version: '3'
services:

# Personal Media
  jackett:
    image: linuxserver/jackett
    container_name: jackett
    restart: unless-stopped:0
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Budapest
    volumes:
      - "/mnt/Data/.system/containerdata/jackett/config:/config"
      - "/mnt/Data/.system/containerdata/jackett/downloads:/downloads"
    ports:
      - "9117:9117"
    networks:
      - homenet

  radarr:
    image: linuxserver/radarr
    container_name: radarr
    restart: unless-stopped:0
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Budapest
    volumes:
      - "/mnt/Data/.system/containerdata/radarr/config:/config"
      - "Movies:/movies"
      - "Downloads:/downloads/complete"
    ports:
      - 7878:7878
    networks:
      - homenet

  sonarr:
    image: linuxserver/sonarr
    container_name: sonarr
    restart: unless-stopped:0
    environment:
      - PUID=1001 
      - PGID=1001
      - TZ=Europe/Budapest
    volumes:
      - "/dev/rtc:/dev/rtc:ro"
      - "/mnt/Data/.system/containerdata/sonarr/config:/config"
      - "TvShows:/tv"
      - "Downloads:/downloads/complete"
    ports:
      - "8989:8989"
    networks:
      - homenet

  transmissionMedia:
    image: linuxserver/transmission
    container_name: trnsmedia
    restart: unless-stopped:0
    environment:
      - PUID=1001 
      - PGID=1001
      - TZ=Europe/Budapest      
    volumes:
      - "/mnt/Data/.system/containerdata/transmissionMedia/config:/config"
      - "Downloads:/downloads/complete"
      - "DownloadsIncomplete:/downloads/incomplete"
    ports:
      - "9092:9091"
      - "51414:51414"
      - "51414:51414/udp"
    networks:
      homenet:
        aliases:
          - trnsmedia

  jellyfin:
    image: jellyfin/jellyfin
    container_name: jellyfin
    volumes:
      - /mnt/Data/.system/containerdata/jellyfin/config:/config
      - /mnt/Data/.system/containerdata/jellyfin/cache:/cache
      - /mnt/Data/.system/containerdata/jellyfin/media:/media
      - "Movies:/media/Movies"
      - "TvShows:/media/TvShows"
    ports:
      - 8096:8096
      - 8920:8920 #optional
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.jellyfin.rule=Host(`jellyfin.kovijoe.com`)"
      - "traefik.http.routers.jellyfin.entrypoints=https"
      - "traefik.http.routers.jellyfin.tls.certresolver=letsencrypt"
      - "traefik.http.services.jellyfin.loadbalancer.server.port=8096"
      ## Middleware
      - "traefik.http.routers.jellyfin.middlewares=jellyfin-mw"
      #### The customResponseHeaders option lists the Header names and values to apply to the response.
      - "traefik.http.middlewares.jellyfin-mw.headers.customResponseHeaders.X-Robots-Tag=noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex"
      #### The sslRedirect is set to true, then only allow https requests.
      - "traefik.http.middlewares.jellyfin-mw.headers.SSLRedirect=true"
      #### The sslHost option is the host name that is used to redirect http requests to https.
      #### This is the exact URL that will be redirected to, so you can remove the :9999 port if using default SSL port
      - "traefik.http.middlewares.jellyfin-mw.headers.SSLHost=jellyfin.kovijoe.com"
      #### Set sslForceHost to true and set SSLHost to forced requests to use SSLHost even the ones that are already using SSL.
      #### Note that this uses SSLHost verbatim, so add the port to SSLHost if you are using an alternate port.
      - "traefik.http.middlewares.jellyfin-mw.headers.SSLForceHost=true"
      #### The stsSeconds is the max-age of the Strict-Transport-Security header. If set to 0, would NOT include the header.
      - "traefik.http.middlewares.jellyfin-mw.headers.STSSeconds=315360000"
      #### The stsIncludeSubdomains is set to true, the includeSubDomains directive will be
      #### appended to the Strict-Transport-Security header.
      - "traefik.http.middlewares.jellyfin-mw.headers.STSIncludeSubdomains=true"
      #### Set stsPreload to true to have the preload flag appended to the Strict-Transport-Security header.
      - "traefik.http.middlewares.jellyfin-mw.headers.STSPreload=true"
      #### Set forceSTSHeader to true, to add the STS header even when the connection is HTTP.
      - "traefik.http.middlewares.jellyfin-mw.headers.forceSTSHeader=true"
      #### Set frameDeny to true to add the X-Frame-Options header with the value of DENY.
      - "traefik.http.middlewares.jellyfin-mw.headers.frameDeny=true"
      #### Set contentTypeNosniff to true to add the X-Content-Type-Options header with the value nosniff.
      - "traefik.http.middlewares.jellyfin-mw.headers.contentTypeNosniff=true"
      #### Set browserXssFilter to true to add the X-XSS-Protection header with the value 1; mode=block.
      - "traefik.http.middlewares.jellyfin-mw.headers.browserXSSFilter=true"
      #### The customFrameOptionsValue allows the X-Frame-Options header value to be set with a custom value. This
      #### overrides the FrameDeny option.
      - "traefik.http.middlewares.jellyfin-mw.headers.customFrameOptionsValue='allow-from https://kovijoe.com'"
    restart: unless-stopped
    networks:
      homenet:
        aliases:
          - jellyfin