Compare commits

..

1 Commits

Author SHA1 Message Date
Raphael Martin
e1c3f4d2b9 changed licens wrong name 2024-01-05 21:05:21 +01:00
6 changed files with 21 additions and 16 deletions

View File

@ -1,6 +1,6 @@
MIT License MIT License
Copyright (c) 2023 altogether Copyright (c) 2023 altogether
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

View File

@ -1,4 +1,4 @@
version: "3.9" version: "1.0"
networks: networks:
default: default:

View File

@ -1,4 +1,4 @@
version: "3.9" version: "3.8"
networks: networks:
default: default:
@ -23,13 +23,13 @@ services:
- "traefik.docker.network=${TRAEFIK_NETWORK}" - "traefik.docker.network=${TRAEFIK_NETWORK}"
# HTTP -> HTTPS # HTTP -> HTTPS
- "traefik.http.routers.http-catchall.entrypoints=web" #- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)" #- "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https" #- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" #- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# HTTPS Routers # HTTPS Routers
- "traefik.http.routers.${PROJECT_NAME}_traefik.rule=Host(`${PROJECT_URL}`)" - "traefik.http.routers.${PROJECT_NAME}_traefik.rule=Host(`${PROJECT_URL}`)"
- "traefik.http.services.${PROJECT_NAME}_traefik.loadbalancer.server.port=8080" - "traefik.http.services.${PROJECT_NAME}_traefik.loadbalancer.server.port=8080"
- "traefik.http.routers.${PROJECT_NAME}_traefik.tls=true" - "traefik.http.routers.${PROJECT_NAME}_traefik.tls=true"
- "traefik.http.routers.${PROJECT_NAME}_traefik.entrypoints=websecure" - "traefik.http.routers.${PROJECT_NAME}_traefik.entrypoints=websecure"

2
init
View File

@ -6,8 +6,6 @@ mkdir tls-data
docker network create $TRAEFIK_NETWORK docker network create $TRAEFIK_NETWORK
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./tls-data/selfsigned.key -out ./tls-data/selfsigned.crt
docker compose up -d docker compose up -d
docker compose -f docker-compose-whoami.yml up -d docker compose -f docker-compose-whoami.yml up -d

12
tls.yml
View File

@ -12,16 +12,18 @@ tls:
stores: stores:
default: default:
defaultCertificate: defaultCertificate:
certFile: /tls/selfsigned.crt certFile: /tls/CF-altogether.at.crt
keyFile: /tls/selfsigned.key keyFile: /tls/CF-altogether.at.key
certificates: certificates:
- certFile: /tls/selfsigned.crt - certFile: /tls/CF-altogether.at.crt
keyFile: /tls/selfsigned.key keyFile: /tls/CF-altogether.at.key
- certFile: /tls/wordpress.localhost.crt
keyFile: /tls/wordpress.localhost.key
options: options:
default: default:
clientAuth: clientAuth:
# in PEM format. each file can contain multiple CAs. # in PEM format. each file can contain multiple CAs.
caFiles: caFiles:
- /tls/selfsigned.crt - /tls/server.crt
clientAuthType: VerifyClientCertIfGiven clientAuthType: VerifyClientCertIfGiven

View File

@ -28,6 +28,8 @@ entryPoints:
http: http:
middlewares: middlewares:
- secureHeaders@file - secureHeaders@file
minecraft:
address: ':25565/tcp'
ssh: ssh:
address: ":22" address: ":22"
@ -35,6 +37,9 @@ providers:
docker: docker:
endpoint: "unix:///var/run/docker.sock" endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false exposedByDefault: false
# endpoint: "tcp://dockerproxy:2375"
# swarmMode: false
# network: "socket_proxy"
file: file:
watch: true watch: true
directory: "/etc/traefik/dynamic_conf" directory: "/etc/traefik/dynamic_conf"
@ -42,6 +47,6 @@ providers:
certificatesresolvers: certificatesresolvers:
le: le:
acme: acme:
email: "rama@altogether.at" email: "raphy.martin@protonmail.ch"
storage: "/certificates/acme.json" storage: "/certificates/acme.json"
tlschallenge: true tlschallenge: true