clean up and add loki and ntfy

2025-11-13 18:38:45 +01:00
parent 8a67598944
commit 7ec59a3b07
9 changed files with 69 additions and 120 deletions
--- a/project/infrastructure/authelia/authelia.yml
+++ b/project/infrastructure/authelia/authelia.yml
@@ -29,7 +29,6 @@ services:
      # AUTHELIA_PUBLIC_DOMAIN: ${PUBLIC_DOMAIN} # this does not work for access control or openID yet
      # AUTHELIA_LOCAL_DOMAIN: ${LOCAL_DOMAIN} # this does not work for access control or openID yet
    volumes:
-      - ${INFRA_PATH}/authelia/config:/config
      - ${INFRA_PATH}/authelia/config:/config
      - "/var/log/authelia/:/config/log"
    labels:
--- a/project/infrastructure/headscale/headscale.yml
+++ b/project/infrastructure/headscale/headscale.yml
@@ -1,33 +0,0 @@
-services:
-  headscale:
-    extends:
-      file: ${TEMPLATES_PATH}
-      service: default
-    image: docker.io/headscale/headscale:sha-474ea236-debug
-    container_name: headscale 
-    ports:
-      - 3001:8080
-      - 3002:9090
-    networks: 
-      - ip4net
-      - ip6net
-    environment:
-      - DOMAIN=${PUBLIC_DOMAIN}
-      - CLIENT_SECRET_OIDC=${HEADSCALE_CLIENT_SECRET_OIDC}
-      - HEADSCALE_CLI_ADDRESS="https://headscale.${PUBLIC_DOMAIN}:443"
-      - HEADSCALE_CLI_API_KEY="ksC2HnX.3Rv5a2n32Rfgi8aWeaXhp6lAfAwG_NAq"
-    volumes:
-      - ${INFRA_PATH}/headscale/config:/etc/headscale
-      - ${INFRA_PATH}/headscale/lib:/var/lib/headscale
-      - ${INFRA_PATH}/headscale/data:/var/lib/headscale
-    command: serve
-    labels:
-      # Watchtower
-      - "com.centurylinklabs.watchtower.enable=true"
-      # Traefik
-      - "traefik.enable=true"
-      - "traefik.http.routers.headscale.rule=Host(`headscale.${PUBLIC_DOMAIN}`)"
-      - "traefik.http.routers.headscale.entrypoints=https"
-      - "traefik.http.routers.headscale.tls=true"
-      - "traefik.http.services.headscale.loadbalancer.server.port=8080"
-      - "traefik.http.routers.headscale.middlewares=crowdsec-bouncer@file"
--- a/project/infrastructure/ntfy/ntfy.yml
+++ b/project/infrastructure/ntfy/ntfy.yml
@@ -0,0 +1,27 @@
+services:
+  ntfy:
+    extends:
+      file: ${TEMPLATES_PATH}
+      service: default
+    container_name: ntfy 
+    image: binwiederhier/ntfy 
+    ports:
+      - "4023:80"
+    networks: 
+      - ip4net
+    command:
+      - serve
+    volumes:
+      - /var/cache/ntfy:/var/cache/ntfy
+      - ${INFRA_PATH}/ntfy/config:/etc/ntfy
+      - ${INFRA_PATH}/ntfy/data:/var/lib/ntfy
+    labels:
+      # Watchtower
+      - 'com.centurylinklabs.watchtower.enable=true'
+      # Traefik
+      - 'traefik.enable=true'
+      - 'traefik.http.routers.ntfy.rule=Host(`ntfy.${PUBLIC_DOMAIN}`)'
+      - 'traefik.http.routers.ntfy.entrypoints=https'
+      - 'traefik.http.routers.ntfy.tls=true'
+      # Middlewares
+      - "traefik.http.routers.ntfy.middlewares=crowdsec-bouncer@file"
--- a/project/infrastructure/web-finger/webfinger.yml
+++ b/project/infrastructure/web-finger/webfinger.yml
@@ -1,21 +0,0 @@
-services:
-  webfinger:
-    extends:
-      file: ${TEMPLATES_PATH}
-      service: default
-    image: peeley/carpal 
-    container_name: webfinger 
-    ports:
-      - 8888:8008
-    networks: 
-      - ip6net
-    volumes:
-      - ${INFRA_PATH}/web-finger/config/:/etc/carpal/resources
-    labels:
-      # Watchtower
-      - "com.centurylinklabs.watchtower.enable=true"
-      # Traefik
-      - "traefik.enable=true"
-      - "traefik.http.routers.webfinger.rule=Host(`${PUBLIC_DOMAIN}`)"
-      - "traefik.http.routers.webfinger.entrypoints=https"
-      - "traefik.http.routers.webfinger.tls=true"