akanealw/dockerservertest
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cleaned up containers and scripts

Browse Source
This commit is contained in:
akanealw
2025-05-11 11:06:13 -05:00
parent 56e59ab232
commit c0da53677d
10 changed files with 0 additions and 354 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
.gitignore vendored
View File

4
dc-down-all-containers.sh
View File

@@ -1,4 +0,0 @@
#!/bin/bash
docker compose -f admin/compose.yml down
docker ps

4
dc-pull-all-containers.sh
View File

@@ -1,4 +0,0 @@
#!/bin/bash
docker compose -f admin/compose.yml pull
docker ps

4
dc-up-all-containers.sh
View File

@@ -1,4 +0,0 @@
#!/bin/bash
docker compose -f admin/compose.yml up -d
docker ps

18
pangolin/.env
View File

@@ -1,18 +0,0 @@
TZ=America/Chicago
POSTGRES_PASSWORD=nu8Vohx1ot1eesoono5teshu6bohn9eiteich6Bu
AUTHENTIK_SECRET_KEY=7kIHbomK9MV4lEvObyOGGvzF222eLZ1RC6fKn28EDEIB4iF8kC
# SMTP Host Emails are sent to
AUTHENTIK_EMAIL__HOST=smtp.gmail.com
AUTHENTIK_EMAIL__PORT=587
# Optionally authenticate (don't add quotation marks to your password)
AUTHENTIK_EMAIL__USERNAME=akanealw@gmail.com
AUTHENTIK_EMAIL__PASSWORD=dqtqnqvdmtgtvwjf
# Use StartTLS
AUTHENTIK_EMAIL__USE_TLS=true
# Use SSL
AUTHENTIK_EMAIL__USE_SSL=false
AUTHENTIK_EMAIL__TIMEOUT=10
# Email address authentik will send from, should have a correct @domain
AUTHENTIK_EMAIL__FROM=akanealw@gmail.com

3
pangolin/.gitignore vendored
View File

@@ -1,3 +0,0 @@
*.db
*.sqlite
acme.json

68
pangolin/config/config.yml
View File

@@ -1,68 +0,0 @@
# To see all available options, please visit the docs:
# https://docs.fossorial.io/Pangolin/Configuration/config
app:
dashboard_url: "https://pangolin.akanealw3.com"
log_level: "info"
save_logs: false
domains:
domain1:
base_domain: "akanealw3.com"
cert_resolver: "letsencrypt"
prefer_wildcard_cert: true
server:
external_port: 3000
internal_port: 3001
next_port: 3002
internal_hostname: "pangolin"
session_cookie_name: "p_session_token"
resource_access_token_param: "p_token"
resource_access_token_headers:
id: "P-Access-Token-Id"
token: "P-Access-Token"
resource_session_request_param: "p_session_request"
secret: CGjidUyt3AbKdYA3hpvsfbObKx2tyrdy
cors:
origins: ["https://pangolin.akanealw3.com"]
methods: ["GET", "POST", "PUT", "DELETE", "PATCH"]
headers: ["X-CSRF-Token", "Content-Type"]
credentials: false
traefik:
cert_resolver: "letsencrypt"
http_entrypoint: "web"
https_entrypoint: "websecure"
gerbil:
start_port: 51820
base_endpoint: "pangolin.akanealw3.com"
use_subdomain: false
block_size: 24
site_block_size: 30
subnet_group: 100.89.137.0/20
rate_limits:
global:
window_minutes: 1
max_requests: 500
email:
smtp_host: "smtp.gmail.com"
smtp_port: 587
smtp_user: "akanealw@gmail.com"
smtp_pass: "dqtqnqvdmtgtvwjf"
no_reply: "akanealw@gmail.com"
users:
server_admin:
email: "akanealw@gmail.com"
password: "Bungie1!"
flags:
require_email_verification: true
disable_signup_without_invite: true
disable_user_create_org: false
allow_raw_resources: true
allow_base_domain_resources: true

57
pangolin/config/traefik/dynamic_config.yml
View File

@@ -1,57 +0,0 @@
http:
middlewares:
redirect-to-https:
redirectScheme:
scheme: https
routers:
# HTTP to HTTPS redirect router
main-app-router-redirect:
rule: "Host(`pangolin.akanealw3.com`)"
service: next-service
entryPoints:
- web
middlewares:
- redirect-to-https
# Next.js router (handles everything except API and WebSocket paths)
next-router:
rule: "Host(`pangolin.akanealw3.com`) && !PathPrefix(`/api/v1`)"
service: next-service
entryPoints:
- websecure
tls:
certResolver: letsencrypt
domains:
- main: "akanealw3.com"
sans:
- "*.akanealw3.com"
# API router (handles /api/v1 paths)
api-router:
rule: "Host(`pangolin.akanealw3.com`) && PathPrefix(`/api/v1`)"
service: api-service
entryPoints:
- websecure
tls:
certResolver: letsencrypt
# WebSocket router
ws-router:
rule: "Host(`pangolin.akanealw3.com`)"
service: api-service
entryPoints:
- websecure
tls:
certResolver: letsencrypt
services:
next-service:
loadBalancer:
servers:
- url: "http://pangolin:3002" # Next.js server
api-service:
loadBalancer:
servers:
- url: "http://pangolin:3000" # API/WebSocket server

46
pangolin/config/traefik/traefik_config.yml
View File

@@ -1,46 +0,0 @@
api:
insecure: true
dashboard: true
providers:
http:
endpoint: "http://pangolin:3001/api/v1/traefik-config"
pollInterval: "5s"
file:
filename: "/etc/traefik/dynamic_config.yml"
experimental:
plugins:
badger:
moduleName: "github.com/fosrl/badger"
version: "v1.1.0"
log:
level: "INFO"
format: "common"
certificatesResolvers:
letsencrypt:
acme:
dnsChallenge:
provider: "cloudflare"
resolvers:
- 1.1.1.1:53
email: "akanealw@gmail.com"
storage: "/letsencrypt/acme.json"
caServer: "https://acme-v02.api.letsencrypt.org/directory"
entryPoints:
web:
address: ":80"
websecure:
address: ":443"
transport:
respondingTimeouts:
readTimeout: "30m"
http:
tls:
certResolver: "letsencrypt"
serversTransport:
insecureSkipVerify: true

150
pangolin/docker-compose.yml
View File

@@ -1,150 +0,0 @@
services:
authentik-server:
image: ghcr.io/goauthentik/server:2025.2.2
container_name: authentik-server
command: server
environment:
- AUTHENTIK_REDIS__HOST=authentik-redis
- AUTHENTIK_POSTGRESQL__HOST=authentik-postgres
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
- AUTHENTIK_EMAIL__HOST=${AUTHENTIK_EMAIL__HOST}
- AUTHENTIK_EMAIL__PORT=${AUTHENTIK_EMAIL__PORT}
- AUTHENTIK_EMAIL__USERNAME=${AUTHENTIK_EMAIL__USERNAME}
- AUTHENTIK_EMAIL__PASSWORD=${AUTHENTIK_EMAIL__PASSWORD}
- AUTHENTIK_EMAIL__USE_TLS=${AUTHENTIK_EMAIL__USE_TLS}
- AUTHENTIK_EMAIL__USE_SSL=${AUTHENTIK_EMAIL__USE_SSL}
- AUTHENTIK_EMAIL__TIMEOUT=${AUTHENTIK_EMAIL__TIMEOUT}
- AUTHENTIK_EMAIL__FROM=${AUTHENTIK_EMAIL__FROM}
ports:
- 9000:9000
- 9443:9443
networks:
- authentik
- reverseproxy
volumes:
- ./config/authentik/media:/media
- ./config/authentik/custom-templates:/templates
depends_on:
- authentik-postgres
- authentik-redis
restart: unless-stopped
authentik-worker:
image: ghcr.io/goauthentik/server:2025.2.2
container_name: authentik-worker
command: worker
environment:
- AUTHENTIK_REDIS__HOST=authentik-redis
- AUTHENTIK_POSTGRESQL__HOST=authentik-postgres
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
- AUTHENTIK_EMAIL__HOST=${AUTHENTIK_EMAIL__HOST}
- AUTHENTIK_EMAIL__PORT=${AUTHENTIK_EMAIL__PORT}
- AUTHENTIK_EMAIL__USERNAME=${AUTHENTIK_EMAIL__USERNAME}
- AUTHENTIK_EMAIL__PASSWORD=${AUTHENTIK_EMAIL__PASSWORD}
- AUTHENTIK_EMAIL__USE_TLS=${AUTHENTIK_EMAIL__USE_TLS}
- AUTHENTIK_EMAIL__USE_SSL=${AUTHENTIK_EMAIL__USE_SSL}
- AUTHENTIK_EMAIL__TIMEOUT=${AUTHENTIK_EMAIL__TIMEOUT}
- AUTHENTIK_EMAIL__FROM=${AUTHENTIK_EMAIL__FROM}
networks:
- authentik
- reverseproxy
user: root
volumes:
- /run/docker.sock:/run/docker.sock
- ./config/authentik/media:/media
- ./config/authentik/certs:/certs
- ./config/authentik/custom-templates:/templates
depends_on:
- authentik-postgres
- authentik-redis
restart: unless-stopped
authentik-redis:
image: docker.io/library/redis:7.4.2
container_name: authentik-redis
command: --save 60 1 --loglevel warning
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
networks:
- authentik
volumes:
- ./config/authentik/redis:/data
restart: unless-stopped
authentik-postgres:
image: docker.io/library/postgres:17.4
container_name: authentik-postgres
environment:
- POSTGRES_USER=authentik
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=authentik
- TZ=${TZ}
healthcheck:
test: ['CMD-SHELL', 'pg_isready -U "authentik"']
start_period: 30s
interval: 10s
timeout: 10s
retries: 5
networks:
- authentik
volumes:
- ./config/authentik/postgres:/var/lib/postgresql/data
restart: unless-stopped
pangolin:
image: fosrl/pangolin:1.3.1
container_name: pangolin
restart: unless-stopped
networks:
- reverseproxy
volumes:
- ./config:/app/config
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3001/api/v1/"]
interval: "10s"
timeout: "10s"
retries: 15
traefik:
image: traefik:v3.3.6
container_name: traefik
restart: unless-stopped
environment:
CLOUDFLARE_DNS_API_TOKEN: "PBgohFerQJEkCEcOm0Fw7LKl83gZ8ILU0PKNG5AM"
networks:
- reverseproxy
ports:
- 443:443
- 80:80
depends_on:
pangolin:
condition: service_healthy
command:
- --configFile=/etc/traefik/traefik_config.yml
volumes:
- ./config/traefik:/etc/traefik:ro # Volume to store the Traefik configuration
- ./config/letsencrypt:/letsencrypt # Volume to store the Let's Encrypt certificates
- ./config/traefik/logs:/var/log/traefik # Volume to store Traefik logs
whoami:
image: traefik/whoami
container_name: whoami
networks:
- reverseproxy
networks:
authentik:
name: authentik
reverseproxy:
external: true