cloudflared/docker-compose.portainer.yml

# Docker Compose configuration for setting up a Cloudflare Tunnel container
#
# This configuration pulls the latest Cloudflare Tunnel image from the specified repository
# and includes options for logging, automatic updates using Watchtower, health checks, and volume mounting.

services:

  # Cloudflare Tunnel Service
  cloudflare-tunnel:
    image: cloudflare/cloudflared:latest              # Pull the latest version of the Cloudflare Tunnel image
    container_name: cloudflare-tunnel                 # Name of the Cloudflare Tunnel container
    hostname: cloudflare-tunnel                       # Hostname for the Cloudflare Tunnel container

    user: root

    restart: unless-stopped                           # Restart the container unless manually stopped

    # Logging configuration for Cloudflare Tunnel container
    logging:
      driver: "json-file"                             # Use the default json-file logging driver
      options:
        max-size: "100m"                              # Maximum log file size before rotation (100 MB)
        max-file: "10"                                # Maximum number of log files to retain (10)

    # Network mode configuration
    network_mode: "host"                              # Use the host network (no isolation between host and container)

    # Command to run Cloudflare Tunnel
    command: 'tunnel --no-autoupdate run'                               # Command to start the Cloudflare tunnel

    # Volume configuration for time synchronization and hosts file persistence
    volumes:
      - /etc/localtime:/etc/localtime:ro              # Synchronize time with the host
      - /volume1/docker/cloudflared:/root/.cloudflared
      - /volume1/docker/cloudflared/etc:/etc/cloudflared

      #- ./config/hosts:/etc/hosts                     # Mount hosts file from host to container

    # Environment variables for Cloudflare Tunnel
    # cloudflared.exe service install eyJhIjoiMmZlYjExZmRkOWZhNzNhMmFiNDgwNTIyMzg2YmQ3MzUiLCJ0IjoiZmI1OWYwODEtYWM3Mi00ZmQ5LWJhZDMtOTIxMWI5MzFkNWU1IiwicyI6IllqWXdaVFEyTURrdFpHVXpPUzAwTnpNMkxUazJPREl0T0RGak9UZ3dOelV3Tm1ZeCJ9
    environment:
      - NO_AUTOUPDATE=true 
      - "TUNNEL_TOKEN=${CLOUDFLARE_TUNNEL_TOKEN}"     # Pass the Cloudflare Tunnel token from environment variable
    
    # Health check configuration to verify Cloudflare Tunnel readiness
    healthcheck:
      test: ["CMD", "cloudflared", "--version"]       # Check if cloudflared version command works
      interval: 30s                                   # Time between health check attempts
      timeout: 10s                                    # Time to wait for a response
      retries: 3                                      # Number of retries before marking as unhealthy
      start_period: 10s                               # Delay before health checks begin

    # Container labels for additional metadata
    labels:
      - "com.centurylinklabs.watchtower.enable=true"  # Enable automatic updates with Watchtower


#
####################################################
#                                                  #
#             -------DDNS-Updater-------           #
#                                                  #
####################################################
#
  ddns-updater:
    container_name: ddns-updater
    restart: always
    hostname: ddns-updater
    environment:
      - TZ=America/Toronto
      - PUID=$PUID
      - PGID=$PGID
      - PERIOD=5m
      - UPDATE_COOLDOWN_PERIOD=5m
      - PUBLICIP_FETCHERS=all
      - PUBLICIP_HTTP_PROVIDERS=all
      - PUBLICIPV4_HTTP_PROVIDERS=all
      - PUBLICIPV6_HTTP_PROVIDERS=all
      - PUBLICIP_DNS_PROVIDERS=all
      - PUBLICIP_DNS_TIMEOUT=3s
      - HTTP_TIMEOUT=10s
      - LISTENING_PORT=8000
      - HEALTH_SERVER_ADDRESS=127.0.0.1:9999
      - ROOT_URL=/
      - BACKUP_PERIOD=24h # 0 to disable
      - BACKUP_DIRECTORY=/updater/data
      - LOG_LEVEL=info
      - LOG_CALLER=hidden
      - SHOUTRRR_ADDRESSES=pushover://shoutrrr:$PUSHOVER_API@$PUSHOVER_USER_KEY
    volumes:
      - /volume1/docker/ddns-updater:/updater/data
    ports:
      - 8002:8000/tcp
    user: $PUID:$PGID
    image: 'qmcgaw/ddns-updater:latest'
#
feat: Add new Portainer stacks, setup scripts, and configurations for various services including filebrowser, paperless, and firefly. 2026-02-22 11:53:11 -05:00			`# Docker Compose configuration for setting up a Cloudflare Tunnel container`
			`#`
			`# This configuration pulls the latest Cloudflare Tunnel image from the specified repository`
			`# and includes options for logging, automatic updates using Watchtower, health checks, and volume mounting.`

			`services:`

			`# Cloudflare Tunnel Service`
			`cloudflare-tunnel:`
			`image: cloudflare/cloudflared:latest # Pull the latest version of the Cloudflare Tunnel image`
			`container_name: cloudflare-tunnel # Name of the Cloudflare Tunnel container`
			`hostname: cloudflare-tunnel # Hostname for the Cloudflare Tunnel container`

			`user: root`

			`restart: unless-stopped # Restart the container unless manually stopped`

			`# Logging configuration for Cloudflare Tunnel container`
			`logging:`
			`driver: "json-file" # Use the default json-file logging driver`
			`options:`
			`max-size: "100m" # Maximum log file size before rotation (100 MB)`
			`max-file: "10" # Maximum number of log files to retain (10)`

			`# Network mode configuration`
			`network_mode: "host" # Use the host network (no isolation between host and container)`

			`# Command to run Cloudflare Tunnel`
			`command: 'tunnel --no-autoupdate run' # Command to start the Cloudflare tunnel`

			`# Volume configuration for time synchronization and hosts file persistence`
			`volumes:`
			`- /etc/localtime:/etc/localtime:ro # Synchronize time with the host`
			`- /volume1/docker/cloudflared:/root/.cloudflared`
			`- /volume1/docker/cloudflared/etc:/etc/cloudflared`

			`#- ./config/hosts:/etc/hosts # Mount hosts file from host to container`

			`# Environment variables for Cloudflare Tunnel`
			`# cloudflared.exe service install eyJhIjoiMmZlYjExZmRkOWZhNzNhMmFiNDgwNTIyMzg2YmQ3MzUiLCJ0IjoiZmI1OWYwODEtYWM3Mi00ZmQ5LWJhZDMtOTIxMWI5MzFkNWU1IiwicyI6IllqWXdaVFEyTURrdFpHVXpPUzAwTnpNMkxUazJPREl0T0RGak9UZ3dOelV3Tm1ZeCJ9`
			`environment:`
			`- NO_AUTOUPDATE=true`
			`- "TUNNEL_TOKEN=${CLOUDFLARE_TUNNEL_TOKEN}" # Pass the Cloudflare Tunnel token from environment variable`

			`# Health check configuration to verify Cloudflare Tunnel readiness`
			`healthcheck:`
			`test: ["CMD", "cloudflared", "--version"] # Check if cloudflared version command works`
			`interval: 30s # Time between health check attempts`
			`timeout: 10s # Time to wait for a response`
			`retries: 3 # Number of retries before marking as unhealthy`
			`start_period: 10s # Delay before health checks begin`

			`# Container labels for additional metadata`
			`labels:`
			`- "com.centurylinklabs.watchtower.enable=true" # Enable automatic updates with Watchtower`


			`#`
			`####################################################`
			`# #`
			`# -------DDNS-Updater------- #`
			`# #`
			`####################################################`
			`#`
			`ddns-updater:`
			`container_name: ddns-updater`
			`restart: always`
			`hostname: ddns-updater`
			`environment:`
			`- TZ=America/Toronto`
			`- PUID=$PUID`
			`- PGID=$PGID`
			`- PERIOD=5m`
			`- UPDATE_COOLDOWN_PERIOD=5m`
			`- PUBLICIP_FETCHERS=all`
			`- PUBLICIP_HTTP_PROVIDERS=all`
			`- PUBLICIPV4_HTTP_PROVIDERS=all`
			`- PUBLICIPV6_HTTP_PROVIDERS=all`
			`- PUBLICIP_DNS_PROVIDERS=all`
			`- PUBLICIP_DNS_TIMEOUT=3s`
			`- HTTP_TIMEOUT=10s`
			`- LISTENING_PORT=8000`
			`- HEALTH_SERVER_ADDRESS=127.0.0.1:9999`
			`- ROOT_URL=/`
			`- BACKUP_PERIOD=24h # 0 to disable`
			`- BACKUP_DIRECTORY=/updater/data`
			`- LOG_LEVEL=info`
			`- LOG_CALLER=hidden`
			`- SHOUTRRR_ADDRESSES=pushover://shoutrrr:$PUSHOVER_API@$PUSHOVER_USER_KEY`
			`volumes:`
			`- /volume1/docker/ddns-updater:/updater/data`
			`ports:`
			`- 8002:8000/tcp`
			`user: $PUID:$PGID`
			`image: 'qmcgaw/ddns-updater:latest'`
			`#`