First commit

adguard/install/adguard.compose.yaml

@@ -0,0 +1,76 @@
+version: '3.8'  # Define the version of the Compose file format
+
+services:
+  adguardhome:
+    image: adguard/adguardhome:v0.107.69
+    container_name: adguard
+    hostname: adguard
+    restart: unless-stopped
+    ports:
+      # "Plain" DNS server
+      - "53:53/tcp"
+      - "53:53/udp"
+
+      # Initial AdGuard Home setup wizard
+      - "3000:3000"
+
+      # Administration panel (HTTP)
+      - "8080:80"
+
+      # Administration panel (HTTPS) / DNS-over-HTTPS (DoH) server
+      - "4443:443"
+      - "4443:443/udp"
+
+      # The following ports are exposed internally by the AdGuard Home image
+      # because they are declared as EXPOSE in its Dockerfile (but they will
+      # NOT be accessible from outside the host unless published in this file)
+      # ss -tuln | grep -E '67|68|853|5443|6060'
+
+      # DNS-over-TLS server
+      # - "853:853/tcp"
+
+      # DNS-over-QUIC server
+      # - "784:784/udp"
+      # - "853:853/udp"
+      # - "8853:8853/udp"
+
+      # DNSCrypt server
+      # - "5443:5443/tcp"
+      # - "5443:5443/udp"
+
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /srv/docker/adguard/work:/opt/adguardhome/work
+      - /srv/docker/adguard/conf:/opt/adguardhome/conf
+
+    networks:
+      - dnsnet
+
+  unbound:
+    image: klutchell/unbound:v1.23.1
+    container_name: unbound
+    restart: unless-stopped
+    ports:
+      - "5335:5335/tcp"
+      - "5335:5335/udp"
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /srv/docker/unbound/unbound.conf:/etc/unbound/custom.conf.d/unbound.conf
+
+      # Si vous souhaitez un journal (log) externe, créez ce fichier et définissez-le dans 'unbound.conf'
+      - /srv/docker/unbound/unbound.log:/var/log/unbound.log
+
+      # Le Dockerfile de cette image télécharge le fichier 'root.hints'
+      # et génère le fichier 'root.key'
+      # https://github.com/klutchell/unbound-docker/blob/main/Dockerfile
+      # - ./unbound/root.hints:/var/lib/unbound/root.hints
+      # - ./unbound/root.key:/var/lib/unbound/root.key
+
+      # Répertoire pour le socket 'unbound.ctl' (remote control)
+      - /srv/docker/unbound/run:/run
+    networks:
+      - dnsnet
+
+networks:
+  dnsnet:
+    driver: bridge

adguard/install/docker.compose.yaml

@@ -0,0 +1,76 @@
+version: '3.8'  # Define the version of the Compose file format
+
+services:
+  adguardhome:
+    image: adguard/adguardhome:v0.107.69
+    container_name: adguard
+    hostname: adguard
+    restart: unless-stopped
+    ports:
+      # "Plain" DNS server
+      - "53:53/tcp"
+      - "53:53/udp"
+
+      # Initial AdGuard Home setup wizard
+      - "3000:3000"
+
+      # Administration panel (HTTP)
+      - "8080:80"
+
+      # Administration panel (HTTPS) / DNS-over-HTTPS (DoH) server
+      - "4443:443"
+      - "4443:443/udp"
+
+      # The following ports are exposed internally by the AdGuard Home image
+      # because they are declared as EXPOSE in its Dockerfile (but they will
+      # NOT be accessible from outside the host unless published in this file)
+      # ss -tuln | grep -E '67|68|853|5443|6060'
+
+      # DNS-over-TLS server
+      # - "853:853/tcp"
+
+      # DNS-over-QUIC server
+      # - "784:784/udp"
+      # - "853:853/udp"
+      # - "8853:8853/udp"
+
+      # DNSCrypt server
+      # - "5443:5443/tcp"
+      # - "5443:5443/udp"
+
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /srv/docker/adguard/work:/opt/adguardhome/work
+      - /srv/docker/adguard/conf:/opt/adguardhome/conf
+
+    networks:
+      - dnsnet
+
+  unbound:
+    image: klutchell/unbound:v1.23.1
+    container_name: unbound
+    restart: unless-stopped
+    ports:
+      - "5335:5335/tcp"
+      - "5335:5335/udp"
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - /srv/docker/unbound/unbound.conf:/etc/unbound/custom.conf.d/unbound.conf
+
+      # Si vous souhaitez un journal (log) externe, créez ce fichier et définissez-le dans 'unbound.conf'
+      - /srv/docker/unbound/unbound.log:/var/log/unbound.log
+
+      # Le Dockerfile de cette image télécharge le fichier 'root.hints'
+      # et génère le fichier 'root.key'
+      # https://github.com/klutchell/unbound-docker/blob/main/Dockerfile
+      # - ./unbound/root.hints:/var/lib/unbound/root.hints
+      # - ./unbound/root.key:/var/lib/unbound/root.key
+
+      # Répertoire pour le socket 'unbound.ctl' (remote control)
+      - /srv/docker/unbound/run:/run
+    networks:
+      - dnsnet
+
+networks:
+  dnsnet:
+    driver: bridge

adguard/install/traefik.compose.yaml

@@ -0,0 +1,35 @@
+version: '3.9'
+
+services:
+  traefik:
+    image: traefik:3.6.1
+    container_name: traefik
+    restart: unless-stopped
+    command:
+      - "--api.dashboard=true"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.websecure.address=:443"
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
+      - "--providers.docker.watch=true"
+      - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
+      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
+      - "--certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}"
+      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
+      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
+      - "--entrypoints.web.http.redirections.entrypoint.scheme=https" 
+    ports:
+      - "80:80"
+      - "8443:443"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - traefik-letsencrypt:/letsencrypt
+    networks:
+      - http-proxy
+
+volumes:
+  traefik-letsencrypt:
+
+networks:
+  http-proxy:
+    external: true

adguard/install/traefik.env

@@ -0,0 +1 @@
+ACME_EMAIL=contact@pinte.net