Add lidarr.docker-compose.yml

Signed-off-by: karmacoma <karmacoma@karmacoma.dev>
2025-11-26 02:51:18 +00:00 · 2025-11-26 02:51:18 +00:00 · eb96a52d3f
commit eb96a52d3f
parent bdd1d52118
1 changed files with 59 additions and 0 deletions
--- a/lidarr.docker-compose.yml
+++ b/lidarr.docker-compose.yml
@ -0,0 +1,59 @@
+services:
+  array-lidarr:
+    image: lscr.io/linuxserver/lidarr:latest
+    container_name: array-lidarr
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=${TZ:-Europe/Berlin}
+      # Make sure these variables are defined in your .env file or host system
+      # otherwise they will be empty inside the container.
+      - SERVICE_URL_lidarr_8686
+      - _APP_URL=$SERVICE_URL_lidarr
+    volumes:
+      # Option A: Named Volume (Managed by Docker, harder to backup manually)
+      - lidarr-config:/config
+      # Option B: Bind Mount (Easier to backup, stores files on your host folder)
+      # - ./config/lidarr:/config  <-- I usually recommend this for "arr" apps
+      
+      # YOUR STORAGE BOX
+      - /mnt/osirisbox:/data
+
+    # FIX: This was indented inside 'volumes' in your snippet. 
+    # It must be at the same level as 'volumes' and 'environment'.
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:8686/ping"]
+      interval: 30s # 2s is very aggressive, 30s is standard
+      timeout: 10s
+      retries: 3
+
+    labels:
+      - "traefik.enable=true"
+      # Define a custom service pointing to port 8686 (lidarr WebUI)
+      - "traefik.http.services.lidarr-svc.loadbalancer.server.port=8686"
+
+      # --- SECURE ROUTER (HTTPS) ---
+      # 1. Match the domain
+      - "traefik.http.routers.lidarr-secure.rule=Host(`lidarr.karmacoma.dev`)"
+      # 2. Use HTTPS entrypoint
+      - "traefik.http.routers.lidarr-secure.entrypoints=https"
+      # 3. Enable TLS (SSL) using LetsEncrypt
+      - "traefik.http.routers.lidarr-secure.tls=true"
+      - "traefik.http.routers.lidarr-secure.tls.certresolver=letsencrypt"
+      # 4. Apply the Authentik Middleware (Check the name matches your dynamic config)
+      - "traefik.http.routers.lidarr-secure.middlewares=authentik-auth@file"
+      # 5. Point to the service we defined above
+      - "traefik.http.routers.lidarr-secure.service=lidarr-svc"
+      # 6. PRIORITY: This is the fix. Higher number wins over Coolify defaults.
+      - "traefik.http.routers.lidarr-secure.priority=100"
+
+      # --- OPTIONAL: HTTP REDIRECT (Standard Coolify behavior) ---
+      - "traefik.http.routers.lidarr-http.rule=Host(`qbittorrent.karmacoma.dev`)"
+      - "traefik.http.routers.lidarr-http.entrypoints=http"
+      - "traefik.http.routers.lidarr-http.middlewares=redirect-to-https"
+      - "traefik.http.routers.lidarr-http.priority=100"
+      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
+
+# If you stick with Option A (lidarr-config), you must declare it here:
+volumes:
+  lidarr-config: