From b37dda0b67038228ab408eaeb647599cb2f84b1c Mon Sep 17 00:00:00 2001 From: debian Date: Thu, 23 Oct 2025 22:24:40 +0200 Subject: [PATCH] refine configuration file --- services/caddy/Caddyfile | 32 ++++++++++++++++---------------- services/caddy/caddy.yml | 2 +- services/headscale/headscale.yml | 8 ++++++-- 3 files changed, 23 insertions(+), 19 deletions(-) diff --git a/services/caddy/Caddyfile b/services/caddy/Caddyfile index 192fb1d..824fa40 100644 --- a/services/caddy/Caddyfile +++ b/services/caddy/Caddyfile @@ -13,7 +13,7 @@ } auth.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -23,7 +23,7 @@ auth.{$public_domain} { } audiobookshelf.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -33,7 +33,7 @@ audiobookshelf.{$public_domain} { } gitea.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -43,7 +43,7 @@ gitea.{$public_domain} { } headscale.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -54,7 +54,7 @@ headscale.{$public_domain} { immich.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -64,7 +64,7 @@ immich.{$public_domain} { } ldap.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -74,7 +74,7 @@ ldap.{$public_domain} { } linkwarden.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -84,7 +84,7 @@ linkwarden.{$public_domain} { } mealie.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -94,7 +94,7 @@ mealie.{$public_domain} { } paperless.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -104,7 +104,7 @@ paperless.{$public_domain} { } radicale.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -114,7 +114,7 @@ radicale.{$public_domain} { } shlink.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -124,7 +124,7 @@ shlink.{$public_domain} { } stirling-pdf.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -134,7 +134,7 @@ stirling-pdf.{$public_domain} { } superset.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -144,7 +144,7 @@ superset.{$public_domain} { } vaultwarden.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -154,7 +154,7 @@ vaultwarden.{$public_domain} { } vikunja.{$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } @@ -164,7 +164,7 @@ vikunja.{$public_domain} { } {$public_domain} { - reverse_proxy ${node_local_ip} { + reverse_proxy ${main_server_ip} { transport http { tls_insecure_skip_verify } diff --git a/services/caddy/caddy.yml b/services/caddy/caddy.yml index d244975..2cc1148 100644 --- a/services/caddy/caddy.yml +++ b/services/caddy/caddy.yml @@ -20,7 +20,7 @@ services: email: ${EMAIL} public_domain: ${PUBLIC_DOMAIN} private_domain: ${LOCAL_DOMAIN} - node_local_ip: ${NODE_LOCAL_IP} + main_server_ip: ${MAIN_SERVER_NODE_IP:-10.10.10.2} cap_add: - NET_ADMIN networks: diff --git a/services/headscale/headscale.yml b/services/headscale/headscale.yml index bbbe70f..ed24fe1 100644 --- a/services/headscale/headscale.yml +++ b/services/headscale/headscale.yml @@ -10,9 +10,13 @@ services: - ${SERVICE_PATH}/headscale/lib:/var/lib/headscale - ${SERVICE_PATH}/headscale/run:/var/run/headscale ports: - - 0.0.0.0:1000:8080 # api - - 0.0.0.0:1001:9090 # metrics + - 0.0.0.0:8080:8080 # api + - 0.0.0.0:9090:9090 # metrics command: serve + environment: + HEADSCALE_SERVER_URL: ${HOST_IP} + HEADSCALE_DNS_NAMESERVERS: ${DNS_NODE_IP:-10.10.10.3} + HEADSCALE_DNS_MAGIC_DNS: "true" networks: - ip4net labels: