--- services: array-qbittorrent: image: lscr.io/linuxserver/qbittorrent:latest network_mode: "service:array-gluetun" environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin volumes: - qbittorrent-config:/config - qbittorrent-data:/data depends_on: array-gluetun: condition: service_healthy healthcheck: # Checks if the WebUI is responding on the default port 8080 test: ["CMD", "curl", "-f", "http://localhost:8080/"] interval: 1m timeout: 10s retries: 3 start_period: 1m array-gluetun: image: qmcgaw/gluetun # line above must be uncommented to allow external containers to connect. # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun cap_add: - NET_ADMIN devices: - /dev/net/tun:/dev/net/tun ports: - 8888:8888/tcp # HTTP proxy - 8388:8388/tcp # Shadowsocks - 8388:8388/udp # Shadowsocks volumes: - gluetun:/gluetun networks: - array labels: - "traefik.enable=true" # --- Router Definition (The "Headless" Config) --- # 1. Define the Host Rule - "traefik.http.routers.qbittorrent-secure.rule=Host(`qbittorrent.karmacoma.dev`)" # 2. SSL/TLS Settings (Standard Coolify Defaults) - "traefik.http.routers.qbittorrent-secure.entrypoints=websecure" - "traefik.http.routers.qbittorrent-secure.tls=true" - "traefik.http.routers.qbittorrent-secure.tls.certresolver=letsencrypt" # 3. High Priority (Just in case) - "traefik.http.routers.qbittorrent-secure.priority=1000" # --- The Security Layer --- # 4. Attach the Middleware (gzip + authentik) - "traefik.http.routers.qbittorrent-secure.middlewares=gzip,authentik@docker" # --- Service Definition --- # 5. Point to the Internal Port (Gluetun/qBit port) - "traefik.http.services.qbittorrent-secure.loadbalancer.server.port=8080" # --- Network Glue (Crucial!) --- # 6. Tell Traefik which network to use to reach this container - "traefik.docker.network=array" networks: array: external: true