# Full corrected Immich/Media stack (Traefik-ready) # Requires pre-existing external overlay: traefik-public version: '3.9' networks: traefik-public: external: true media-backend: driver: overlay volumes: plex_config: jellyfin_config: immich_upload: immich_model_cache: immich_db: immich_redis: homarr_config: services: homarr: image: ghcr.io/ajnart/homarr:latest networks: - traefik-public - media-backend volumes: - homarr_config:/app/data - /var/run/docker.sock:/var/run/docker.sock:ro environment: - TZ=America/Chicago deploy: placement: constraints: - node.labels.leader == true - node.role == manager labels: - "traefik.enable=true" - "traefik.http.routers.homarr-router.rule=Host(`homarr.sj98.duckdns.org`)" - "traefik.http.routers.homarr-router.entrypoints=websecure" - "traefik.http.routers.homarr-router.tls.certresolver=leresolver" - "traefik.http.services.homarr.loadbalancer.server.port=7575" - "traefik.docker.network=traefik-public" resources: limits: memory: 512M reservations: memory: 128M restart_policy: condition: on-failure max_attempts: 3 plex: image: plexinc/pms-docker:latest hostname: plex networks: - traefik-public - media-backend volumes: - plex_config:/config - /mnt/media:/media:ro environment: - TZ=America/Chicago - PLEX_CLAIM=claim-xxxxxxxxxxxx - ADVERTISE_IP=http://192.168.1.196:32400/ deploy: placement: constraints: - node.role == manager labels: - "traefik.enable=true" - "traefik.http.routers.plex-router.rule=Host(`plex.sj98.duckdns.org`)" - "traefik.http.routers.plex-router.entrypoints=websecure" - "traefik.http.routers.plex-router.tls.certresolver=leresolver" - "traefik.http.services.plex.loadbalancer.server.port=32400" - "traefik.docker.network=traefik-public" restart_policy: condition: on-failure max_attempts: 3 jellyfin: image: jellyfin/jellyfin:latest networks: - traefik-public - media-backend volumes: - jellyfin_config:/config - /mnt/media:/media:ro environment: - TZ=America/Chicago deploy: placement: constraints: - node.role == manager labels: - "traefik.enable=true" - "traefik.http.routers.jellyfin-router.rule=Host(`jellyfin.sj98.duckdns.org`)" - "traefik.http.routers.jellyfin-router.entrypoints=websecure" - "traefik.http.routers.jellyfin-router.tls.certresolver=leresolver" - "traefik.http.services.jellyfin.loadbalancer.server.port=8096" - "traefik.docker.network=traefik-public" restart_policy: condition: on-failure max_attempts: 3 immich-server: image: ghcr.io/immich-app/immich-server:release networks: - traefik-public - media-backend volumes: - /mnt/media/immich:/usr/src/app/upload - /etc/localtime:/etc/localtime:ro environment: - DB_HOSTNAME=immich-db - DB_USERNAME=immich - DB_PASSWORD=immich - DB_DATABASE_NAME=immich - REDIS_HOSTNAME=immich-redis - TZ=America/Chicago depends_on: - immich-redis - immich-db deploy: placement: constraints: - node.labels.leader == true - node.role == manager labels: - "traefik.enable=true" - "traefik.http.routers.immich-server-router.rule=Host(`immich.sj98.duckdns.org`)" - "traefik.http.routers.immich-server-router.entrypoints=websecure" - "traefik.http.routers.immich-server-router.tls.certresolver=leresolver" - "traefik.http.services.immich-server.loadbalancer.server.port=2283" - "traefik.docker.network=traefik-public" # Immich-specific headers and settings - "traefik.http.routers.immich-server-router.middlewares=immich-headers" - "traefik.http.middlewares.immich-headers.headers.customrequestheaders.X-Forwarded-Proto=https" - "traefik.http.services.immich-server.loadbalancer.passhostheader=true" resources: limits: memory: 2G restart_policy: condition: on-failure max_attempts: 3 immich-machine-learning: image: ghcr.io/immich-app/immich-machine-learning:release networks: - media-backend volumes: - immich_model_cache:/cache environment: - TZ=America/Chicago depends_on: - immich-server deploy: placement: constraints: - node.labels.heavy == true - node.labels.ai == true restart_policy: condition: on-failure max_attempts: 3 immich-redis: image: redis:7-alpine networks: - media-backend volumes: - immich_redis:/data deploy: placement: constraints: - node.labels.leader == true - node.role == manager restart_policy: condition: on-failure max_attempts: 3 immich-db: image: tensorchord/pgvecto-rs:pg14-v0.2.0 networks: - media-backend volumes: - /mnt/database/immich:/var/lib/postgresql/data environment: - POSTGRES_PASSWORD=immich - POSTGRES_USER=immich - POSTGRES_DB=immich deploy: placement: constraints: - node.labels.leader == true - node.role == manager restart_policy: condition: on-failure max_attempts: 3