Move everyone to caddy

This commit is contained in:
Neale Pickett 2022-09-04 17:12:30 -06:00
parent f3a7499d1f
commit 72e73075e7
8 changed files with 53 additions and 70 deletions

View File

@ -47,14 +47,16 @@ sweetums.woozle.org {
import restricted-access
reverse_proxy host.docker.internal:5880
}
file_server /public/* {
root /srv/ext/storage/public
handle_path /public/* {
file_server {
root /srv/ext/storage/public
}
}
import restricted-access
file_server {
root /www
handle {
import restricted-access
file_server {
root /www
}
}
}

View File

@ -1,5 +1,10 @@
#! /bin/sh
caddy_hash () {
echo -n "$1 "
echo "$2" | docker run --rm -i caddy caddy hash-password
}
stack=$(basename $(pwd))
docker stack deploy -c docker-compose.yaml --prune $stack

View File

@ -141,10 +141,10 @@ configs:
name: dave.yaml-v3
Caddyfile:
file: Caddyfile
name: Caddyfile-v17
name: Caddyfile-v18
index.html:
file: index.html
name: index.html-v8
name: index.html-v9
secrets:
caddy-users:

View File

@ -19,7 +19,7 @@
<p class="menu-label">Sweetums</p>
<ul class="menu-list">
<li><a href="/sucker/">💿 Media Sucker</a></li>
<li><a href="/transmission/">📥 Transmission</a></li>
<li><a href="/transmission/web/">📥 Transmission</a></li>
</ul>
</menu>
</template>

21
melville/Caddyfile Normal file
View File

@ -0,0 +1,21 @@
{
email neale@woozle.org
}
vail.woozle.org {
reverse_proxy vail:8080
}
www.woozle.org, woozle.org {
root * /srv/www/woozle.org
file_server
handle_errors {
@404 {
expression {http.error.status_code} == 404
}
rewrite @404 /404.html
file_server
}
}

View File

@ -1,20 +1,7 @@
version: "3.8"
services:
traefik:
image: traefik
environment:
TRAEFIK_API: "true"
TRAEFIK_API_INSECURE: "true"
TRAEFIK_ENTRYPOINTS_WEB_ADDRESS: :80
TRAEFIK_ENTRYPOINTS_WEB_HTTP_REDIRECTIONS_ENTRYPOINT_TO: websecure
TRAEFIK_ENTRYPOINTS_WEB_HTTP_REDIRECTIONS_ENTRYPOINT_SCHEME: https
TRAEFIK_ENTRYPOINTS_WEBSECURE_ADDRESS: :443
TRAEFIK_ENTRYPOINTS_WEBSECURE_HTTP_TLS_CERTRESOLVER: letsencrypt
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCYRPT_ACME_EMAIL: neale@woozle.org
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_STORAGE: /acme.json
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_HTTPCHALLENGE_ENTRYPOINT: web
TRAEFIK_PROVIDERS_DOCKER_SWARMMODE: "true"
TRAEFIK_PROVIDERS_DOCKER_EXPOSEDBYDEFAULT: "false"
caddy:
image: caddy
ports:
- target: 80
published: 80
@ -22,53 +9,22 @@ services:
- target: 443
published: 443
mode: host
- target: 8080
published: 8080
volumes:
- type: bind
source: /var/run/docker.sock
target: /var/run/docker.sock
read_only: true
source: /srv/caddy
target: /data/caddy
- type: bind
source: /srv/traefik/acme.json
target: /acme.json
secrets:
- htaccess
deploy:
labels:
traefik.enable: "true"
traefik.http.routers.dashboard.rule: "Host(`melville.woozle.org`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
traefik.http.routers.dashboard.tls.certresolver: letsencrypt
traefik.http.routers.dashboard.middlewares: auth
traefik.http.routers.dashboard.service: api@internal
traefik.http.middlewares.auth.basicauth.usersfile: /run/secrets/htaccess
traefik.http.services.traefik.loadbalancer.server.port: "1"
source: /srv/www
target: /srv/www
read_only: true
configs:
- source: Caddyfile
target: /etc/caddy/Caddyfile
vail:
image: ghcr.io/nealey/vail:master
deploy:
labels:
traefik.enable: "true"
traefik.http.routers.vail.rule: "PathPrefix(`/vail`) || Host(`vail.woozle.org`)"
traefik.http.services.vail.loadbalancer.server.port: "8080"
image: ghcr.io/nealey/vail:main
chat:
image: ghcr.io/dirtbags/microchat
command:
- --redis=redis:6379
- --noauth
deploy:
labels:
traefik.enable: "true"
traefik.http.routers.chat.rule: "Host(`melville.woozle.org`) && PathPrefix(`/chat`)"
traefik.http.routers.chat.middlewares: chat-prefix
traefik.http.middlewares.chat-prefix.stripprefix.prefixes: "/chat"
traefik.http.services.chat.loadbalancer.server.port: "8080"
redis:
image: redis
secrets:
htaccess:
file: htaccess
name: htaccess-v1
configs:
Caddyfile:
file: Caddyfile
name: Caddyfile-v5

View File

@ -1 +0,0 @@
user:$apr1$tIOiVTs2$vDOzHYgsomLL5aCvAinUs1