Compare commits
1 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
e1c3f4d2b9 |
2
LICENSE
2
LICENSE
@ -1,6 +1,6 @@
|
|||||||
MIT License
|
MIT License
|
||||||
|
|
||||||
Copyright (c) 2023 altogether
|
Copyright (c) 2023 altogether
|
||||||
|
|
||||||
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
version: "3.9"
|
version: "1.0"
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
default:
|
default:
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
version: "3.9"
|
version: "3.8"
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
default:
|
default:
|
||||||
@ -23,13 +23,13 @@ services:
|
|||||||
- "traefik.docker.network=${TRAEFIK_NETWORK}"
|
- "traefik.docker.network=${TRAEFIK_NETWORK}"
|
||||||
|
|
||||||
# HTTP -> HTTPS
|
# HTTP -> HTTPS
|
||||||
- "traefik.http.routers.http-catchall.entrypoints=web"
|
#- "traefik.http.routers.http-catchall.entrypoints=web"
|
||||||
- "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
|
#- "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
|
||||||
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
|
#- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
|
||||||
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
#- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
||||||
|
|
||||||
# HTTPS Routers
|
# HTTPS Routers
|
||||||
- "traefik.http.routers.${PROJECT_NAME}_traefik.rule=Host(`${PROJECT_URL}`)"
|
- "traefik.http.routers.${PROJECT_NAME}_traefik.rule=Host(`${PROJECT_URL}`)"
|
||||||
- "traefik.http.services.${PROJECT_NAME}_traefik.loadbalancer.server.port=8080"
|
- "traefik.http.services.${PROJECT_NAME}_traefik.loadbalancer.server.port=8080"
|
||||||
- "traefik.http.routers.${PROJECT_NAME}_traefik.tls=true"
|
- "traefik.http.routers.${PROJECT_NAME}_traefik.tls=true"
|
||||||
- "traefik.http.routers.${PROJECT_NAME}_traefik.entrypoints=websecure"
|
- "traefik.http.routers.${PROJECT_NAME}_traefik.entrypoints=websecure"
|
2
init
2
init
@ -6,8 +6,6 @@ mkdir tls-data
|
|||||||
|
|
||||||
docker network create $TRAEFIK_NETWORK
|
docker network create $TRAEFIK_NETWORK
|
||||||
|
|
||||||
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./tls-data/selfsigned.key -out ./tls-data/selfsigned.crt
|
|
||||||
|
|
||||||
docker compose up -d
|
docker compose up -d
|
||||||
docker compose -f docker-compose-whoami.yml up -d
|
docker compose -f docker-compose-whoami.yml up -d
|
||||||
|
|
||||||
|
12
tls.yml
12
tls.yml
@ -12,16 +12,18 @@ tls:
|
|||||||
stores:
|
stores:
|
||||||
default:
|
default:
|
||||||
defaultCertificate:
|
defaultCertificate:
|
||||||
certFile: /tls/selfsigned.crt
|
certFile: /tls/CF-altogether.at.crt
|
||||||
keyFile: /tls/selfsigned.key
|
keyFile: /tls/CF-altogether.at.key
|
||||||
certificates:
|
certificates:
|
||||||
- certFile: /tls/selfsigned.crt
|
- certFile: /tls/CF-altogether.at.crt
|
||||||
keyFile: /tls/selfsigned.key
|
keyFile: /tls/CF-altogether.at.key
|
||||||
|
|
||||||
|
- certFile: /tls/wordpress.localhost.crt
|
||||||
|
keyFile: /tls/wordpress.localhost.key
|
||||||
options:
|
options:
|
||||||
default:
|
default:
|
||||||
clientAuth:
|
clientAuth:
|
||||||
# in PEM format. each file can contain multiple CAs.
|
# in PEM format. each file can contain multiple CAs.
|
||||||
caFiles:
|
caFiles:
|
||||||
- /tls/selfsigned.crt
|
- /tls/server.crt
|
||||||
clientAuthType: VerifyClientCertIfGiven
|
clientAuthType: VerifyClientCertIfGiven
|
@ -28,6 +28,8 @@ entryPoints:
|
|||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
- secureHeaders@file
|
- secureHeaders@file
|
||||||
|
minecraft:
|
||||||
|
address: ':25565/tcp'
|
||||||
ssh:
|
ssh:
|
||||||
address: ":22"
|
address: ":22"
|
||||||
|
|
||||||
@ -35,6 +37,9 @@ providers:
|
|||||||
docker:
|
docker:
|
||||||
endpoint: "unix:///var/run/docker.sock"
|
endpoint: "unix:///var/run/docker.sock"
|
||||||
exposedByDefault: false
|
exposedByDefault: false
|
||||||
|
# endpoint: "tcp://dockerproxy:2375"
|
||||||
|
# swarmMode: false
|
||||||
|
# network: "socket_proxy"
|
||||||
file:
|
file:
|
||||||
watch: true
|
watch: true
|
||||||
directory: "/etc/traefik/dynamic_conf"
|
directory: "/etc/traefik/dynamic_conf"
|
||||||
@ -42,6 +47,6 @@ providers:
|
|||||||
certificatesresolvers:
|
certificatesresolvers:
|
||||||
le:
|
le:
|
||||||
acme:
|
acme:
|
||||||
email: "rama@altogether.at"
|
email: "raphy.martin@protonmail.ch"
|
||||||
storage: "/certificates/acme.json"
|
storage: "/certificates/acme.json"
|
||||||
tlschallenge: true
|
tlschallenge: true
|
Loading…
Reference in New Issue
Block a user