chriswin/vps-server
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

config traefik

Browse Source
This commit is contained in:
chris
2026-01-19 18:04:58 +00:00
parent dddd076150
commit 97fcc660fb
5 changed files with 89 additions and 300 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
services/traefik/config/config.yml
View File

@@ -30,7 +30,7 @@ http:
authelia:
rule: "Host(`auth.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -38,7 +38,7 @@ http:
audiobookshelf:
rule: "Host(`audiobookshelf.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -46,7 +46,7 @@ http:
gitea:
rule: "Host(`gitea.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -54,7 +54,7 @@ http:
headscale:
rule: "Host(`headscale.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -62,7 +62,7 @@ http:
immich:
rule: "Host(`immich.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -70,7 +70,7 @@ http:
lldap:
rule: "Host(`ldap.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -78,7 +78,7 @@ http:
linkwarden:
rule: "Host(`linkwarden.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -86,7 +86,7 @@ http:
mealie:
rule: "Host(`mealie.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -94,7 +94,7 @@ http:
navidrome:
rule: "Host(`navidrome.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -102,7 +102,7 @@ http:
ntfy:
rule: "Host(`ntfy.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -110,7 +110,7 @@ http:
paperless:
rule: "Host(`paperless.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -118,7 +118,7 @@ http:
pdf:
rule: "Host(`pdf.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -126,7 +126,7 @@ http:
radicale:
rule: "Host(`radicale.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -134,16 +134,15 @@ http:
rss:
rule: "Host(`rss.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
<<<<<<< HEAD
# superset:
# rule: "Host(`superset.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
# service: node
# entryPoints: https
# entrypoints: https,http
# tls:
# certresolver: myresolver
# middlewares: crowdsec-bouncer@file
@@ -151,7 +150,7 @@ http:
vaultwarden:
rule: "Host(`vaultwarden.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -159,7 +158,7 @@ http:
vikunja:
rule: "Host(`vikunja.{{ env "TRAEFIK_PUBLIC_DOMAIN" }}`)"
service: node
entryPoints: https
entrypoints: https,http
tls:
certresolver: myresolver
middlewares: crowdsec-bouncer@file
@@ -170,3 +169,12 @@ http:
servers:
- url: https://{{ env "TRAEFIK_MAIN_SERVER_NODE_IP" }}
tls:
stores:
default:
defaultCertificate:
certFile: /etc/certs/server-vps-lan.crt
keyFile: /etc/certs/server-vps-lan.key
defaultCertificate:
- certFile: /etc/certs/server-vps-lan.crt
keyFile: /etc/certs/server-vps-lan.key

125
services/traefik/traefik.yml
View File

@@ -16,7 +16,6 @@ services:
TRAEFIK_PUBLIC_DOMAIN: ${PUBLIC_DOMAIN}
TRAEFIK_MAIN_SERVER_NODE_IP: ${MAIN_SERVER_NODE_IP}
TRAEFIK_CROWDSEC_API_KEY: ${CROWDSEC_API_KEY}
# INFOMANIAK_ACCESS_TOKEN: ${INFOMANIAK_CERTIFICATE_ACCESS_TOKEN}
volumes:
- "/var/log/traefik/:/var/log/traefik/"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
@@ -33,64 +32,66 @@ services:
- "traefik.http.routers.traefik.entrypoints=https"
- "traefik.http.routers.traefik.tls=true"
# traefik-agent:
# extends:
# file: ${TEMPLATES_PATH}
# service: default
# image: hhftechnology/traefik-log-dashboard-agent:2.4.0
# container_name: traefik-log-dashboard-agent
# networks:
# - ip4net
# ports:
# - "8078:5000"
# volumes:
# - "/var/log/crowdsec/:/logs:ro"
# - "${SERVICE_PATH}/traefik/log-dashboard/positions:/data"
# environment:
# TRAEFIK_LOG_DASHBOARD_ACCESS_PATH: /logs/traefik.log
# TRAEFIK_LOG_DASHBOARD_AUTH_TOKEN: ${TRAEFIK_DASHBOARD_TOKEN}
# TRAEFIK_LOG_DASHBOARD_SYSTEM_MONITORING: true
# TRAEFIK_LOG_DASHBOARD_LOG_FORMAT: json
# healthcheck:
# test:
# [
# "CMD",
# "wget",
# "--no-verbose",
# "--tries=1",
# "--spider",
# "http://localhost:5000/api/logs/status",
# ]
# interval: 2m
# timeout: 10s
# retries: 3
# start_period: 30s
#
# traefik-dashboard:
# extends:
# file: ${TEMPLATES_PATH}
# service: default
# image: hhftechnology/traefik-log-dashboard:2.4.0
# container_name: traefik-log-dashboard
# networks:
# - ip4net
# ports:
# - "8077:3000"
# volumes:
# - ./data/dashboard:/app/data
# - "${SERVICE_PATH}/traefik/log-dashboard/dashboard:/app/data"
# - "${SERVICE_PATH}/traefik/log-dashboard/positions:/data"
# environment:
# AGENT_API_URL: http://192.168.178.35:8078
# AGENT_API_TOKEN: ${TRAEFIK_DASHBOARD_TOKEN}
# # Display Configuration
# NEXT_PUBLIC_SHOW_DEMO_PAGE: false
# depends_on:
# traefik-agent:
# condition: service_healthy
# labels:
# # traefik
# - "traefik.enable=true"
# - "traefik.http.routers.traefik-log-dashboard.rule=Host(`traefik-dashboard.${LOCAL_DOMAIN}`)"
# - "traefik.http.routers.traefik-log-dashboard.entrypoints=https"
# - "traefik.http.routers.traefik-log-dashboard.tls=true"
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server-vps-lan.key -out vps-lan.crt \ -subj "/CN=server-vps-lan"
# traefik-agent:
# extends:
# file: ${TEMPLATES_PATH}
# service: default
# image: hhftechnology/traefik-log-dashboard-agent:2.4.0
# container_name: traefik-log-dashboard-agent
# networks:
# - ip4net
# ports:
# - "8078:5000"
# volumes:
# - "/var/log/crowdsec/:/logs:ro"
# - "${SERVICE_PATH}/traefik/log-dashboard/positions:/data"
# environment:
# TRAEFIK_LOG_DASHBOARD_ACCESS_PATH: /logs/traefik.log
# TRAEFIK_LOG_DASHBOARD_AUTH_TOKEN: ${TRAEFIK_DASHBOARD_TOKEN}
# TRAEFIK_LOG_DASHBOARD_SYSTEM_MONITORING: true
# TRAEFIK_LOG_DASHBOARD_LOG_FORMAT: json
# healthcheck:
# test:
# [
# "CMD",
# "wget",
# "--no-verbose",
# "--tries=1",
# "--spider",
# "http://localhost:5000/api/logs/status",
# ]
# interval: 2m
# timeout: 10s
# retries: 3
# start_period: 30s
#
# traefik-dashboard:
# extends:
# file: ${TEMPLATES_PATH}
# service: default
# image: hhftechnology/traefik-log-dashboard:2.4.0
# container_name: traefik-log-dashboard
# networks:
# - ip4net
# ports:
# - "8077:3000"
# volumes:
# - ./data/dashboard:/app/data
# - "${SERVICE_PATH}/traefik/log-dashboard/dashboard:/app/data"
# - "${SERVICE_PATH}/traefik/log-dashboard/positions:/data"
# environment:
# AGENT_API_URL: http://192.168.178.35:8078
# AGENT_API_TOKEN: ${TRAEFIK_DASHBOARD_TOKEN}
# # Display Configuration
# NEXT_PUBLIC_SHOW_DEMO_PAGE: false
# depends_on:
# traefik-agent:
# condition: service_healthy
# labels:
# # traefik
# - "traefik.enable=true"
# - "traefik.http.routers.traefik-log-dashboard.rule=Host(`traefik-dashboard.${LOCAL_DOMAIN}`)"
# - "traefik.http.routers.traefik-log-dashboard.entrypoints=https"
# - "traefik.http.routers.traefik-log-dashboard.tls=true"