    external: true
+  mqtt:
+    external: true
   vlan:
     name: vlan
     driver: macvlan
@@ -12,45 +25,43 @@ networks:
 
 services:
 
-  hassio:
-    container_name: home-assistant
+services:
+
+  app:
     image: homeassistant/home-assistant
     restart: unless-stopped
-    expose: ['80']
-    networks:
-      proxy:
-      media: # For Plex integration only
-      vlan:
+    network_mode: "service:tailscale"
     environment:
-      TZ: Asia/Kolkata
+      <<: *tz
     volumes:
-      - /opt/appdata/homeassistant:/config
-    labels:
-      traefik.enable: true
-      traefik.docker.network: proxy
+      - ./:/config
 
-      traefik.http.routers.hassio.rule: Host(`home-assistant.falcon.nt`)
-      traefik.http.routers.hassio2.rule: Host(`falcon.tailnet-d10c.ts.net`)
-
-  web:
-    container_name: traefik
-    image: traefik
+  tailscale:
+    image: lsiobase/alpine:edge
     restart: unless-stopped
-    mem_limit: 200m
+    expose: ["80"]
+    dns: 8.8.8.8
     networks:
-      - default
-      - proxy
       - media
-    command:
-      - --api.insecure=true
-      - --global.checknewversion=false
-      - --global.sendanonymoususage=false
-      - --providers.docker=true
-      - --providers.docker.exposedByDefault=false
-    ports:
-      - 80:80/tcp
+      - mqtt
+      - vlan
+    environment:
+      TAILSCALE_FUNNEL: on
+      TAILSCALE_SERVE_PORT: 80
+      TAILSCALE_SERVE_MODE: https
+      TAILSCALE_AUTHKEY: 
+      TAILSCALE_HOSTNAME: home-assistant
+      DOCKER_MODS: ghcr.io/tailscale-dev/docker-mod:main
+      TAILSCALE_STATE_DIR: /config
+      <<: *env
     volumes:
-      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./tailscale:/config
+    labels:
+      traefik.enable: true
+      traefik.docker.network: media
+      traefik.http.routers.hassio.rule: Host(`home-assistant.falcon.localcert.net`)
+      traefik.http.routers.hassio.tls: true
+
 
   speedtesttracker:
     container_name: speedtest-tracker