diff --git a/project/db/lldap/lldap.yml b/project/db/lldap/lldap.yml index 55bdcdf..40a2f05 100644 --- a/project/db/lldap/lldap.yml +++ b/project/db/lldap/lldap.yml @@ -39,7 +39,6 @@ services: - "traefik.http.routers.lldap.rule=Host(`ldap.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.lldap.entrypoints=https" - "traefik.http.routers.lldap.tls=true" - - "traefik.http.routers.lldap.tls.certresolver=myresolver" - "traefik.http.routers.lldap.service=lldap-service" - "traefik.http.services.lldap-service.loadbalancer.server.port=17170" - "traefik.http.services.lldap-service.loadbalancer.server.scheme=http" diff --git a/project/infrastructure/authelia/authelia.yml b/project/infrastructure/authelia/authelia.yml index 15cda45..30720f6 100644 --- a/project/infrastructure/authelia/authelia.yml +++ b/project/infrastructure/authelia/authelia.yml @@ -36,7 +36,6 @@ services: # Traefik - "traefik.enable=true" - "traefik.http.routers.authelia.rule=Host(`auth.${PUBLIC_DOMAIN}`)" - - "traefik.http.routers.authelia.tls.certresolver=myresolver" - "traefik.http.routers.authelia.entryPoints=https" - "traefik.http.routers.authelia.tls=true" - "traefik.http.routers.authelia.service=authelia-svc" diff --git a/project/infrastructure/traefik/log-dashboard/dashboard/agents.db b/project/infrastructure/traefik/log-dashboard/dashboard/agents.db new file mode 100644 index 0000000..d53f762 Binary files /dev/null and b/project/infrastructure/traefik/log-dashboard/dashboard/agents.db differ diff --git a/project/infrastructure/traefik/log-dashboard/dashboard/agents.db-shm b/project/infrastructure/traefik/log-dashboard/dashboard/agents.db-shm new file mode 100644 index 0000000..bfd74a0 Binary files /dev/null and b/project/infrastructure/traefik/log-dashboard/dashboard/agents.db-shm differ diff --git a/project/infrastructure/traefik/log-dashboard/dashboard/agents.db-wal b/project/infrastructure/traefik/log-dashboard/dashboard/agents.db-wal new file mode 100644 index 0000000..4b2b541 Binary files /dev/null and b/project/infrastructure/traefik/log-dashboard/dashboard/agents.db-wal differ diff --git a/project/infrastructure/traefik/log-dashboard/dashboard/historical.db b/project/infrastructure/traefik/log-dashboard/dashboard/historical.db new file mode 100644 index 0000000..d53f762 Binary files /dev/null and b/project/infrastructure/traefik/log-dashboard/dashboard/historical.db differ diff --git a/project/infrastructure/traefik/log-dashboard/dashboard/historical.db-shm b/project/infrastructure/traefik/log-dashboard/dashboard/historical.db-shm new file mode 100644 index 0000000..b6ef4b9 Binary files /dev/null and b/project/infrastructure/traefik/log-dashboard/dashboard/historical.db-shm differ diff --git a/project/infrastructure/traefik/log-dashboard/dashboard/historical.db-wal b/project/infrastructure/traefik/log-dashboard/dashboard/historical.db-wal new file mode 100644 index 0000000..8b2530e Binary files /dev/null and b/project/infrastructure/traefik/log-dashboard/dashboard/historical.db-wal differ diff --git a/project/infrastructure/traefik/log-dashboard/positions/.position b/project/infrastructure/traefik/log-dashboard/positions/.position new file mode 100644 index 0000000..db3fe5f --- /dev/null +++ b/project/infrastructure/traefik/log-dashboard/positions/.position @@ -0,0 +1,3 @@ +{ + "/logs/traefik.log": 69278 +} \ No newline at end of file diff --git a/project/infrastructure/traefik/traefik.yml b/project/infrastructure/traefik/traefik.yml index 9dcc951..cd960de 100644 --- a/project/infrastructure/traefik/traefik.yml +++ b/project/infrastructure/traefik/traefik.yml @@ -35,6 +35,68 @@ services: - "traefik.http.routers.traefik.entrypoints=https" - "traefik.http.routers.traefik.tls=true" + traefik-agent: + extends: + file: ${TEMPLATES_PATH} + service: default + image: hhftechnology/traefik-log-dashboard-agent:2.4.0 + container_name: traefik-log-dashboard-agent + networks: + - ip4net + ports: + - "8078:5000" + volumes: + - "/var/log/crowdsec/:/logs:ro" + - "${INFRA_PATH}/traefik/log-dashboard/positions:/data" + environment: + TRAEFIK_LOG_DASHBOARD_ACCESS_PATH: /logs/traefik.log + TRAEFIK_LOG_DASHBOARD_AUTH_TOKEN: ${TRAEFIK_DASHBOARD_TOKEN} + TRAEFIK_LOG_DASHBOARD_SYSTEM_MONITORING: true + TRAEFIK_LOG_DASHBOARD_LOG_FORMAT: json + healthcheck: + test: + [ + "CMD", + "wget", + "--no-verbose", + "--tries=1", + "--spider", + "http://localhost:5000/api/logs/status", + ] + interval: 2m + timeout: 10s + retries: 3 + start_period: 30s + + traefik-dashboard: + extends: + file: ${TEMPLATES_PATH} + service: default + image: hhftechnology/traefik-log-dashboard:2.4.0 + container_name: traefik-log-dashboard + networks: + - ip4net + ports: + - "8077:3000" + volumes: + - ./data/dashboard:/app/data + - "${INFRA_PATH}/traefik/log-dashboard/dashboard:/app/data" + - "${INFRA_PATH}/traefik/log-dashboard/positions:/data" + environment: + AGENT_API_URL: http://192.168.178.35:8078 + AGENT_API_TOKEN: ${TRAEFIK_DASHBOARD_TOKEN} + # Display Configuration + NEXT_PUBLIC_SHOW_DEMO_PAGE: false + depends_on: + traefik-agent: + condition: service_healthy + labels: + # traefik + - "traefik.enable=true" + - "traefik.http.routers.traefik-log-dashboard.rule=Host(`traefik-dashboard.${LOCAL_DOMAIN}`)" + - "traefik.http.routers.traefik-log-dashboard.entrypoints=https" + - "traefik.http.routers.traefik-log-dashboard.tls=true" + whoami: extends: file: ${TEMPLATES_PATH} diff --git a/project/media/audiobookshelf/audiobookshelf.yml b/project/media/audiobookshelf/audiobookshelf.yml index 9648f5b..5db6cc5 100644 --- a/project/media/audiobookshelf/audiobookshelf.yml +++ b/project/media/audiobookshelf/audiobookshelf.yml @@ -18,7 +18,6 @@ services: - "traefik.enable=true" - "traefik.http.routers.audiobookshelf.rule=Host(`audiobookshelf.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.audiobookshelf.entrypoints=https" - - "traefik.http.routers.audiobookshelf.tls.certresolver=myresolver" - "traefik.http.routers.audiobookshelf.tls=true" # Middlewares - "traefik.http.routers.audiobookshelf.middlewares=crowdsec-bouncer@file" diff --git a/project/media/immich/immich.yml b/project/media/immich/immich.yml index 7b9300e..d4c184e 100644 --- a/project/media/immich/immich.yml +++ b/project/media/immich/immich.yml @@ -25,7 +25,6 @@ services: - "traefik.enable=true" - "traefik.http.routers.immich-server.rule=Host(`immich.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.immich-server.entrypoints=https" - - "traefik.http.routers.immich-server.tls.certresolver=myresolver" - "traefik.http.routers.immich-server.tls=true" # Middlewares - "traefik.http.routers.immich-server.middlewares=crowdsec-bouncer@file" @@ -43,7 +42,7 @@ services: # https://github.com/Salvoxia/immich-folder-album-creator # one time run: - # docker run -e -e API_URL="https://immich.crescentec.xyz/api/" -e API_KEY="qTaebdVMtph9yD0pSJRJDQJkDEpexiXNMJ5V5HBEnA" -e ROOT_PATH="/usr/src/app/external" -e LOG_LEVEL="DEBUG" salvoxia/immich-folder-album-creator:latest /script/immich_auto_album.sh + # docker run -e -e API_URL="https://immich.${PUBLIC_DOMAIN}/api/" -e API_KEY="qTaebdVMtph9yD0pSJRJDQJkDEpexiXNMJ5V5HBEnA" -e ROOT_PATH="/usr/src/app/external" -e LOG_LEVEL="DEBUG" salvoxia/immich-folder-album-creator:latest /script/immich_auto_album.sh immich-folder-album-creator: extends: file: ${TEMPLATES_PATH} @@ -51,7 +50,7 @@ services: container_name: immich_folder_album_creator image: salvoxia/immich-folder-album-creator:0.24.0 environment: - API_URL: https://immich.crescentec.xyz/api + API_URL: https://immich.${PUBLIC_DOMAIN}/api API_KEY: qTaebdVMtph9yD0pSJRJDQJkDEpexiXNMJ5V5HBEnA ROOT_PATH: /usr/src/app/external CRON_EXPRESSION: "0 * * * *" diff --git a/project/service/freshrss/freshrss.yml b/project/service/freshrss/freshrss.yml index a9014c7..c4d2fea 100644 --- a/project/service/freshrss/freshrss.yml +++ b/project/service/freshrss/freshrss.yml @@ -21,6 +21,5 @@ services: - "traefik.http.routers.freshrss.rule=Host(`rss.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.freshrss.entrypoints=https" - "traefik.http.routers.freshrss.tls=true" - - "traefik.http.routers.freshrss.tls.certresolver=myresolver" # Middlewares - "traefik.http.routers.freshrss.middlewares=crowdsec-bouncer@file" diff --git a/project/service/gitea/gitea.yml b/project/service/gitea/gitea.yml index 1bc5122..ee1069f 100644 --- a/project/service/gitea/gitea.yml +++ b/project/service/gitea/gitea.yml @@ -41,7 +41,6 @@ services: - "traefik.enable=true" - "traefik.http.routers.gitea.rule=Host(`gitea.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.gitea.entrypoints=https" - - "traefik.http.routers.gitea.tls.certresolver=myresolver" - "traefik.http.routers.gitea.tls=true" - "traefik.http.routers.gitea.service=gitea-service" - "traefik.http.services.gitea-service.loadbalancer.server.port=4002" diff --git a/project/service/mealie/mealie.yml b/project/service/mealie/mealie.yml index edbfaa9..c489da7 100644 --- a/project/service/mealie/mealie.yml +++ b/project/service/mealie/mealie.yml @@ -33,7 +33,6 @@ services: - "traefik.enable=true" - "traefik.http.routers.mealie.rule=Host(`mealie.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.mealie.entrypoints=https" - - "traefik.http.routers.mealie.tls.certresolver=myresolver" - "traefik.http.routers.mealie.tls=true" # Middlewares - "traefik.http.routers.mealie.middlewares=crowdsec-bouncer@file" diff --git a/project/service/n8n/n8n.yml b/project/service/n8n/n8n.yml index dbc0d38..4377d37 100644 --- a/project/service/n8n/n8n.yml +++ b/project/service/n8n/n8n.yml @@ -36,6 +36,5 @@ services: - "traefik.http.routers.n8n.rule=Host(`n8n.${LOCAL_DOMAIN}`)" - "traefik.http.routers.n8n.entrypoints=https" - "traefik.http.routers.n8n.tls=true" - - "traefik.http.routers.n8n.tls.certresolver=myresolver" # Middlewares - "traefik.http.routers.n8n.middlewares=crowdsec-bouncer@file" diff --git a/project/service/ollama/ollama.yml b/project/service/ollama/ollama.yml index 7120810..29b3a25 100644 --- a/project/service/ollama/ollama.yml +++ b/project/service/ollama/ollama.yml @@ -17,6 +17,5 @@ services: - "traefik.http.routers.ollama.rule=Host(`ollama.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.ollama.entrypoints=https" - "traefik.http.routers.ollama.tls=true" - - "traefik.http.routers.ollama.tls.certresolver=myresolver" # Middlewares - "traefik.http.routers.ollama.middlewares=crowdsec-bouncer@file" diff --git a/project/service/paperless-ngx/paperless-ngx.yml b/project/service/paperless-ngx/paperless-ngx.yml index 679c52e..914d091 100644 --- a/project/service/paperless-ngx/paperless-ngx.yml +++ b/project/service/paperless-ngx/paperless-ngx.yml @@ -33,15 +33,14 @@ services: # PAPERLESS_DISABLE_REGULAR_LOGIN: true # PAPERLESS_ENABLE_HTTP_REMOTE_USER: true # PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME: HTTP_REMOTE_USER - # PAPERLESS_LOGOUT_REDIRECT_URL: https://auth.crescentec.xyz/logout + # PAPERLESS_LOGOUT_REDIRECT_URL: https://auth.${PUBLIC_DOMAIN}/logout # PAPERLESS_APPS: "allauth.socialaccount.providers.openid_connect" - # PAPERLESS_SOCIALACCOUNT_PROVIDERS: '{"openid_connect":{"SCOPE":["openid","profile","email"],"OAUTH_PKCE_ENABLED":true,"APPS":[{"provider_id":"authelia","name":"Authelia","client_id":"paperless","secret":"jzO0JYA35oOojGqxFJUaDXdgdXhuACyq4b3lvOx233wtoSyv19prQfCKah1mwyDv","settings":{"server_url":"https://auth.crescentec.xyz","token_auth_method":"client_secret_basic"}}]}}' + # PAPERLESS_SOCIALACCOUNT_PROVIDERS: '{"openid_connect":{"SCOPE":["openid","profile","email"],"OAUTH_PKCE_ENABLED":true,"APPS":[{"provider_id":"authelia","name":"Authelia","client_id":"paperless","secret":"jzO0JYA35oOojGqxFJUaDXdgdXhuACyq4b3lvOx233wtoSyv19prQfCKah1mwyDv","settings":{"server_url":"https://auth.${PUBLIC_DOMAIN}","token_auth_method":"client_secret_basic"}}]}}' labels: # Traefik - "traefik.enable=true" - "traefik.http.routers.paperless.rule=Host(`paperless.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.paperless.entrypoints=https" - - "traefik.http.routers.paperless.tls.certresolver=myresolver" - "traefik.http.routers.paperless.tls=true" # Middlewares - "traefik.http.routers.paperless.middlewares=crowdsec-bouncer@file" diff --git a/project/service/pdf/pdf.yml b/project/service/pdf/pdf.yml index 7203d6c..306c935 100644 --- a/project/service/pdf/pdf.yml +++ b/project/service/pdf/pdf.yml @@ -14,7 +14,6 @@ services: - "traefik.enable=true" - "traefik.http.routers.pdf.rule=Host(`pdf.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.pdf.entrypoints=https" - - "traefik.http.routers.pdf.tls.certresolver=myresolver" - "traefik.http.routers.pdf.tls=true" # Middlewares - "traefik.http.routers.pdf.middlewares=crowdsec-bouncer@file, authelia@file" diff --git a/project/service/radicale/radicale.yml b/project/service/radicale/radicale.yml index 73db091..60ff339 100644 --- a/project/service/radicale/radicale.yml +++ b/project/service/radicale/radicale.yml @@ -30,7 +30,6 @@ services: - "traefik.enable=true" - "traefik.http.routers.radicale.rule=Host(`radicale.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.radicale.entrypoints=https" - - "traefik.http.routers.radicale.tls.certresolver=myresolver" - "traefik.http.routers.radicale.tls=true" # Middlewares - "traefik.http.routers.radicale.middlewares=crowdsec-bouncer@file" diff --git a/project/service/vaultwarden/vaultwarden.yml b/project/service/vaultwarden/vaultwarden.yml index 6900679..930bfdf 100644 --- a/project/service/vaultwarden/vaultwarden.yml +++ b/project/service/vaultwarden/vaultwarden.yml @@ -27,6 +27,5 @@ services: - "traefik.http.routers.vaultwarden.rule=Host(`vaultwarden.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.vaultwarden.entrypoints=https" - "traefik.http.routers.vaultwarden.tls=true" - - "traefik.http.routers.vaultwarden.tls.certresolver=myresolver" # Middlewares - "traefik.http.routers.vaultwarden.middlewares=crowdsec-bouncer@file" diff --git a/project/service/vikunja/vikunja.yml b/project/service/vikunja/vikunja.yml index b4b8e4e..82da15a 100644 --- a/project/service/vikunja/vikunja.yml +++ b/project/service/vikunja/vikunja.yml @@ -27,7 +27,6 @@ services: - "traefik.enable=true" - "traefik.http.routers.vikunja.rule=Host(`vikunja.${PUBLIC_DOMAIN}`)" - "traefik.http.routers.vikunja.entrypoints=https" - - "traefik.http.routers.vikunja.tls.certresolver=myresolver" - "traefik.http.routers.vikunja.tls=true" # Middlewares - "traefik.http.routers.vikunja.middlewares=crowdsec-bouncer@file"