added files

2025-05-09 11:39:14 -04:00
commit 7bf8e5aff8
7 changed files with 222 additions and 0 deletions
--- a/config/config.yml
+++ b/config/config.yml
@@ -0,0 +1,67 @@
+# To see all available options, please visit the docs:
+# https://docs.fossorial.io/Pangolin/Configuration/config
+
+app:
+    dashboard_url: "https://pangolin.akanealw2.com"
+    log_level: "info"
+    save_logs: false
+
+domains:
+    domain1:
+        base_domain: "akanealw2.com"
+        cert_resolver: "letsencrypt"
+
+server:
+    external_port: 3000
+    internal_port: 3001
+    next_port: 3002
+    internal_hostname: "pangolin"
+    session_cookie_name: "p_session_token"
+    resource_access_token_param: "p_token"
+    resource_access_token_headers:
+        id: "P-Access-Token-Id"
+        token: "P-Access-Token"
+    resource_session_request_param: "p_session_request"
+    secret: CGjidUyt3AbKdYA3hpvsfbObKx2tyrdy
+    cors:
+        origins: ["https://pangolin.akanealw2.com"]
+        methods: ["GET", "POST", "PUT", "DELETE", "PATCH"]
+        headers: ["X-CSRF-Token", "Content-Type"]
+        credentials: false
+
+traefik:
+    cert_resolver: "letsencrypt"
+    http_entrypoint: "web"
+    https_entrypoint: "websecure"
+
+gerbil:
+    start_port: 51820
+    base_endpoint: "pangolin.akanealw2.com"
+    use_subdomain: false
+    block_size: 24
+    site_block_size: 30
+    subnet_group: 100.89.137.0/20
+
+rate_limits:
+    global:
+        window_minutes: 1
+        max_requests: 500
+
+email:
+    smtp_host: "smtp.gmail.com"
+    smtp_port: 587
+    smtp_user: "akanealw@gmail.com"
+    smtp_pass: "dqtqnqvdmtgtvwjf"
+    no_reply: "akanealw@gmail.com"
+
+users:
+    server_admin:
+        email: "akanealw@gmail.com"
+        password: "Bungie1!"
+
+flags:
+    require_email_verification: true
+    disable_signup_without_invite: true
+    disable_user_create_org: false
+    allow_raw_resources: true
+    allow_base_domain_resources: true
--- a/config/letsencrypt/acme.json
+++ b/config/letsencrypt/acme.json
@@ -0,0 +1,19 @@
+{
+  "letsencrypt": {
+    "Account": {
+      "Email": "akanealw@gmail.com",
+      "Registration": {
+        "body": {
+          "status": "valid",
+          "contact": [
+            "mailto:akanealw@gmail.com"
+          ]
+        },
+        "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/2389187597"
+      },
+      "PrivateKey": "MIIJKAIBAAKCAgEAx7sSQVpNLpuK22AaLzQizqa2nMsM3fOeqs0mKaX+0JNGvyA8XjeMm/+NNN52p03r5Ya3IE0JEXodERzZwIhYjRXcY7CL9amaFJzzP9whMptlK9TXo30jIo68Bt3IBqxSWSyuw3KNmt7jQ25aPAoQLnSgttudTmEGXj0r5T6Q7cydCi4yY0kVRp43r/GhuY65vMhu+r8DepAJz2x97lfsOJ5H+XHc9DIaIGuqdFpm+sa8mXoB8z+OXkmhHE4AlDhd4/gZD7WXRltU7UpG+8yIJXRJK8tychbj0LBXBWFlJkOrvpQtkb/MBdkaIE+3VQLk1XiZsxHjyhXhGrwy3Q1FsxP6eTkq+jJGe9L6JHAxpmm4cy0H7TWDts2wdK4xhT4bfQBPREVp7de3SnOr2yGwYnln5kwDl3T93etzQ/6DpSWxdnO7NR6iSaADcMVqkuwpA3oAWtXZmoFQea3nVPjlvcxoRa2znrevq/Em/b/y4Kr9rFmDtPn0bh8O2RtAvL/qG2A8UPR/E5s9gUqV9i48GQM+kiyfCqNR3owUJuUJoimzIH2NN+2pmPL8FTJA2uPgD9dTsMn5NB6OifeQca936GcKtlbrs2L0dISO5rBQfm5oj8ulQp0+1ObNvXNYYBx1FSpae1D0KkFUjbuJiaveRVyWIaJ3rr52dTA3J1eKBTkCAwEAAQKCAgA+RlPQ0KkUCSdoczR211iq+kwh4yWl5pnoQ4LMpZcnzWPXn+NytPtAgJO0klCIpcERlclvZtWW/24kscwrPdfuVYycAKYC+Niz6KPnm2k2cEFBQ2Hg9dmIotx5f5koi345k7cB9au1SB2wHq4/3hthgLfDjAImOBZWN9iB59okaxHj5LeNQXJCzH4se7ijNJ8w/4Wq5PfetR558CfrsrpShPeIDTqJYT3IMgm5sZ4+Psz7RZFqGLz5JRf4zVFc5Z5QwECAJ2x9YWi/e9NaG1Gv6+wMnaiXbg+mN/VKFi4Fmj/ocicrNJQWlrSQsopFFVvoO2wg60kM73l6boelaMf8GovOntSC4LPTsJdi7NpqAgvKrCNymJseEkd9jrgfgMkmLJ/+CYU8krf4ZeNCalu7eho/DxrPNvpdtzi4/gIX+i8SPo342Q5yjRVWFd3O9lOJcK/b6yRu/e2rNSzv66wJMqVTVoXifPTNr96uPwrqchz7H86wlmRECWuxLjQbF4O5W4ZYDSyxaJ174KLb/4VKC430qE3X4DbjMOyB/ja0jczebjX+ZUJYkIuiaD82VP+ZhClgqjDvZSuy+piCcFgHYd2SoD+Sij7ooOCwdaNho/HUTLuT4nkZV9IN+CY8ByDxT2TKSDrJXbmQnIvk4G/A6X/sZYMq4rmyzkqlEu5VoQKCAQEAz2xcx5foJdEPhuG4CMzRPtC5D8OdawRrwEreZs95PyP/DRX4PXKZH4EPxfZHS6JVCjzhUX+HbBqohdon0jSU6Vya/L6Cw/U+iHIvg4lG5W37IFfXoqro/m+xZUSSYudHBYfDM0x8HpeUp6+Nqc8LOq6/ZNZXjJihnaSuSTJuzxnn0BcWOgriSN4Uyg9M+stRjtzN57C+nTQcZXYGfc9FKUX4lRVkJjo7hdxqRPvLq65Jm4bZweU21fzDuzTnOBe/mchJaquiStlOcZcV1EImCIFYZ/kdi3bN384SmuHPd+tEtvwN51vfZqCouyMg8HyuqobrSfbLPttI0cNdr0G8DQKCAQEA9oGEq3ci6+Bu+Rh0Xmgt76y14XS8fAZJtPQiXal6wiWiNZiHEd9Z1OT7lq/V9ubd1FLek0+KaYjsD/NChmw0PPHaxJVsFWENdAbHfmrYdw04WvHlDqVbtslQwTRsb07CKaRsyAMMNlTE6yZt72Nu2GygeWCpqO6F5p7T+g380C4GuMPw8ZGATs23JKkUj/UOgO9h0eQlnKUR23PexZTIIs+S9cSEVb7SE77WmfZgH6Pfy0Lep3DnO40v62HRKhigjA0TEsJf5gAaH/sU27UNw4uOtBRfBiSWcB4Jx/+lTA1t7NcnERUtjp7Ek8y/BYo2ifV7FQhJrecf8PAsz3Pm3QKCAQAhGj8YT2LqHhonQYCYTu+Z4b+XB3Xo7VSw5IHn0HaeIAWFNhte2xoa0AMPacVpCagesSaYVgzrsLlyWyV9w4x8TZ4iddjyowHuzqJMkKzy0oGAYOR1/maerH6YFcBy7kwEUu1RE4S/cRt1Q2wNTJCTNe4vjpF8S6OHQA/ceKL8hDrdl8GhU7lXPbH9qUF0yNvkO9LUhf11oypg+twAWgLEmnkYech43VRAgbOn/LM9W9w9aOD5s7XzopouFzxLVGbsiO1Gi8ujvFhrglwmesQNGW9dcIFJj5U9gWqwsxbkIXTe6wzg/mWBwGQNMYcBOjS53DxSmoNHLcHKUC50WL5FAoIBAEsDGMMwytCqiDqG5YqA+1GO5f4Ijv7SzwUgsYB8/V0tJJJYqumWZPizAZhWQ68Ri/l7ij2bm8wHnYYxCVJshOzy0Ba4PZ633Ocs1PI0Q1DfFgIe0AxH54PU+R0B/elVNyKC5ZNr0gCKhS3lkNijEm0LiT3GW3qLsvV96ZWTQhZ7mxIIlj58f2X7lbqzNQ2ljddQgRzk50kmtitotCa94rUtI1Rki7yoB7d4gEdzwMaAEK8C10xuv/7QNP/U0ViVC+3yYJZ5zcLozwpiVnORQfH6et9zv4LYCWtuyJ0yvzNIduX2hu3c2vMmfz1Wtd5Ss8wBhoXc8sbXqVGhVJGAfIUCggEBALj3Pl738lJ2EkdTk2dDUDOaH+9nVYthMmtC0BdAq/P9pZ53qZOUG4QSQZA7jA3PBBscYcZHykR4miO9s4tU7a4hXiASzUawXbbkdvocPhyYfZaQcrup67u1AIxilRBiSELFLdttDCUZXqigVNbjhp3j6ZeWOTGZZXL7JyRYAlYZKkUUHzDy416dZmS/gUgfcRRiw0ZJTWBGsyzwC1MiJhrO8NPdeghmeyYWick9LDGePP5t3CBfacqHpIkrHVadcNbzapwegdZICEQl11Moks5HQbcEBtDSsN+dwnN0ThdtPDpPPCauTUdCOY/0afZoQLIBEabh4tbqzi4E2AQdr2M=",
+      "KeyType": "4096"
+    },
+    "Certificates": null
+  }
+}
--- a/config/traefik/dynamic_config.yml
+++ b/config/traefik/dynamic_config.yml
@@ -0,0 +1,53 @@
+http:
+  middlewares:
+    redirect-to-https:
+      redirectScheme:
+        scheme: https
+
+  routers:
+    # HTTP to HTTPS redirect router
+    main-app-router-redirect:
+      rule: "Host(`pangolin.akanealw2.com`)"
+      service: next-service
+      entryPoints:
+        - web
+      middlewares:
+        - redirect-to-https
+
+    # Next.js router (handles everything except API and WebSocket paths)
+    next-router:
+      rule: "Host(`pangolin.akanealw2.com`) && !PathPrefix(`/api/v1`)"
+      service: next-service
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: letsencrypt
+
+    # API router (handles /api/v1 paths)
+    api-router:
+      rule: "Host(`pangolin.akanealw2.com`) && PathPrefix(`/api/v1`)"
+      service: api-service
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: letsencrypt
+
+    # WebSocket router
+    ws-router:
+      rule: "Host(`pangolin.akanealw2.com`)"
+      service: api-service
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: letsencrypt
+
+  services:
+    next-service:
+      loadBalancer:
+        servers:
+          - url: "http://pangolin:3002"  # Next.js server
+
+    api-service:
+      loadBalancer:
+        servers:
+          - url: "http://pangolin:3000"  # API/WebSocket server
--- a/config/traefik/traefik_config.yml
+++ b/config/traefik/traefik_config.yml
@@ -0,0 +1,44 @@
+api:
+  insecure: true
+  dashboard: true
+
+providers:
+  http:
+    endpoint: "http://pangolin:3001/api/v1/traefik-config"
+    pollInterval: "5s"
+  file:
+    filename: "/etc/traefik/dynamic_config.yml"
+
+experimental:
+  plugins:
+    badger:
+      moduleName: "github.com/fosrl/badger"
+      version: "v1.1.0"
+
+log:
+  level: "INFO"
+  format: "common"
+
+certificatesResolvers:
+  letsencrypt:
+    acme:
+      httpChallenge:
+        entryPoint: web
+      email: "akanealw@gmail.com"
+      storage: "/letsencrypt/acme.json"
+      caServer: "https://acme-v02.api.letsencrypt.org/directory"
+
+entryPoints:
+  web:
+    address: ":80"
+  websecure:
+    address: ":443"
+    transport:
+      respondingTimeouts:
+        readTimeout: "30m"
+    http:
+      tls:
+        certResolver: "letsencrypt"
+
+serversTransport:
+  insecureSkipVerify: true