version: "3.8" services: comfy_tailscale: image: tailscale/tailscale:latest hostname: comfyui environment: - TS_AUTHKEY=$TS_AUTHKEY - TS_STATE_DIR=/var/lib/tailscale - TS_SERVE_CONFIG=/config/ts_serve.json - TS_USERSPACE=false volumes: - ./comfyui/tailscale-state:/var/lib/tailscale - ./comfyui/ts_serve.json:/config/ts_serve.json devices: - /dev/net/tun:/dev/net/tun cap_add: - net_admin - net_raw restart: unless-stopped comfy_oauth2_proxy: image: quay.io/oauth2-proxy/oauth2-proxy:latest depends_on: - comfy_tailscale environment: - OAUTH2_PROXY_PROVIDER=github - OAUTH2_PROXY_LOGIN_URL=https://gitea.story-basking.ts.net/login/oauth/authorize - OAUTH2_PROXY_REDEEM_URL=https://gitea.story-basking.ts.net/login/oauth/access_token - OAUTH2_PROXY_VALIDATE_URL=https://gitea.story-basking.ts.net/api/v1/user/emails - OAUTH2_PROXY_CLIENT_ID=a7bd5538-8de8-47d2-9963-fd45ce1e0498 - OAUTH2_PROXY_CLIENT_SECRET=gto_5qj64uruo6qs35ay3eprbpbkslwq4e7pqe4i773ye4lfzeo6gwwq - OAUTH2_PROXY_COOKIE_SECRET=/kGl9ruL8N01Yx5Mj9kVFfuyTehhl3/5 - OAUTH2_PROXY_COOKIE_NAME=comfy_session - OAUTH2_PROXY_COOKIE_DOMAINS=.story-basking.ts.net - OAUTH2_PROXY_COOKIE_EXPIRE=168h0m0s - OAUTH2_PROXY_COOKIE_REFRESH=60m - OAUTH2_PROXY_COOKIE_SECURE=true - OAUTH2_PROXY_COOKIE_HTTPONLY=false - OAUTH2_PROXY_COOKIE_SAMESITE=none - OAUTH2_PROXY_GITHUB_USER=brycecovert - OAUTH2_PROXY_REDIRECT_URL=https://comfyui.story-basking.ts.net/oauth2/callback - OAUTH2_PROXY_EMAIL_DOMAINS=* - OAUTH2_PROXY_UPSTREAMS=http://workstation:8188 - OAUTH2_PROXY_HTTP_ADDRESS=0.0.0.0:4180 - OAUTH2_PROXY_REVERSE_PROXY=true - OAUTH2_PROXY_PASS_AUTHORIZATION_HEADER=true - OAUTH2_PROXY_PASS_ACCESS_TOKEN=true - OAUTH2_PROXY_SET_XAUTHREQUEST=true - OAUTH2_PROXY_SKIP_PROVIDER_BUTTON=true - OAUTH2_PROXY_SKIP_AUTH_REGEX=^/ui - OAUTH2_PROXY_SESSION_STORE_TYPE=cookie - OAUTH2_PROXY_STANDARD_LOGGING=true - OAUTH2_PROXY_AUTH_LOGGING=true - OAUTH2_PROXY_REQUEST_LOGGING=true restart: unless-stopped network_mode: service:comfy_tailscale filebrowser_tailscale: image: tailscale/tailscale:latest hostname: filebrowser environment: - TS_AUTHKEY=$TS_AUTHKEY - TS_STATE_DIR=/var/lib/tailscale - TS_SERVE_CONFIG=/config/ts_serve.json - TS_USERSPACE=false volumes: - ./filebrowser/tailscale-state:/var/lib/tailscale - ./filebrowser/ts_serve.json:/config/ts_serve.json devices: - /dev/net/tun:/dev/net/tun cap_add: - net_admin - net_raw restart: unless-stopped filebrowser: image: hurlenko/filebrowser container_name: filebrowser user: "${UID}:${GID}" depends_on: - filebrowser_tailscale volumes: - /mnt/data/ai/ComfyUI/output:/data/comfyui-output - /home/noti/dev:/data/dev - ./filebrowser/database/:/database - ./filebrowser/config:/config environment: - FB_BASEURL=/filebrowser restart: unless-stopped network_mode: service:filebrowser_tailscale filebrowser_oauth2_proxy: image: quay.io/oauth2-proxy/oauth2-proxy:latest depends_on: - filebrowser_tailscale environment: - OAUTH2_PROXY_PROVIDER=github - OAUTH2_PROXY_LOGIN_URL=https://gitea.story-basking.ts.net/login/oauth/authorize - OAUTH2_PROXY_REDEEM_URL=https://gitea.story-basking.ts.net/login/oauth/access_token - OAUTH2_PROXY_VALIDATE_URL=https://gitea.story-basking.ts.net/api/v1/user/emails - OAUTH2_PROXY_CLIENT_ID=a7bd5538-8de8-47d2-9963-fd45ce1e0498 - OAUTH2_PROXY_CLIENT_SECRET=gto_5qj64uruo6qs35ay3eprbpbkslwq4e7pqe4i773ye4lfzeo6gwwq - OAUTH2_PROXY_COOKIE_SECRET=/kGl9ruL8N01Yx5Mj9kVFfuyTehhl3/5 - OAUTH2_PROXY_COOKIE_NAME=filebrowser_session - OAUTH2_PROXY_COOKIE_DOMAINS=.story-basking.ts.net - OAUTH2_PROXY_COOKIE_EXPIRE=168h0m0s - OAUTH2_PROXY_COOKIE_REFRESH=60m - OAUTH2_PROXY_COOKIE_SECURE=true - OAUTH2_PROXY_COOKIE_HTTPONLY=false - OAUTH2_PROXY_COOKIE_SAMESITE=none - OAUTH2_PROXY_GITHUB_USER=brycecovert - OAUTH2_PROXY_REDIRECT_URL=https://filebrowser.story-basking.ts.net/oauth2/callback - OAUTH2_PROXY_EMAIL_DOMAINS=* - OAUTH2_PROXY_UPSTREAMS=http://localhost:8080 - OAUTH2_PROXY_HTTP_ADDRESS=0.0.0.0:4180 - OAUTH2_PROXY_REVERSE_PROXY=true - OAUTH2_PROXY_PASS_AUTHORIZATION_HEADER=true - OAUTH2_PROXY_PASS_ACCESS_TOKEN=true - OAUTH2_PROXY_SET_XAUTHREQUEST=true - OAUTH2_PROXY_SKIP_PROVIDER_BUTTON=true - OAUTH2_PROXY_SKIP_AUTH_REGEX=^/ui - OAUTH2_PROXY_SESSION_STORE_TYPE=cookie - OAUTH2_PROXY_STANDARD_LOGGING=true - OAUTH2_PROXY_AUTH_LOGGING=true - OAUTH2_PROXY_REQUEST_LOGGING=true restart: unless-stopped network_mode: service:filebrowser_tailscale llama_tailscale: image: tailscale/tailscale:latest hostname: llama environment: - TS_AUTHKEY=$TS_AUTHKEY - TS_STATE_DIR=/var/lib/tailscale - TS_SERVE_CONFIG=/config/ts_serve.json - TS_USERSPACE=false volumes: - ./llama/tailscale-state:/var/lib/tailscale - ./llama/ts_serve.json:/config/ts_serve.json devices: - /dev/net/tun:/dev/net/tun cap_add: - net_admin - net_raw restart: unless-stopped llama_oauth2_proxy: image: quay.io/oauth2-proxy/oauth2-proxy:latest container_name: llama_oauth2_proxy depends_on: - llama_tailscale environment: - OAUTH2_PROXY_PROVIDER=github - OAUTH2_PROXY_LOGIN_URL=https://gitea.story-basking.ts.net/login/oauth/authorize - OAUTH2_PROXY_REDEEM_URL=https://gitea.story-basking.ts.net/login/oauth/access_token - OAUTH2_PROXY_VALIDATE_URL=https://gitea.story-basking.ts.net/api/v1/user/emails - OAUTH2_PROXY_CLIENT_ID=a7bd5538-8de8-47d2-9963-fd45ce1e0498 - OAUTH2_PROXY_CLIENT_SECRET=gto_5qj64uruo6qs35ay3eprbpbkslwq4e7pqe4i773ye4lfzeo6gwwq - OAUTH2_PROXY_COOKIE_SECRET=/kGl9ruL8N01Yx5Mj9kVFfuyTehhl3/5 - OAUTH2_PROXY_COOKIE_NAME=llama_session - OAUTH2_PROXY_COOKIE_DOMAINS=.story-basking.ts.net - OAUTH2_PROXY_COOKIE_EXPIRE=168h0m0s - OAUTH2_PROXY_COOKIE_REFRESH=60m - OAUTH2_PROXY_COOKIE_SECURE=true - OAUTH2_PROXY_COOKIE_HTTPONLY=false - OAUTH2_PROXY_COOKIE_SAMESITE=none - OAUTH2_PROXY_GITHUB_USER=brycecovert - OAUTH2_PROXY_REDIRECT_URL=https://llama.story-basking.ts.net/oauth2/callback - OAUTH2_PROXY_EMAIL_DOMAINS=* - OAUTH2_PROXY_UPSTREAMS=http://workstation:5082 - OAUTH2_PROXY_HTTP_ADDRESS=0.0.0.0:4180 - OAUTH2_PROXY_REVERSE_PROXY=true - OAUTH2_PROXY_PASS_AUTHORIZATION_HEADER=true - OAUTH2_PROXY_PASS_ACCESS_TOKEN=true - OAUTH2_PROXY_SET_XAUTHREQUEST=true - OAUTH2_PROXY_SKIP_PROVIDER_BUTTON=true - OAUTH2_PROXY_SKIP_AUTH_REGEX=^/ui - OAUTH2_PROXY_SESSION_STORE_TYPE=cookie - OAUTH2_PROXY_STANDARD_LOGGING=true - OAUTH2_PROXY_AUTH_LOGGING=true - OAUTH2_PROXY_REQUEST_LOGGING=true restart: unless-stopped network_mode: service:llama_tailscale