diff --git a/reverseproxy/Dockerfile b/reverseproxy/Dockerfile deleted file mode 100644 index 6f91802..0000000 --- a/reverseproxy/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM caddy:builder AS builder - -RUN caddy-builder \ - github.com/caddy-dns/cloudflare - -FROM caddy:latest - -COPY --from=builder /usr/bin/caddy /usr/bin/caddy \ No newline at end of file diff --git a/reverseproxy/authelia/compose.yml b/reverseproxy/authelia/compose.yml deleted file mode 100644 index 69bc56b..0000000 --- a/reverseproxy/authelia/compose.yml +++ /dev/null @@ -1,31 +0,0 @@ -services: - authelia: - image: 'authelia/authelia' - container_name: 'authelia' - volumes: - - './config:/config' - networks: - - authelia - - reverseproxy - restart: 'unless-stopped' - healthcheck: - disable: true - environment: - TZ: 'America/Chicago' - - redis: - image: 'redis:alpine' - container_name: 'redis' - volumes: - - './redis:/data' - networks: - - authelia - restart: 'unless-stopped' - environment: - TZ: 'America/Chicago' - -networks: - authelia: - name: authelia - reverseproxy: - external: true diff --git a/reverseproxy/authelia/config/configuration.yml b/reverseproxy/authelia/config/configuration.yml deleted file mode 100644 index 43f7055..0000000 --- a/reverseproxy/authelia/config/configuration.yml +++ /dev/null @@ -1,124 +0,0 @@ ---- -############################################################### -# Authelia configuration # -############################################################### - -theme: dark - -server: - address: 'tcp://:9091' - endpoints: - authz: - forward-auth: - implementation: 'ForwardAuth' - -log: - level: 'info' - -totp: - issuer: 'authelia.com' - -identity_validation: - reset_password: - jwt_secret: '2b8a78f3ac1784ef6aab3899c663e1010c60d3a9de694550879da349fe222923' - -authentication_backend: - file: - path: '/config/users_database.yml' - -# access_control: -# default_policy: 'deny' -# rules: -# # Rules applied to everyone -# - domain: 'public.example.com' -# policy: 'bypass' -# - domain: 'traefik.example.com' -# policy: 'one_factor' -# - domain: 'secure.example.com' -# policy: 'two_factor' - -access_control: - default_policy: deny - networks: - - name: internal - networks: - - '10.0.0.0/8' - - '172.16.0.0/12' - - '192.168.0.0/16' - rules: - ## bypass all domains and subdomains from local ips - - domain: - - aknlw.com - - akanealw.com - - "*.akanealw.com" - networks: - - 'internal' - policy: bypass - # bypass api for subdomains - - domain: - - "*.akanealw.com" - resources: - - "^/api([/?].*)?$" - - "^/add([/?].*)?$" - - "^/public([/?].*)?$" - policy: bypass - # bypass specific subdomains - - domain: - - aknlw.com - - bitwarden.akanealw.com - - gitea.akanealw.com - - nextcloud.akanealw.com - policy: bypass - # bypass filebrowser shares - - domain: - - "filebrowser.akanealw.com" - resources: - - "^/api([/?].*)?$" - - "^/share([/?].*)?$" - - "^/static([/?].*)?$" - policy: bypass - # two_factor subdomains - - domain: - - akanealw.com - - "*.akanealw.com" - policy: two_factor - -session: - secret: 'ffc343d98b87910edcddb1f0dac4b492b62e29b5eafa92f1c213f37c4669f243' - - cookies: - - name: 'authelia_session' - domain: 'akanealw.com' - authelia_url: 'https://auth.akanealw.com' - default_redirection_url: 'https://akanealw.com' - expiration: '1 hour' - inactivity: '5 minutes' - - redis: - host: 'redis' - port: 6379 - password: 'bc4eb8df73776ba7716aeb60c0023ef6136b80680bb8ea1cf6c51a326dea2c43' - -regulation: - max_retries: 3 - find_time: '2 minutes' - ban_time: '5 minutes' - -storage: - encryption_key: 'cbd7570c1795cba61f05baf419b7cee23fa144d512bda2ea57ba300afa6b33bf' - local: - path: '/config/db.sqlite3' - -notifier: - smtp: - username: 'akanealw@gmail.com' - password: 'qlvmffuzpscltdgz' - address: 'smtp://smtp.gmail.com:587' - sender: 'akanealw@gmail.com' - -ntp: - address: 'udp://time.windows.com:123' - version: 3 - max_desync: '3s' - disable_startup_check: false - disable_failure: false diff --git a/reverseproxy/authelia/config/users_database.yml b/reverseproxy/authelia/config/users_database.yml deleted file mode 100644 index c92a691..0000000 --- a/reverseproxy/authelia/config/users_database.yml +++ /dev/null @@ -1,16 +0,0 @@ -############################################################### -# Users Database # -############################################################### - -# This file can be used if you do not have an LDAP set up. - -# List of users -users: - akanealw: - disabled: false - displayname: 'akanealw' - password: '$argon2id$v=19$m=65536,t=3,p=4$OdUFS5B8+7p5cuaE7TJ1Ig$fiMUt1PjTo65xltKyDfcwiu1yOPlO3G2X04CZCQFWig' - email: 'akanealw@gmail.com' - groups: - - 'admins' - - 'dev' diff --git a/reverseproxy/authentik/.env b/reverseproxy/authentik/.env deleted file mode 100644 index 69d0ed2..0000000 --- a/reverseproxy/authentik/.env +++ /dev/null @@ -1,18 +0,0 @@ -TZ=America/Chicago - -POSTGRES_PASSWORD=nu8Vohx1ot1eesoono5teshu6bohn9eiteich6Bu -AUTHENTIK_SECRET_KEY=0KGwGINtIe3PE7h1RR+CF/n+6hm6BiD1YjD31BBpqoA= - -# SMTP Host Emails are sent to -AUTHENTIK_EMAIL__HOST=smtp.gmail.com -AUTHENTIK_EMAIL__PORT=587 -# Optionally authenticate (don't add quotation marks to your password) -AUTHENTIK_EMAIL__USERNAME=akanealw@gmail.com -AUTHENTIK_EMAIL__PASSWORD=nhwdzlpwzjjzwchx -# Use StartTLS -AUTHENTIK_EMAIL__USE_TLS=true -# Use SSL -AUTHENTIK_EMAIL__USE_SSL=false -AUTHENTIK_EMAIL__TIMEOUT=10 -# Email address authentik will send from, should have a correct @domain -AUTHENTIK_EMAIL__FROM=akanealw@gmail.com diff --git a/reverseproxy/authentik/compose.yml b/reverseproxy/authentik/compose.yml deleted file mode 100644 index e22c7c6..0000000 --- a/reverseproxy/authentik/compose.yml +++ /dev/null @@ -1,105 +0,0 @@ -services: - authentik-server: - image: ghcr.io/goauthentik/server:2025.2.2 - container_name: authentik-server - command: server - environment: - - AUTHENTIK_REDIS__HOST=authentik-redis - - AUTHENTIK_POSTGRESQL__HOST=authentik-postgres - - AUTHENTIK_POSTGRESQL__USER=authentik - - AUTHENTIK_POSTGRESQL__NAME=authentik - - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD} - - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY} - - AUTHENTIK_EMAIL__HOST=${AUTHENTIK_EMAIL__HOST} - - AUTHENTIK_EMAIL__PORT=${AUTHENTIK_EMAIL__PORT} - - AUTHENTIK_EMAIL__USERNAME=${AUTHENTIK_EMAIL__USERNAME} - - AUTHENTIK_EMAIL__PASSWORD=${AUTHENTIK_EMAIL__PASSWORD} - - AUTHENTIK_EMAIL__USE_TLS=${AUTHENTIK_EMAIL__USE_TLS} - - AUTHENTIK_EMAIL__USE_SSL=${AUTHENTIK_EMAIL__USE_SSL} - - AUTHENTIK_EMAIL__TIMEOUT=${AUTHENTIK_EMAIL__TIMEOUT} - - AUTHENTIK_EMAIL__FROM=${AUTHENTIK_EMAIL__FROM} - networks: - - reverseproxy - - authentik - volumes: - - ./media:/media - - ./custom-templates:/templates - depends_on: - - authentik-postgres - - authentik-redis - restart: unless-stopped - - authentik-worker: - image: ghcr.io/goauthentik/server:2025.2.2 - container_name: authentik-worker - command: worker - environment: - - AUTHENTIK_REDIS__HOST=authentik-redis - - AUTHENTIK_POSTGRESQL__HOST=authentik-postgres - - AUTHENTIK_POSTGRESQL__USER=authentik - - AUTHENTIK_POSTGRESQL__NAME=authentik - - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD} - - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY} - - AUTHENTIK_EMAIL__HOST=${AUTHENTIK_EMAIL__HOST} - - AUTHENTIK_EMAIL__PORT=${AUTHENTIK_EMAIL__PORT} - - AUTHENTIK_EMAIL__USERNAME=${AUTHENTIK_EMAIL__USERNAME} - - AUTHENTIK_EMAIL__PASSWORD=${AUTHENTIK_EMAIL__PASSWORD} - - AUTHENTIK_EMAIL__USE_TLS=${AUTHENTIK_EMAIL__USE_TLS} - - AUTHENTIK_EMAIL__USE_SSL=${AUTHENTIK_EMAIL__USE_SSL} - - AUTHENTIK_EMAIL__TIMEOUT=${AUTHENTIK_EMAIL__TIMEOUT} - - AUTHENTIK_EMAIL__FROM=${AUTHENTIK_EMAIL__FROM} - networks: - - reverseproxy - - authentik - user: root - volumes: - - /run/docker.sock:/run/docker.sock - - ./media:/media - - ./certs:/certs - - ./custom-templates:/templates - depends_on: - - authentik-postgres - - authentik-redis - restart: unless-stopped - - authentik-redis: - image: docker.io/library/redis:7.4.2 - container_name: authentik-redis - command: --save 60 1 --loglevel warning - healthcheck: - test: ["CMD-SHELL", "redis-cli ping | grep PONG"] - start_period: 20s - interval: 30s - retries: 5 - timeout: 3s - networks: - - authentik - volumes: - - ./redis:/data - restart: unless-stopped - - authentik-postgres: - image: docker.io/library/postgres:17.4 - container_name: authentik-postgres - environment: - - POSTGRES_USER=authentik - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - POSTGRES_DB=authentik - - TZ=${TZ} - healthcheck: - test: ['CMD-SHELL', 'pg_isready -U "authentik"'] - start_period: 30s - interval: 10s - timeout: 10s - retries: 5 - networks: - - authentik - volumes: - - ./postgres:/var/lib/postgresql/data - restart: unless-stopped - -networks: - authentik: - name: authentik - reverseproxy: - external: true diff --git a/reverseproxy/caddy/Caddyfile b/reverseproxy/caddy/Caddyfile deleted file mode 100644 index f4f99cf..0000000 --- a/reverseproxy/caddy/Caddyfile +++ /dev/null @@ -1,676 +0,0 @@ -# -------------------------------------------------- -# global options -# -------------------------------------------------- - -{ - acme_ca https://acme-v02.api.letsencrypt.org/directory - - admin :2019 -# log { -# output file caddy.log -# level info -# } - - servers { - trusted_proxies static private_ranges - } - -} - -# -------------------------------------------------- -# cloudflare tls snippet for sites -# -------------------------------------------------- - -(cloudflare) { - tls { - dns cloudflare {env.DNS_PROVIDER_TOKEN} - resolvers 1.1.1.1 1.0.0.1 - } -} - -# -------------------------------------------------- -# auth snippet for authentik -# -------------------------------------------------- - -(authentik) { - reverse_proxy /outpost.goauthentik.io/* authentik-server:9000 - - forward_auth authentik-server:9000 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Entitlements X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version - } -} - -(auth) { - forward_auth authelia:9091 { - uri /api/authz/forward-auth - copy_headers Remote-User Remote-Groups Remote-Email Remote-Name - } -} - -# -------------------------------------------------- -# akanealw.com root domain -# -------------------------------------------------- - -akanealw.com { - import cloudflare - @akanealwcom host akanealw.com - handle @akanealwcom { - import auth - reverse_proxy 192.168.1.4:3005 - } -} - -# -------------------------------------------------- -# authentik subdomain -# -------------------------------------------------- - -authentik.akanealw.com { - import cloudflare - reverse_proxy authentik-server:9000 -} - -# -------------------------------------------------- -# authelia subdomain -# -------------------------------------------------- - -auth.akanealw.com { - import cloudflare - reverse_proxy authelia:9091 -} - -# -------------------------------------------------- -# *.akanealw.com subdomains -# -------------------------------------------------- - -*.akanealw.com { -# -------------------------------------------------- -# internal only subdomains -# -# -# @ host .akanealw.com -# handle @ { -# handle @internal { -# reverse_proxy 192.168.1. -# } -# respond "ip range not allowed" -# } -# -# -# @ host .akanealw.com -# handle @ { -# handle @internal { -# reverse_proxy https://192.168.1. { -# transport http { -# tls_insecure_skip_verify -# } -# } -# } -# respond "ip range not allowed" -# } -# -# -# -------------------------------------------------- - @internal client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8 - @external not client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8 - import cloudflare - - @checkmk host checkmk.akanealw.com - handle @checkmk { - handle @internal { - reverse_proxy 192.168.1.4:8888 - } - respond "ip range not allowed" - } - - @linkwarden host linkwarden.akanealw.com - handle @linkwarden { - handle @internal { - reverse_proxy 192.168.1.4:3232 - } - respond "ip range not allowed" - } - - @adguard1 host adguardserver1.akanealw.com - handle @adguard1 { - handle @internal { - reverse_proxy 192.168.1.2:80 - } - respond "ip range not allowed" - } - - @adguard2 host adguardserver2.akanealw.com - handle @adguard2 { - handle @internal { - reverse_proxy 192.168.1.3:80 - } - respond "ip range not allowed" - } - - @bale host bale.akanealw.com - handle @bale { - handle @internal { - reverse_proxy 192.168.1.51:8080 - } - respond "ip range not allowed" - } - - @cronicle host cronicle.akanealw.com - handle @cronicle { - handle @internal { - reverse_proxy 192.168.1.30:3012 - } - respond "ip range not allowed" - } - - @devdockge host dev-dockge.akanealw.com - handle @devdockge { - handle @internal { - reverse_proxy 192.168.1.35:5001 - } - respond "ip range not allowed" - } - - @devdozzle host dev-dozzle.akanealw.com - handle @devdozzle { - handle @internal { - reverse_proxy 192.168.1.35:8080 - } - respond "ip range not allowed" - } - - @dockerdockge host dockerserver-dockge.akanealw.com - handle @dockerdockge { - handle @internal { - reverse_proxy 192.168.1.30:5001 - } - respond "ip range not allowed" - } - - @dockerdozzle host dockerserver-dozzle.akanealw.com - handle @dockerdozzle { - handle @internal { - reverse_proxy 192.168.1.30:8080 - } - respond "ip range not allowed" - } - - @dockertestdockge host dockerservertest-dockge.akanealw.com - handle @dockertestdockge { - handle @internal { - reverse_proxy 192.168.1.33:5001 - } - respond "ip range not allowed" - } - - @dockertestdozzle host dockerservertest-dozzle.akanealw.com - handle @dockertestdozzle { - handle @internal { - reverse_proxy 192.168.1.33:8080 - } - respond "ip range not allowed" - } - - @proxyserverdockge host proxyserver-dockge.akanealw.com - handle @proxyserverdockge { - handle @internal { - reverse_proxy 192.168.1.4:5001 - } - respond "ip range not allowed" - } - - @proxyserverdozzle host proxyserver-dozzle.akanealw.com - handle @proxyserverdozzle { - handle @internal { - reverse_proxy 192.168.1.4:8080 - } - respond "ip range not allowed" - } - - @files host files.akanealw.com - handle @files { - handle @internal { - redir / /files{uri} - reverse_proxy 192.168.1.50:80 - } - respond "ip range not allowed" - } - - @icons host icons.akanealw.com - handle @icons { - handle @internal { - rewrite * /files/icons{uri} - reverse_proxy 192.168.1.50:80 - } - respond "ip range not allowed" - } - - @gluetun host gluetun.akanealw.com - handle @gluetun { - handle @internal { - reverse_proxy 192.168.1.30:8777 - } - respond "ip range not allowed" - } - - @peanut host peanut.akanealw.com - handle @peanut { - handle @internal { - reverse_proxy 192.168.1.30:8980 - } - respond "ip range not allowed" - } - - @photoprism host photoprism.akanealw.com - handle @photoprism { - handle @internal { - reverse_proxy 192.168.1.30:2342 - } - respond "ip range not allowed" - } - - @photoprismdadandmom host photos.akanealw.com - handle @photoprismdadandmom { - handle @internal { - reverse_proxy 192.168.1.25:2342 - } - respond "ip range not allowed" - } - - @proxmox1 host proxmox1.akanealw.com - handle @proxmox1 { - handle @internal { - reverse_proxy https://192.168.1.51:8006 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @proxmox2 host proxmox2.akanealw.com - handle @proxmox2 { - handle @internal { - reverse_proxy https://192.168.1.52:8006 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @proxmoxbackup host proxmoxbackup.akanealw.com - handle @proxmoxbackup { - handle @internal { - reverse_proxy https://192.168.1.51:8007 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @router host router.akanealw.com - handle @router { - handle @internal { - reverse_proxy https://192.168.1.1:443 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @rssbridge host rss-bridge.akanealw.com - handle @rssbridge { - handle @internal { - reverse_proxy 192.168.1.30:3006 - } - respond "ip range not allowed" - } - - @invidious host invidious.akanealw.com - handle @invidious { - handle @internal { - reverse_proxy 192.168.1.30:3000 - } - respond "ip range not allowed" - } - - @scripts host scripts.akanealw.com - handle @scripts { - handle @internal { - redir / /scripts{uri} - reverse_proxy 192.168.1.50:80 - } - respond "ip range not allowed" - } - - @speedtest host speedtest.akanealw.com - handle @speedtest { - handle @internal { - reverse_proxy 192.168.1.30:8765 - } - respond "ip range not allowed" - } - - @dockersyncthing host dockerserver-syncthing.akanealw.com - handle @dockersyncthing { - handle @internal { - reverse_proxy https://192.168.1.30:8384 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @gamingpcsyncthing host gamingpc-syncthing.akanealw.com - handle @gamingpcsyncthing { - handle @internal { - reverse_proxy https://192.168.1.11:8384 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @laptoppcsyncthing host laptoppc-syncthing.akanealw.com - handle @laptoppcsyncthing { - handle @internal { - reverse_proxy https://192.168.1.12:8384 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @webmin host webmin.akanealw.com - handle @webmin { - handle @internal { - reverse_proxy https://192.168.1.51:10000 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @wireguardui host wireguardui.akanealw.com - handle @wireguardui { - handle @internal { - reverse_proxy 192.168.1.4:5000 - } - respond "ip range not allowed" - } - - @zabbix host zabbix.akanealw.com - handle @zabbix { - handle @internal { - reverse_proxy 192.168.1.44:8080 - } - respond "ip range not allowed" - } - - @piholewg host pihole-wg.akanealw.com - handle @piholewg { - handle @internal { - redir / /admin{uri} - reverse_proxy 192.168.1.4:3000 - } - respond "ip range not allowed" - } - -# -------------------------------------------------- -# external subdomains without authentik -# -# -# @ host .akanealw.com -# handle @ { -# reverse_proxy 192.168.1. -# } -# -# -# -------------------------------------------------- - - @bitwarden host bitwarden.akanealw.com - handle @bitwarden { - reverse_proxy 192.168.1.4:8089 - } - - @giteadocker host gitea-docker.akanealw.com - handle @giteadocker { - reverse_proxy 192.168.1.4:3001 - } - - @gitea host gitea.akanealw.com - handle @gitea { - reverse_proxy 192.168.1.50:3000 - } - - @jellyfin host jellyfin.akanealw.com - handle @jellyfin { - reverse_proxy 192.168.1.42:8096 - } - -# -------------------------------------------------- -# external subdomains with authentik -# -# -# @ host .akanealw.com -# handle @ { -# import auth -# reverse_proxy 192.168.1. -# } -# -# -# -------------------------------------------------- - - @memos host memos.akanealw.com - handle @memos { - handle @external { - import auth - } - reverse_proxy 192.168.1.4:5230 - } - - @whoami host whoami.akanealw.com - handle @whoami { - import auth - reverse_proxy whoami:80 - } - - @wallos host wallos.akanealw.com - handle @wallos { - import auth - reverse_proxy 192.168.1.4:8389 - } - - @homepage host www.akanealw.com - handle @homepage { - import auth - reverse_proxy 192.168.1.4:3005 - } - - @filebrowser host filebrowser.akanealw.com - handle @filebrowser { - import auth - reverse_proxy 192.168.1.30:8484 - } - - @archive host archive.akanealw.com - handle @archive { - import auth - reverse_proxy 192.168.1.30:8283 - } - - @archivebox host archivebox.akanealw.com - handle @archivebox { - import auth - reverse_proxy 192.168.1.30:8283 - } - - @codeserver host codeserver.akanealw.com - handle @codeserver { - import auth - reverse_proxy 192.168.1.50:3001 - } - - @freshrss host freshrss.akanealw.com - handle @freshrss { - import auth - reverse_proxy 192.168.1.30:8088 - } - - @jackett host jackett.akanealw.com - handle @jackett { - import auth - reverse_proxy 192.168.1.30:9117 - } - - @jdownloader host jdownloader.akanealw.com - handle @jdownloader { - import auth - reverse_proxy 192.168.1.30:5800 - } - - @jellyseerr host jellyseerr.akanealw.com - handle @jellyseerr { - import auth - reverse_proxy 192.168.1.30:5056 - } - - @kavita host kavita.akanealw.com - handle @kavita { - import auth - reverse_proxy 192.168.1.30:5002 - } - - @lidarr host lidarr.akanealw.com - handle @lidarr { - import auth - reverse_proxy 192.168.1.30:8686 - } - - @metube host metube.akanealw.com - handle @metube { - import auth - reverse_proxy 192.168.1.30:8082 - } - - @mstream host mstream.akanealw.com - handle @mstream { - import auth - reverse_proxy 192.168.1.30:3001 - } - - @nzbhydra host nzbhydra.akanealw.com - handle @nzbhydra { - import auth - reverse_proxy 192.168.1.30:5076 - } - - @olivetin host olivetin.akanealw.com - handle @olivetin { - import auth - reverse_proxy 192.168.1.30:1337 - } - - @opengist host opengist.akanealw.com - handle @opengist { - import auth - reverse_proxy opengist:6157 - } - - @paperless host paperless.akanealw.com - handle @paperless { - import auth - reverse_proxy 192.168.1.30:8112 - } - - @prowlarr host prowlarr.akanealw.com - handle @prowlarr { - import auth - reverse_proxy 192.168.1.30:9696 - } - - @qbittorrent host qbittorrent.akanealw.com - handle @qbittorrent { - import auth - reverse_proxy 192.168.1.30:8282 - } - - @radarr host radarr.akanealw.com - handle @radarr { - import auth - reverse_proxy 192.168.1.30:7878 - } - - @sabnzbd host sabnzbd.akanealw.com - handle @sabnzbd { - import auth - reverse_proxy 192.168.1.30:8181 - } - - @shlinkweb host shlink.akanealw.com - handle @shlinkweb { - import auth - reverse_proxy 192.168.1.30:8381 - } - - @sonarr host sonarr.akanealw.com - handle @sonarr { - import auth - reverse_proxy 192.168.1.30:8989 - } - - @spdf host spdf.akanealw.com - handle @spdf { - import auth - reverse_proxy 192.168.1.30:8086 - } - - @ittools host it-tools.akanealw.com - handle @ittools { - import auth - reverse_proxy 192.168.1.30:8383 - } - - @wikidocs host wiki.akanealw.com - handle @wikidocs { - import auth - reverse_proxy 192.168.1.30:8022 - } - -} - -# -------------------------------------------------- -# aknlw.com root domain -# -------------------------------------------------- - -aknlw.com { - import cloudflare - @shlink host aknlw.com - handle @shlink { - reverse_proxy 192.168.1.30:8380 - } -} - -# -------------------------------------------------- -# *.aknlw.com subdomains -# -------------------------------------------------- - -repo.aknlw.com { - import cloudflare - reverse_proxy 192.168.1.50:3000 -} diff --git a/reverseproxy/compose.yml b/reverseproxy/compose.yml deleted file mode 100644 index c4179f8..0000000 --- a/reverseproxy/compose.yml +++ /dev/null @@ -1,29 +0,0 @@ -services: - caddy: - container_name: caddy - build: . - environment: - - DNS_PROVIDER_TOKEN=BI5kO2I9fHAqso_OClKxbUM6xTCodH2OfQ60yNp3 - security_opt: - - no-new-privileges:true - networks: - - reverseproxy - ports: - - 80:80 - - 443:443 - - 2019:2019 - volumes: - - ./caddy/data:/data - - ./caddy/Caddyfile:/etc/caddy/Caddyfile - - ./caddy/logs:/srv/ - restart: unless-stopped - - whoami: - image: traefik/whoami - container_name: whoami - networks: - - reverseproxy - -networks: - reverseproxy: - external: true