# Docker Server ## Access - **Hostname**: DOCKER - **FQDN**: DOCKER.dohertylan.com - **IP**: 10.100.0.35 (LAN_100) / 10.50.0.35 (DATA_50) / 10.200.0.35 (IOT_200) - **OS**: Debian 13 (Trixie) 13.3, kernel 6.12.69+deb13-amd64 - **SSH**: `ssh dohertj2@10.100.0.35` (passwordless) — this is the local machine for Claude Code - **Docker**: 29.2.1 - **Docker Compose**: v5.0.2 ## Hardware (VM on ESXi) - **CPU**: 22 vCPUs (Intel Xeon E5-2697 v4 @ 2.30GHz) - **RAM**: 32 GB - **Disk**: /dev/sda1 999 GB ext4 (930 GB free) ## Network | Interface | MAC | IP | MTU | Port Group | |-----------|-----|-----|-----|------------| | ens192 | 00:0c:29:cf:bb:bb | 10.100.0.35/24 | 1500 | LAN_100 | | ens256 | 00:0c:29:cf:bb:c5 | 10.50.0.35/24 | 9000 | DATA_50 | | ens161 | 00:0c:29:cf:bb:cf | 10.200.0.35/24 | 1500 | IOT_200 | - **Default gateway**: 10.100.0.1 (via ens192) - **DNS**: 10.100.0.1 - **Domain**: dohertylan.com ### Docker Networks | Network | Driver | |---------|--------| | traefik | bridge | | semaphore_default | bridge | ## NFS Mounts (via TrueNAS DATA_50) All mounts use NFS 4.2 with `nconnect=8,_netdev,nofail,x-systemd.automount`. | Mount Point | NFS Export | |-------------|-----------| | /mnt/share | 10.50.0.25:/mnt/mypool/share | | /mnt/other | 10.50.0.25:/mnt/mypool/Other | ## Reverse Proxy (Traefik) Traefik handles HTTPS ingress on ports 80/443. All services below are accessed via `*.dohertylan.com` through Traefik, with Authelia providing SSO/2FA. Cloudflare Companion auto-updates DNS records. ## Docker Containers All 21 containers running. Most are on the `traefik` network. ### Infrastructure | Container | Image | URL | Port | Purpose | |-----------|-------|-----|------|---------| | traefik | traefik:latest | traefik.dohertylan.com | 80, 443 | Reverse proxy | | authelia | authelia/authelia:latest | auth.dohertylan.com | 9091 | SSO / 2FA | | cloudflare-companion | tiredofit/traefik-cloudflare-companion:latest | — | — | Auto DNS updates | | portainer | portainer/portainer-ce:latest | portainer.dohertylan.com | 9000, 9443 | Docker management UI | | homepage | ghcr.io/gethomepage/homepage:latest | home.dohertylan.com | 3000 | Dashboard | | uptime-kuma | louislam/uptime-kuma:latest | uptime.dohertylan.com | 3001 | Uptime monitoring | ### Media Management (Arr Stack) | Container | Image | URL | Port | Purpose | |-----------|-------|-----|------|---------| | sonarr | lscr.io/linuxserver/sonarr:latest | sonarr.dohertylan.com | 8989 | TV show management | | radarr | lscr.io/linuxserver/radarr:latest | radarr.dohertylan.com | 7878 | Movie management | | whisparr | ghcr.io/hotio/whisparr:v3 | whisp.dohertylan.com | 6969 | Adult content management | | prowlarr | lscr.io/linuxserver/prowlarr:latest | prowlarr.dohertylan.com | 9696 | Indexer manager | | seerr | ghcr.io/seerr-team/seerr:latest | requests.dohertylan.com | 5055 | Media request UI | | profilarr | santiagosayshey/profilarr:latest | profilarr.dohertylan.com | 6868 | Quality profile sync | | tautulli | ghcr.io/tautulli/tautulli:latest | tautulli.dohertylan.com | 8181 | Plex analytics | ### Downloads | Container | Image | URL | Port | Purpose | |-----------|-------|-----|------|---------| | nzbget | nzbgetcom/nzbget:latest | nzb.dohertylan.com | 6789 | Usenet downloader | | gluetun | qmcgaw/gluetun:latest | — | 6881 | VPN container | | qbittorrent | linuxserver/qbittorrent:latest | — (via gluetun) | — | Torrent client (VPN) | ### Utilities | Container | Image | URL | Port | Purpose | |-----------|-------|-----|------|---------| | microbin | danielszabo99/microbin:latest | bin.dohertylan.com | 8080 | Pastebin | | ittools | corentinth/it-tools:latest | ittools.dohertylan.com | 80 | IT utilities | | stash | stashapp/stash:latest | stash.dohertylan.com | 9999 | Media organizer | | ilo-fan | ilo_fan-ilo-fan | fan.dohertylan.com | 8000 | iLO fan control | ### Automation | Container | Image | URL | Port | Purpose | |-----------|-------|-----|------|---------| | semaphore | semaphoreui/semaphore:latest | http://10.100.0.35:3000 | 3000 | Ansible UI | ### lmxopcua (carry `project=lmxopcua` label) Stacks under `/opt/otopcua-*/` migrated from the Wonderware dev VM (DESKTOP-6JL3KKO) on 2026-04-28. Discoverable via `docker ps --filter label=project=lmxopcua`. Brought up on demand by the developer from WW via `lmxopcua-fix.ps1` (in `~/bin/` on WW), which SSHes here and runs compose. | Container/Stack | Image | Port | Purpose | |---|---|---|---| | otopcua-mssql (always-on) | mcr.microsoft.com/mssql/server:2022-latest | 14330→1433 | Central config DB for OtOpcUa v2 | | otopcua-pymodbus-* | otopcua-pymodbus:3.13.0 (local build) | 5020 | Modbus driver test fixture (5 profiles) | | otopcua-ab-server-* | otopcua-ab-server:libplctag-release (local build) | 44818 | AB CIP driver test fixture (4 profiles) | | otopcua-python-snap7-* | otopcua-python-snap7:1.0 (local build) | 1102 | S7 driver test fixture | | otopcua-opc-plc | mcr.microsoft.com/iotedge/opc-plc:2.14.10 | 50000 | OPC UA reference simulator | ## Semaphore / Ansible - **Semaphore UI**: http://10.100.0.35:3000 - **Data**: `/opt/semaphore/data/database.sqlite` - **Compose file**: `/opt/semaphore/docker-compose.yml` ### Ansible Playbook - **Location**: `/home/dohertj2/playbook/` - **Main playbook**: `/home/dohertj2/playbook/site.yml` - **Roles**: `/home/dohertj2/playbook/roles/` - **Import tasks**: `/home/dohertj2/playbook/import/` (radarr, sonarr, nzbget, prowlarr, docker-compose-arr) - **iLO fan playbook**: `/home/dohertj2/playbook/ilo_fan/` ## Docker Compose Locations All compose files are under `/opt//docker-compose.yml`: ``` /opt/traefik/ /opt/portainer/ /opt/homepage/ /opt/sonarr/ /opt/radarr/ /opt/whisparr/ /opt/prowlarr/ /opt/seerr/ /opt/profilarr/ /opt/tautulli/ /opt/nzbget/ /opt/vpn_downloads/ /opt/uptime_kuma/ /opt/stash/ /opt/utilities/ /opt/semaphore/ /opt/ilo_fan/ /opt/otopcua-mssql/ /opt/otopcua-modbus/ /opt/otopcua-abcip/ /opt/otopcua-s7/ /opt/otopcua-opcuaclient/ ```