first commit

2024-06-03 18:43:35 +02:00
parent 2da01a3f6e
commit f501d519af
883 changed files with 71550 additions and 2 deletions
--- a/dockers/traefik/docker-compose.tmpl.yml.dist
+++ b/dockers/traefik/docker-compose.tmpl.yml.dist
@ -0,0 +1,219 @@
+version: '3'
+
+services:
+  reverse-proxy:
+    # The official v2 Traefik docker image
+    image: traefik:v2.10.7
+    container_name: ${traefikServName}
+    restart: ${restartPolicy}
+    # Enables the web UI and tells Traefik to listen to docker
+    ports:
+      # The HTTP port
+      - ${MAIN_IP}:80:80
+      - ${MAIN_IP}:443:443
+      # The Web UI (enabled by --api.insecure=true)
+      # - ${MAIN_IP}:8289:8289
+    volumes:
+      # So that Traefik can listen to the Docker events
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./conf:/etc/traefik/
+      - letsencrypt:/letsencrypt
+    environment:
+      - TRAEFIK_PROVIDERS_DOCKER=true
+      - TRAEFIK_PROVIDERS_DOCKER_EXPOSEDBYDEFAULT=false
+      - TRAEFIK_API=true
+      - TRAEFIK_PROVIDERS_FILE_DIRECTORY=/etc/traefik/dynamic
+      - TRAEFIK_ENTRYPOINTS_web_ADDRESS=:80
+      - TRAEFIK_ENTRYPOINTS_web_HTTP_REDIRECTIONS_ENTRYPOINT_TO=websecure
+      - TRAEFIK_ENTRYPOINTS_websecure_ADDRESS=:443
+      - TRAEFIK_ENTRYPOINTS_websecure_HTTP_TLS_CERTRESOLVER=letsencrypt
+      #- TRAEFIK_ENTRYPOINTS_metrics_ADDRESS=:8289
+      #- TRAEFIK_METRICS_PROMETHEUS_ENTRYPOINT=metrics
+      - TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_EMAIL=admin@${domain}
+      - TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_CASERVER=${acme_server}
+      - TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_STORAGE=/letsencrypt/acme.json
+      - TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_TLSCHALLENGE=true
+      - TRAEFIK_LOG_LEVEL=DEBUG
+      - TRAEFIK_ENTRYPOINTS_websecure_HTTP_MIDDLEWARES=hsts@file
+      #- LEGO_CA_CERTIFICATES=/etc/traefik/root_ca.crt
+      #- TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_HTTPCHALLENGE=true
+      #- TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_HTTPCHALLENGE_ENTRYPOINT=web
+      - TRAEFIK_API_DASHBOARD=true
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.traefik_https.rule=Host(`${site}.${domain}`) && PathPrefix(`/api`, `/dashboard`)"
+      - "traefik.http.routers.traefik_https.rule=Host(`${site}.${domain}`)"
+      - "traefik.http.routers.traefik_https.entrypoints=websecure"
+      # - "traefik.http.routers.traefik_https.tls=true"
+      - "traefik.http.routers.traefik_https.service=api@internal"
+      - "traefik.http.routers.traefik_https.middlewares=test-adminipwhitelist@file,traefik-auth"
+      # - "traefik.http.routers.traefik_https.tls.certresolver=letsencrypt"
+      - "traefik.http.middlewares.traefik-auth.basicauth.usersfile=/etc/traefik/passfile"
+    networks:
+      - traefikNet
+{{web
+      - webNet
+}}
+{{jirafeau
+      - jirafeauNet
+}}
+{{ethercalc
+      - ethercalcNet
+}}
+{{etherpad
+      - etherpadNet
+}}
+{{framadate
+      - framadateNet
+}}
+{{ldap
+      - ldapNet
+}}
+{{mobilizon
+      - mobilizonNet
+}}
+{{cloud
+      - cloudNet
+}}
+{{collabora
+      - collaboraNet
+}}
+{{paheko
+      - pahekoNet
+}}
+{{mattermost
+      - mattermostNet
+}}
+{{roundcube
+      - roundcubeNet
+}}
+{{gitea
+      - giteaNet
+}}
+{{dokuwiki
+      - dokuwikiNet
+}}
+{{postfix
+      - postfixNet
+}}
+{{vaultwarden
+      - vaultwardenNet
+}}
+{{imapsync
+      - imapsyncNet
+}}
+{{castopod
+      - castopodNet
+}}
+{{apikaz
+      - apikazNet
+}}
+
+#### BEGIN ORGA USE_NET
+#### END ORGA USE_NET
+
+networks:
+  traefikNet:
+    external: true
+    name: traefikNet
+{{web
+  webNet:
+    external: true
+    name: webNet
+}}
+{{jirafeau
+  jirafeauNet:
+    external: true
+    name: jirafeauNet
+}}
+{{ethercalc
+  ethercalcNet:
+    external: true
+    name: ethercalcNet
+}}
+{{etherpad
+  etherpadNet:
+    external: true
+    name: etherpadNet
+}}
+{{framadate
+  framadateNet:
+    external: true
+    name: framadateNet
+}}
+{{ldap
+  ldapNet:
+    external: true
+    name: ldapNet
+}}
+{{mobilizon
+  mobilizonNet:
+    external: true
+    name: mobilizonNet
+}}
+{{cloud
+  cloudNet:
+    external: true
+    name: cloudNet
+}}
+{{collabora
+  collaboraNet:
+    external: true
+    name: collaboraNet
+}}
+{{paheko
+  pahekoNet:
+    external: true
+    name: pahekoNet
+}}
+{{mattermost
+  mattermostNet:
+    external: true
+    name: mattermostNet
+}}
+{{roundcube
+  roundcubeNet:
+    external: true
+    name: roundcubeNet
+}}
+{{gitea
+  giteaNet:
+    external: true
+    name: giteaNet
+}}
+{{dokuwiki
+  dokuwikiNet:
+    external: true
+    name: dokuwikiNet
+}}
+{{postfix
+  postfixNet:
+    external: true
+    name: postfixNet
+}}
+{{vaultwarden
+  vaultwardenNet:
+    external: true
+    name: vaultwardenNet
+}}
+{{imapsync
+  imapsyncNet:
+    external: true
+    name: imapsyncNet
+}}
+{{castopod
+  castopodNet:
+    external: true
+    name: castopodNet
+}}
+{{api
+  apikazNet:
+    external: true
+    name: apikazNet
+}}
+
+#### BEGIN ORGA DEF_NET
+#### END ORGA DEF_NET
+
+volumes:
+  letsencrypt: