Move everyone to caddy
This commit is contained in:
parent
f3a7499d1f
commit
72e73075e7
|
@ -47,14 +47,16 @@ sweetums.woozle.org {
|
||||||
import restricted-access
|
import restricted-access
|
||||||
reverse_proxy host.docker.internal:5880
|
reverse_proxy host.docker.internal:5880
|
||||||
}
|
}
|
||||||
|
handle_path /public/* {
|
||||||
file_server /public/* {
|
file_server {
|
||||||
root /srv/ext/storage/public
|
root /srv/ext/storage/public
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
handle {
|
||||||
import restricted-access
|
import restricted-access
|
||||||
file_server {
|
file_server {
|
||||||
root /www
|
root /www
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,10 @@
|
||||||
#! /bin/sh
|
#! /bin/sh
|
||||||
|
|
||||||
|
caddy_hash () {
|
||||||
|
echo -n "$1 "
|
||||||
|
echo "$2" | docker run --rm -i caddy caddy hash-password
|
||||||
|
}
|
||||||
|
|
||||||
stack=$(basename $(pwd))
|
stack=$(basename $(pwd))
|
||||||
|
|
||||||
docker stack deploy -c docker-compose.yaml --prune $stack
|
docker stack deploy -c docker-compose.yaml --prune $stack
|
||||||
|
|
|
@ -141,10 +141,10 @@ configs:
|
||||||
name: dave.yaml-v3
|
name: dave.yaml-v3
|
||||||
Caddyfile:
|
Caddyfile:
|
||||||
file: Caddyfile
|
file: Caddyfile
|
||||||
name: Caddyfile-v17
|
name: Caddyfile-v18
|
||||||
index.html:
|
index.html:
|
||||||
file: index.html
|
file: index.html
|
||||||
name: index.html-v8
|
name: index.html-v9
|
||||||
|
|
||||||
secrets:
|
secrets:
|
||||||
caddy-users:
|
caddy-users:
|
||||||
|
|
|
@ -19,7 +19,7 @@
|
||||||
<p class="menu-label">Sweetums</p>
|
<p class="menu-label">Sweetums</p>
|
||||||
<ul class="menu-list">
|
<ul class="menu-list">
|
||||||
<li><a href="/sucker/">💿 Media Sucker</a></li>
|
<li><a href="/sucker/">💿 Media Sucker</a></li>
|
||||||
<li><a href="/transmission/">📥 Transmission</a></li>
|
<li><a href="/transmission/web/">📥 Transmission</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
</menu>
|
</menu>
|
||||||
</template>
|
</template>
|
||||||
|
|
|
@ -0,0 +1,21 @@
|
||||||
|
{
|
||||||
|
email neale@woozle.org
|
||||||
|
}
|
||||||
|
|
||||||
|
vail.woozle.org {
|
||||||
|
reverse_proxy vail:8080
|
||||||
|
}
|
||||||
|
|
||||||
|
www.woozle.org, woozle.org {
|
||||||
|
root * /srv/www/woozle.org
|
||||||
|
file_server
|
||||||
|
|
||||||
|
handle_errors {
|
||||||
|
@404 {
|
||||||
|
expression {http.error.status_code} == 404
|
||||||
|
}
|
||||||
|
rewrite @404 /404.html
|
||||||
|
file_server
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -1,20 +1,7 @@
|
||||||
version: "3.8"
|
version: "3.8"
|
||||||
services:
|
services:
|
||||||
traefik:
|
caddy:
|
||||||
image: traefik
|
image: caddy
|
||||||
environment:
|
|
||||||
TRAEFIK_API: "true"
|
|
||||||
TRAEFIK_API_INSECURE: "true"
|
|
||||||
TRAEFIK_ENTRYPOINTS_WEB_ADDRESS: :80
|
|
||||||
TRAEFIK_ENTRYPOINTS_WEB_HTTP_REDIRECTIONS_ENTRYPOINT_TO: websecure
|
|
||||||
TRAEFIK_ENTRYPOINTS_WEB_HTTP_REDIRECTIONS_ENTRYPOINT_SCHEME: https
|
|
||||||
TRAEFIK_ENTRYPOINTS_WEBSECURE_ADDRESS: :443
|
|
||||||
TRAEFIK_ENTRYPOINTS_WEBSECURE_HTTP_TLS_CERTRESOLVER: letsencrypt
|
|
||||||
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCYRPT_ACME_EMAIL: neale@woozle.org
|
|
||||||
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_STORAGE: /acme.json
|
|
||||||
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_HTTPCHALLENGE_ENTRYPOINT: web
|
|
||||||
TRAEFIK_PROVIDERS_DOCKER_SWARMMODE: "true"
|
|
||||||
TRAEFIK_PROVIDERS_DOCKER_EXPOSEDBYDEFAULT: "false"
|
|
||||||
ports:
|
ports:
|
||||||
- target: 80
|
- target: 80
|
||||||
published: 80
|
published: 80
|
||||||
|
@ -22,53 +9,22 @@ services:
|
||||||
- target: 443
|
- target: 443
|
||||||
published: 443
|
published: 443
|
||||||
mode: host
|
mode: host
|
||||||
- target: 8080
|
|
||||||
published: 8080
|
|
||||||
volumes:
|
volumes:
|
||||||
- type: bind
|
- type: bind
|
||||||
source: /var/run/docker.sock
|
source: /srv/caddy
|
||||||
target: /var/run/docker.sock
|
target: /data/caddy
|
||||||
read_only: true
|
|
||||||
- type: bind
|
- type: bind
|
||||||
source: /srv/traefik/acme.json
|
source: /srv/www
|
||||||
target: /acme.json
|
target: /srv/www
|
||||||
secrets:
|
read_only: true
|
||||||
- htaccess
|
configs:
|
||||||
deploy:
|
- source: Caddyfile
|
||||||
labels:
|
target: /etc/caddy/Caddyfile
|
||||||
traefik.enable: "true"
|
|
||||||
traefik.http.routers.dashboard.rule: "Host(`melville.woozle.org`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
|
|
||||||
traefik.http.routers.dashboard.tls.certresolver: letsencrypt
|
|
||||||
traefik.http.routers.dashboard.middlewares: auth
|
|
||||||
traefik.http.routers.dashboard.service: api@internal
|
|
||||||
traefik.http.middlewares.auth.basicauth.usersfile: /run/secrets/htaccess
|
|
||||||
traefik.http.services.traefik.loadbalancer.server.port: "1"
|
|
||||||
|
|
||||||
vail:
|
vail:
|
||||||
image: ghcr.io/nealey/vail:master
|
image: ghcr.io/nealey/vail:main
|
||||||
deploy:
|
|
||||||
labels:
|
|
||||||
traefik.enable: "true"
|
|
||||||
traefik.http.routers.vail.rule: "PathPrefix(`/vail`) || Host(`vail.woozle.org`)"
|
|
||||||
traefik.http.services.vail.loadbalancer.server.port: "8080"
|
|
||||||
|
|
||||||
chat:
|
configs:
|
||||||
image: ghcr.io/dirtbags/microchat
|
Caddyfile:
|
||||||
command:
|
file: Caddyfile
|
||||||
- --redis=redis:6379
|
name: Caddyfile-v5
|
||||||
- --noauth
|
|
||||||
deploy:
|
|
||||||
labels:
|
|
||||||
traefik.enable: "true"
|
|
||||||
traefik.http.routers.chat.rule: "Host(`melville.woozle.org`) && PathPrefix(`/chat`)"
|
|
||||||
traefik.http.routers.chat.middlewares: chat-prefix
|
|
||||||
traefik.http.middlewares.chat-prefix.stripprefix.prefixes: "/chat"
|
|
||||||
traefik.http.services.chat.loadbalancer.server.port: "8080"
|
|
||||||
redis:
|
|
||||||
image: redis
|
|
||||||
|
|
||||||
|
|
||||||
secrets:
|
|
||||||
htaccess:
|
|
||||||
file: htaccess
|
|
||||||
name: htaccess-v1
|
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
user:$apr1$tIOiVTs2$vDOzHYgsomLL5aCvAinUs1
|
|
Loading…
Reference in New Issue