From 68a3c2c1241eae30fe72b8ec088595adc2583e77 Mon Sep 17 00:00:00 2001 From: akanealw Date: Sun, 29 May 2022 05:13:42 -0500 Subject: [PATCH] removed traefik - added npm --- docker-compose.yml | 62 ++++++++++------------------------- fileConfig.yml | 81 ---------------------------------------------- traefik.yml | 74 ------------------------------------------ 3 files changed, 17 insertions(+), 200 deletions(-) delete mode 100644 fileConfig.yml delete mode 100644 traefik.yml diff --git a/docker-compose.yml b/docker-compose.yml index 7c1f95b..f3fc3b0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,16 +7,29 @@ services: image: amir20/dozzle:latest environment: - DOZZLE_ADDR=:1234 - labels: - - traefik.enable=true - - traefik.http.routers.dozzle.entryPoints=https - - traefik.http.services.dozzle.loadbalancer.server.port=1234 ports: - 9999:1234 restart: always volumes: - /var/run/docker.sock:/var/run/docker.sock:ro + nginxproxymanager: + container_name: nginxproxymanager + hostname: nginxproxymanager + image: jc21/nginx-proxy-manager:latest + environment: + - X_FRAME_OPTIONS=sameorigin + - DB_SQLITE_FILE=/data/database.sqlite + ports: + - 8443:443/tcp + - 8080:80/tcp + - 8081:81/tcp + restart: always + volumes: + - ./appdata/nginxproxymanager/data:/data + - ./appdata/nginxproxymanager/letsencrypt:/etc/letsencrypt + - /etc/localtime:/etc/localtime:ro + openvpn: container_name: openvpn hostname: openvpn @@ -51,10 +64,6 @@ services: image: portainer/portainer-ce:latest environment: - AGENT_SECRET=$ADMIN - labels: - - traefik.enable=true - - traefik.http.routers.portainer.entryPoints=https - - traefik.http.services.portainer.loadbalancer.server.port=9000 ports: - 9000:9000/tcp restart: always @@ -94,10 +103,6 @@ services: - DEBUG=false - LAN_NETWORK=192.168.1.0/24 - NAME_SERVERS=209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1 - labels: - - traefik.enable=true - - traefik.http.routers.privoxyvpn.entryPoints=https - - traefik.http.services.privoxyvpn.loadbalancer.server.port=8118 privileged: true sysctls: - net.ipv4.conf.all.src_valid_mark=1 @@ -108,38 +113,5 @@ services: - ./appdata/privoxyvpn/config:/config - /etc/localtime:/etc/localtime:ro - redis: - container_name: redis - hostname: redis - image: "redis:alpine" - command: redis-server /redis.conf - ports: - - 6379:6379 - restart: always - volumes: - - ./appdata/redis/data:/var/lib/redis - - ./appdata/redis/redis.conf:/redis.conf - - traefik: - container_name: traefik - image: traefik:2.5 - ports: - - 8080:80 - - 8443:443 - - 8081:8080 - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro - - ./appdata/traefik/:/etc/traefik/ - networks: - - default - labels: - traefik.http.routers.api.rule: Host(`traefik.aknlw.com`) - traefik.http.routers.api.entryPoints: https - traefik.http.routers.api.service: api@internal - traefik.enable: true - environment: - DO_AUTH_TOKEN: dop_v1_0c437a780149010ce186a09117fa6edec29bda0afecc8831cd8c025798990891 - restart: unless-stopped - networks: default: \ No newline at end of file diff --git a/fileConfig.yml b/fileConfig.yml deleted file mode 100644 index 3576def..0000000 --- a/fileConfig.yml +++ /dev/null @@ -1,81 +0,0 @@ -http: - ## EXTERNAL ROUTING EXAMPLE - Only use if you want to proxy something manually ## - routers: -# homeassistant: -# entryPoints: -# - https -# rule: 'Host(`homeassistant.domain.com`)' -# service: homeassistant -# middlewares: -# - "auth" -# ## SERVICES EXAMPLE ## - services: -# homeassistant: -# loadBalancer: -# servers: -# - url: http://192.168.60.5:8123/ - -# ## MIDDLEWARES ## - middlewares: -# Only Allow Local networks -# local-ipwhitelist: -# ipWhiteList: -# sourceRange: -# - 127.0.0.1/32 # localhost -# - 192.168.1.1/24 # LAN Subnet - -# # Authelia guard -# authelia: -# forwardauth: -# address: http://authelia:9091/api/verify?rd=https://identity.aknlw.com/ # replace auth with your authelia container name -# trustForwardHeader: true -# authResponseHeaders: -# - Remote-User -# - Remote-Groups -# - Remote-Name -# - Remote-Email - -# # Authelia basic auth guard -# authelia-basic: -# forwardauth: -# address: http://authelia:9091/api/verify?auth=basic # replace auth with your authelia container name -# trustForwardHeader: true -# authResponseHeaders: -# - Remote-User -# - Remote-Groups -# - Remote-Name -# - Remote-Email - - # Security headers - securityHeaders: - headers: - customResponseHeaders: - X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex" - server: "" - X-Forwarded-Proto: "https" - sslProxyHeaders: - X-Forwarded-Proto: https - referrerPolicy: "strict-origin-when-cross-origin" - hostsProxyHeaders: - - "X-Forwarded-Host" - customRequestHeaders: - X-Forwarded-Proto: "https" - contentTypeNosniff: true - browserXssFilter: true - forceSTSHeader: true - stsIncludeSubdomains: true - stsSeconds: 63072000 - stsPreload: true - -# Only use secure ciphers - https://ssl-config.mozilla.org/#server=traefik&version=2.6.0&config=intermediate&guideline=5.6 -tls: - options: - default: - minVersion: VersionTLS12 - cipherSuites: - - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 - - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 diff --git a/traefik.yml b/traefik.yml deleted file mode 100644 index 097aa1a..0000000 --- a/traefik.yml +++ /dev/null @@ -1,74 +0,0 @@ -global: - checkNewVersion: true - sendAnonymousUsage: false - -serversTransport: - insecureSkipVerify: true - -entryPoints: - # Not used in apps, but redirect everything from HTTP to HTTPS - http: - address: :80 - http: - redirections: - entryPoint: - to: https - scheme: https - - # HTTPS endpoint, with domain wildcard - https: - address: :443 - http: - tls: - # Generate a wildcard domain certificate - certResolver: letsencrypt - domains: - - main: aknlw.com - sans: - - '*.aknlw.com' - middlewares: - - securityHeaders@file - -providers: - providersThrottleDuration: 2 - - # File provider for connecting things that are outside of docker / defining middleware - file: - filename: /etc/traefik/fileConfig.yml - watch: true - - # Docker provider for connecting all apps that are inside of the docker network - docker: - watch: true - network: docker_default # Add Your Docker Network Name Here - # Default host rule to containername.domain.example - defaultRule: "Host(`{{ index .Labels \"com.docker.compose.service\"}}.aknlw.com`)" - swarmModeRefreshSeconds: 15 - exposedByDefault: false - redis: - endpoints: - - 192.168.1.30:6379 - -# Enable traefik ui -api: - dashboard: true - insecure: true - -# Log level INFO|DEBUG|ERROR -log: - level: DEBUG - -# Use letsencrypt to generate ssl serficiates -certificatesResolvers: - letsencrypt: - acme: - caServer: https://acme-staging-v02.api.letsencrypt.org/directory - email: akanealw@gmail.com - storage: /etc/traefik/acme.json - dnsChallenge: - provider: digitalocean - delayBeforeCheck: 0 - # Used to make sure the dns challenge is propagated to the rights dns servers - resolvers: - - "8.8.8.8:53" - - "8.8.4.4:53"