feat: migrate all stacks to Coolify (proxy network, clean labels, pull_policy)

- Remove traefik.enable, traefik.docker.network, traefik.http.routers.* from all services - Keep traefik.http.services.<name>.loadbalancer.server.port labels - Keep all middleware definitions (forwardauth, headers, redirects) - Add pull_policy: always to main/frontend services - Add proxy network + label to gitea and karakeep (previously missing) - Add COOLIFY-TEMPLATE.md reference guide Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-03-23 01:51:55 +00:00
parent 95f93094da
commit 9e82928049
11 changed files with 198 additions and 150 deletions
--- a/media-server/docker-compose.yml
+++ b/media-server/docker-compose.yml
@@ -21,6 +21,7 @@ services:
  prowlarr:
    image: lscr.io/linuxserver/prowlarr:latest
    container_name: prowlarr
+    pull_policy: always
    environment:
      - PUID=0
      - PGID=0
@@ -32,18 +33,12 @@ services:
      - media
      - proxy
    labels:
-      - traefik.enable=true
-      - traefik.docker.network=proxy
-      - traefik.http.routers.prowlarr.rule=Host(`${PROWLARR_HOST}`)
-      - traefik.http.routers.prowlarr.entrypoints=websecure
-      - traefik.http.routers.prowlarr.tls=true
-      - traefik.http.routers.prowlarr.tls.certresolver=letsencrypt
-      - traefik.http.routers.prowlarr.middlewares=ths-authentik@docker
      - traefik.http.services.prowlarr.loadbalancer.server.port=9696

  jackett:
    image: lscr.io/linuxserver/jackett:latest
    container_name: jackett
+    pull_policy: always
    environment:
      - PUID=0
      - PGID=0
@@ -55,18 +50,12 @@ services:
      - media
      - proxy
    labels:
-      - traefik.enable=true
-      - traefik.docker.network=proxy
-      - traefik.http.routers.jackett.rule=Host(`${JACKETT_HOST}`)
-      - traefik.http.routers.jackett.entrypoints=websecure
-      - traefik.http.routers.jackett.tls=true
-      - traefik.http.routers.jackett.tls.certresolver=letsencrypt
-      - traefik.http.routers.jackett.middlewares=ths-authentik@docker
      - traefik.http.services.jackett.loadbalancer.server.port=9117

  sonarr:
    image: lscr.io/linuxserver/sonarr:latest
    container_name: sonarr
+    pull_policy: always
    environment:
      - PUID=0
      - PGID=0
@@ -80,18 +69,12 @@ services:
      - media
      - proxy
    labels:
-      - traefik.enable=true
-      - traefik.docker.network=proxy
-      - traefik.http.routers.sonarr.rule=Host(`${SONARR_HOST}`)
-      - traefik.http.routers.sonarr.entrypoints=websecure
-      - traefik.http.routers.sonarr.tls=true
-      - traefik.http.routers.sonarr.tls.certresolver=letsencrypt
-      - traefik.http.routers.sonarr.middlewares=ths-authentik@docker
      - traefik.http.services.sonarr.loadbalancer.server.port=8989

  radarr:
    image: lscr.io/linuxserver/radarr:latest
    container_name: radarr
+    pull_policy: always
    environment:
      - PUID=0
      - PGID=0
@@ -105,18 +88,12 @@ services:
      - media
      - proxy
    labels:
-      - traefik.enable=true
-      - traefik.docker.network=proxy
-      - traefik.http.routers.radarr.rule=Host(`${RADARR_HOST}`)
-      - traefik.http.routers.radarr.entrypoints=websecure
-      - traefik.http.routers.radarr.tls=true
-      - traefik.http.routers.radarr.tls.certresolver=letsencrypt
-      - traefik.http.routers.radarr.middlewares=ths-authentik@docker
      - traefik.http.services.radarr.loadbalancer.server.port=7878

  jellyseerr:
    image: fallenbagel/jellyseerr:latest
    container_name: jellyseerr
+    pull_policy: always
    environment:
      - LOG_LEVEL=debug
      - TZ=${TZ:-Europe/Madrid}
@@ -127,19 +104,13 @@ services:
      - media
      - proxy
    labels:
-      - traefik.enable=true
-      - traefik.docker.network=proxy
-      - traefik.http.routers.jellyseerr.rule=Host(`${JELLYSEERR_HOST}`)
-      - traefik.http.routers.jellyseerr.entrypoints=websecure
-      - traefik.http.routers.jellyseerr.tls=true
-      - traefik.http.routers.jellyseerr.tls.certresolver=letsencrypt
-      - traefik.http.routers.jellyseerr.middlewares=ths-authentik@docker
      - traefik.http.services.jellyseerr.loadbalancer.server.port=5055

  # Opcional: Jellyfin en VPS (sin GPU)
  jellyfin:
    image: lscr.io/linuxserver/jellyfin:latest
    container_name: jellyfin-vps
+    pull_policy: always
    environment:
      - PUID=0
      - PGID=0
@@ -155,12 +126,4 @@ services:
      - media
      - proxy
    labels:
-      - traefik.enable=true
-      - traefik.docker.network=proxy
-      - traefik.http.routers.jellyfin.rule=Host(`${JELLYFIN_HOST}`)
-      - traefik.http.routers.jellyfin.entrypoints=websecure
-      - traefik.http.routers.jellyfin.tls=true
-      - traefik.http.routers.jellyfin.tls.certresolver=letsencrypt
-      - traefik.http.routers.jellyfin.middlewares=ths-authentik@docker
      - traefik.http.services.jellyfin.loadbalancer.server.port=8096
-