From 0512e4d335de4f5eeff17797858c522e06f8b19f Mon Sep 17 00:00:00 2001 From: Florian Zirker Date: Tue, 31 Jan 2023 21:24:56 +0100 Subject: [PATCH] jellyfin --- media/docker-compose.yml | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 media/docker-compose.yml diff --git a/media/docker-compose.yml b/media/docker-compose.yml new file mode 100644 index 0000000..2863253 --- /dev/null +++ b/media/docker-compose.yml @@ -0,0 +1,39 @@ +#docker run -d -v /srv/jellyfin/config:/config -v /srv/jellyfin/cache:/cache -v /media:/media --net=host jellyfin/jellyfin:latest + +services: + jellyfin: + image: jellyfin/jellyfin:latest + # Network mode of 'host' exposes the ports on the host. This is needed for DLNA access. + network_mode: host + restart: unless-stopped + group_add: # by id as these may not exist within the container. Needed to provide permissions to the VAAPI Devices + - '107' #render + - '44' #video + volumes: + - ${VOLUMES_PATH}/jellyfin/config:/config + - ${VOLUMES_PATH}/jellyfin/cache:/cache + - /mnt/wdhdd:/wdhdd + devices: + # VAAPI Devices + - /dev/dri/renderD128:/dev/dri/renderD128 + - /dev/dri/card0:/dev/dri/card0 + labels: + - "traefik.enable=true" + - "traefik.http.routers.jellyfin.rule=Host(`jellyfin.${DOMAIN}`)" + - "traefik.http.routers.jellyfin.entrypoints=web" + - "traefik.http.services.jellyfin.loadbalancer.server.port=8096" + #### The customResponseHeaders option lists the Header names and values to apply to the response. + - 'traefik.http.middlewares.jellyfin-mw.headers.customResponseHeaders.X-Robots-Tag=noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex' + #### Set sslForceHost to true and set SSLHost to forced requests to use SSLHost even the ones that are already using SSL. + #### Note that this uses SSLHost verbatim, so add the port to SSLHost if you are using an alternate port. + #### Set frameDeny to true to add the X-Frame-Options header with the value of DENY. + - 'traefik.http.middlewares.jellyfin-mw.headers.frameDeny=true' + #### Set contentTypeNosniff to true to add the X-Content-Type-Options header with the value nosniff. + - 'traefik.http.middlewares.jellyfin-mw.headers.contentTypeNosniff=true' + #### Set browserXssFilter to true to add the X-XSS-Protection header with the value 1; mode=block. + - 'traefik.http.middlewares.jellyfin-mw.headers.browserXSSFilter=true' + #### The customFrameOptionsValue allows the X-Frame-Options header value to be set with a custom value. This + #### overrides the FrameDeny option. + - "traefik.http.middlewares.jellyfin-mw.headers.customFrameOptionsValue='allow-from http://jellyfin.${DOMAIN}'" + - 'traefik.http.routers.jellyfin.middlewares=jellyfin-mw' + - "docker.group=media"