diff --git a/stacks/actual.yml b/stacks/actual.yml deleted file mode 100644 index 6fcbb7a..0000000 --- a/stacks/actual.yml +++ /dev/null @@ -1,12 +0,0 @@ -services: - actual_server: - image: ghcr.io/actualbudget/actual:latest - restart: unless-stopped - volumes: - - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/actual:/data - networks: - macvlan_192_168_3_0: - ipv4_address: 192.168.103.13 -networks: - macvlan_192_168_3_0: - external: true diff --git a/stacks/actual/actual.yml b/stacks/actual/actual.yml new file mode 100644 index 0000000..33f01a1 --- /dev/null +++ b/stacks/actual/actual.yml @@ -0,0 +1,20 @@ +services: + actual_server: + image: ghcr.io/actualbudget/actual:latest + restart: unless-stopped + volumes: + - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/actual:/data + labels: + - "traefik.enable=true" + - "traefik.http.routers.actual-web.rule=Host(`actual.skrd.fun`)" + - "traefik.http.routers.actual-web.entrypoints=web" + - "traefik.http.routers.actual-web.middlewares=redirect-to-https@file" + - "traefik.http.routers.actual.rule=Host(`actual.skrd.fun`)" + - "traefik.http.routers.actual.entrypoints=websecure" + - "traefik.http.routers.actual.tls.certresolver=cf" + - "traefik.http.services.actual.loadbalancer.server.port=5006" + +networks: + default: + name: traefik + external: true diff --git a/stacks/gametabs.yml b/stacks/gametabs.yml deleted file mode 100644 index 82fd9c4..0000000 --- a/stacks/gametabs.yml +++ /dev/null @@ -1,12 +0,0 @@ -services: - gametabs: - image: nginx - restart: unless-stopped - volumes: - - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gametabs:/usr/share/nginx/html - networks: - macvlan_192_168_3_0: - ipv4_address: 192.168.103.6 -networks: - macvlan_192_168_3_0: - external: true diff --git a/stacks/gametabs/gametabs.yml b/stacks/gametabs/gametabs.yml new file mode 100644 index 0000000..4913fc6 --- /dev/null +++ b/stacks/gametabs/gametabs.yml @@ -0,0 +1,20 @@ +services: + gametabs: + image: nginx + restart: unless-stopped + volumes: + - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gametabs:/usr/share/nginx/html + labels: + - "traefik.enable=true" + - "traefik.http.routers.gametabs-web.rule=Host(`gametabs.skrd.fun`)" + - "traefik.http.routers.gametabs-web.entrypoints=web" + - "traefik.http.routers.gametabs-web.middlewares=redirect-to-https@file" + - "traefik.http.routers.gametabs.rule=Host(`gametabs.skrd.fun`)" + - "traefik.http.routers.gametabs.entrypoints=websecure" + - "traefik.http.routers.gametabs.tls.certresolver=cf" + - "traefik.http.services.gametabs.loadbalancer.server.port=80" + +networks: + default: + name: traefik + external: true diff --git a/stacks/gitea.yml b/stacks/gitea.yml deleted file mode 100644 index 944de67..0000000 --- a/stacks/gitea.yml +++ /dev/null @@ -1,46 +0,0 @@ -services: - gitea: - image: gitea/gitea:latest - restart: unless-stopped - env_file: - - gitea.env - networks: - gitea_network: - macvlan_192_168_3_0: - ipv4_address: 192.168.103.3 - volumes: - - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/data:/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - depends_on: - - gitea-db - - runner: - image: gitea/act_runner:latest - restart: unless-stopped - env_file: - - gitea.env - networks: - - gitea_network - volumes: - - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/runner/config:/config - - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/runner/data:/data - - /var/run/docker.sock:/var/run/docker.sock - depends_on: - - gitea - - gitea-db: - image: postgres:16 - restart: unless-stopped - volumes: - - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/db:/var/lib/postgresql/data - networks: - - gitea_network - env_file: - - gitea.env - -networks: - gitea_network: - macvlan_192_168_3_0: - external: true - diff --git a/stacks/gitea.env.example b/stacks/gitea/gitea.env.example similarity index 55% rename from stacks/gitea.env.example rename to stacks/gitea/gitea.env.example index 297099d..bf48289 100644 --- a/stacks/gitea.env.example +++ b/stacks/gitea/gitea.env.example @@ -1,10 +1,7 @@ USER_UID=1000 USER_GID=1000 -CONFIG_FILE=/config/config.yaml -GITEA_INSTANCE_URL=https://git.skrd.fun GITEA_RUNNER_REGISTRATION_TOKEN=secret -GITEA_RUNNER_NAME=gitea-runner-1 POSTGRES_PASSWORD=secret POSTGRES_DB=gitea diff --git a/stacks/gitea/gitea.yml b/stacks/gitea/gitea.yml new file mode 100644 index 0000000..e5c032b --- /dev/null +++ b/stacks/gitea/gitea.yml @@ -0,0 +1,62 @@ +services: + gitea: + image: gitea/gitea:latest + restart: unless-stopped + environment: + USER_UID: ${USER_UID} + USER_GID: ${USER_GID} + networks: + - internal + - proxy + labels: + - "traefik.enable=true" + - "traefik.docker.network=traefik" + - "traefik.http.routers.gitea-web.rule=Host(`git.skrd.fun`)" + - "traefik.http.routers.gitea-web.entrypoints=web" + - "traefik.http.routers.gitea-web.middlewares=redirect-to-https@file" + - "traefik.http.routers.gitea.rule=Host(`git.skrd.fun`)" + - "traefik.http.routers.gitea.entrypoints=websecure" + - "traefik.http.routers.gitea.tls.certresolver=cf" + - "traefik.http.services.gitea.loadbalancer.server.port=3000" + volumes: + - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/data:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + depends_on: + - gitea-db + + runner: + image: gitea/act_runner:latest + restart: unless-stopped + environment: + CONFIG_FILE: /config/config.yaml + GITEA_INSTANCE_URL: "https://git.skrd.fun" + GITEA_RUNNER_NAME: "gitea-runner-1" + GITEA_RUNNER_REGISTRATION_TOKEN: "${GITEA_RUNNER_REGISTRATION_TOKEN}" + networks: + - internal + volumes: + - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/runner/config:/config + - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/runner/data:/data + - /var/run/docker.sock:/var/run/docker.sock + depends_on: + - gitea + + gitea-db: + image: postgres:16 + restart: unless-stopped + volumes: + - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/gitea/db:/var/lib/postgresql/data + networks: + - internal + environment: + POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" + POSTGRES_DB: "${POSTGRES_DB}" + POSTGRES_USER: "${POSTGRES_USER}" + +networks: + internal: + name: gitea + proxy: + name: traefik + external: true diff --git a/stacks/immich.env.example b/stacks/immich.env.example deleted file mode 100644 index 30bc931..0000000 --- a/stacks/immich.env.example +++ /dev/null @@ -1,8 +0,0 @@ -DB_PASSWORD=secret -DB_USERNAME=postgres -DB_DATABASE_NAME=immich - -POSTGRES_PASSWORD=secret -POSTGRES_USER=postgres -POSTGRES_DB=immich -POSTGRES_INITDB_ARGS='--data-checksums' diff --git a/stacks/immich/immich.env.example b/stacks/immich/immich.env.example new file mode 100644 index 0000000..54a49af --- /dev/null +++ b/stacks/immich/immich.env.example @@ -0,0 +1,3 @@ +DB_PASSWORD=secret +DB_USERNAME=postgres +DB_DATABASE_NAME=immich diff --git a/stacks/immich.yml b/stacks/immich/immich.yml similarity index 53% rename from stacks/immich.yml rename to stacks/immich/immich.yml index 5d90a00..87024ef 100644 --- a/stacks/immich.yml +++ b/stacks/immich/immich.yml @@ -6,11 +6,22 @@ services: - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/immich/upload:/usr/src/app/upload - /etc/localtime:/etc/localtime:ro networks: - immich_network: - macvlan_192_168_3_0: - ipv4_address: 192.168.103.12 - env_file: - - immich.env + - internal + - proxy + labels: + - "traefik.enable=true" + - "traefik.docker.network=traefik" + - "traefik.http.routers.immich-web.rule=Host(`photos.skrd.fun`)" + - "traefik.http.routers.immich-web.entrypoints=web" + - "traefik.http.routers.immich-web.middlewares=redirect-to-https@file" + - "traefik.http.routers.immich.rule=Host(`photos.skrd.fun`)" + - "traefik.http.routers.immich.entrypoints=websecure" + - "traefik.http.routers.immich.tls.certresolver=cf" + - "traefik.http.services.immich.loadbalancer.server.port=2283" + environment: + DB_PASSWORD: ${DB_PASSWORD} + DB_USERNAME: ${DB_USERNAME} + DB_DATABASE_NAME: ${DB_DATABASE_NAME} depends_on: - redis - database @@ -19,7 +30,7 @@ services: image: ghcr.io/immich-app/immich-machine-learning:release restart: unless-stopped networks: - immich_network: + - internal volumes: - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/immich/model-cache:/cache @@ -27,7 +38,7 @@ services: image: docker.io/redis:6.2-alpine@sha256:328fe6a5822256d065debb36617a8169dbfbd77b797c525288e465f56c1d392b restart: unless-stopped networks: - immich_network: + - internal healthcheck: test: redis-cli ping || exit 1 @@ -35,9 +46,12 @@ services: image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0 restart: unless-stopped networks: - immich_network: - env_file: - - immich.env + - internal + environment: + POSTGRES_PASSWORD: ${DB_PASSWORD} + POSTGRES_USER: ${DB_USERNAME} + POSTGRES_DB: ${DB_DATABASE_NAME} + POSTGRES_INITDB_ARGS: "--data-checksums" volumes: - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/immich/postgres:/var/lib/postgresql/data healthcheck: @@ -45,9 +59,26 @@ services: interval: 5m start_interval: 30s start_period: 5m - command: ["postgres", "-c" ,"shared_preload_libraries=vectors.so", "-c", 'search_path="$$user", public, vectors', "-c", "logging_collector=on", "-c", "max_wal_size=2GB", "-c", "shared_buffers=512MB", "-c", "wal_compression=on"] + command: + [ + "postgres", + "-c", + "shared_preload_libraries=vectors.so", + "-c", + 'search_path="$$user", public, vectors', + "-c", + "logging_collector=on", + "-c", + "max_wal_size=2GB", + "-c", + "shared_buffers=512MB", + "-c", + "wal_compression=on", + ] networks: - immich_network: - macvlan_192_168_3_0: + internal: + name: immich + proxy: + name: traefik external: true diff --git a/stacks/jellyfin.yml b/stacks/jellyfin/jellyfin.yml similarity index 52% rename from stacks/jellyfin.yml rename to stacks/jellyfin/jellyfin.yml index 8abdfb9..083cc0c 100644 --- a/stacks/jellyfin.yml +++ b/stacks/jellyfin/jellyfin.yml @@ -1,8 +1,17 @@ services: jellyfin: image: jellyfin/jellyfin - restart: 'unless-stopped' + restart: "unless-stopped" user: 1000:1000 + labels: + - "traefik.enable=true" + - "traefik.http.routers.jellyfin-web.rule=Host(`jelly.skrd.fun`)" + - "traefik.http.routers.jellyfin-web.entrypoints=web" + - "traefik.http.routers.jellyfin-web.middlewares=redirect-to-https@file" + - "traefik.http.routers.jellyfin.rule=Host(`jelly.skrd.fun`)" + - "traefik.http.routers.jellyfin.entrypoints=websecure" + - "traefik.http.routers.jellyfin.tls.certresolver=cf" + - "traefik.http.services.jellyfin.loadbalancer.server.port=8096" volumes: - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/jellyfin/config:/config - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/jellyfin/cache:/cache @@ -11,9 +20,7 @@ services: - /srv/dev-disk-by-uuid-c7a96ee1-c08e-48b1-8afa-79c75380d142/tv:/data/tv environment: - JELLYFIN_PublishedServerUrl=https://jelly.skrd.fun - networks: - macvlan_192_168_3_0: - ipv4_address: 192.168.103.11 networks: - macvlan_192_168_3_0: + default: + name: traefik external: true diff --git a/stacks/moka.env.example b/stacks/moka/moka.env.example similarity index 100% rename from stacks/moka.env.example rename to stacks/moka/moka.env.example diff --git a/stacks/moka.yml b/stacks/moka/moka.yml similarity index 67% rename from stacks/moka.yml rename to stacks/moka/moka.yml index f92ab74..7283305 100644 --- a/stacks/moka.yml +++ b/stacks/moka/moka.yml @@ -3,9 +3,17 @@ services: image: git.skrd.fun/skrd/moka:v0.3.9.1 restart: unless-stopped env_file: - - moka.env + - .env environment: - SERVICE=server + labels: + - "traefik.enable=true" + - "traefik.docker.network=traefik" + - "traefik.http.routers.moka.rule=Host(`moka.skrd.fun`)" + - "traefik.http.routers.moka.entrypoints=websecure" + - "traefik.http.routers.moka.tls.certresolver=cf" + - "traefik.http.services.moka.loadbalancer.server.port=80" + - "traefik.http.routers.moka.middlewares=redirect-to-https@file" volumes: - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/moka:/app/storage depends_on: @@ -14,22 +22,22 @@ services: pgsql: condition: service_healthy networks: - moka_network: - macvlan_192_168_3_0: - ipv4_address: 192.168.103.19 + - internal + - proxy init: true healthcheck: - test: [ "CMD-SHELL", "curl -fsS http://localhost:8000/up >/dev/null || exit 1" ] + test: + ["CMD-SHELL", "curl -fsS http://localhost:80/up >/dev/null || exit 1"] interval: 30s timeout: 5s - retries: 3 + start_period: 20s schedule: image: git.skrd.fun/skrd/moka:v0.3.9.1 restart: unless-stopped env_file: - - moka.env + - .env environment: - SERVICE=schedule volumes: @@ -40,10 +48,11 @@ services: pgsql: condition: service_healthy networks: - moka_network: + - internal init: true healthcheck: - test: [ "CMD-SHELL", "pgrep -f 'artisan schedule:work' >/dev/null || exit 1" ] + test: + ["CMD-SHELL", "pgrep -f 'artisan schedule:work' >/dev/null || exit 1"] interval: 30s timeout: 5s retries: 3 @@ -64,10 +73,10 @@ services: pgsql: condition: service_healthy networks: - moka_network: + - internal init: true healthcheck: - test: [ "CMD-SHELL", "pgrep -f 'artisan queue:work' >/dev/null || exit 1" ] + test: ["CMD-SHELL", "pgrep -f 'artisan queue:work' >/dev/null || exit 1"] interval: 30s timeout: 5s retries: 3 @@ -79,9 +88,9 @@ services: volumes: - redis_data:/data networks: - moka_network: + - internal healthcheck: - test: [ "CMD-SHELL", "redis-cli -h 127.0.0.1 ping | grep -q PONG" ] + test: ["CMD-SHELL", "redis-cli -h 127.0.0.1 ping | grep -q PONG"] interval: 3s timeout: 3s retries: 10 @@ -99,13 +108,14 @@ services: volumes: - postgres_data:/var/lib/postgresql/data networks: - moka_network: + - internal init: true healthcheck: - test: [ - "CMD-SHELL", - "pg_isready -h 127.0.0.1 -p 5432 -U ${POSTGRES_USER:-postgres} -d ${POSTGRES_DB:-postgres}" - ] + test: + [ + "CMD-SHELL", + "pg_isready -h 127.0.0.1 -p 5432 -U ${POSTGRES_USER:-postgres} -d ${POSTGRES_DB:-postgres}", + ] interval: 3s timeout: 3s retries: 10 @@ -116,6 +126,8 @@ volumes: postgres_data: networks: - moka_network: - macvlan_192_168_3_0: + internal: + name: moka + proxy: + name: traefik external: true diff --git a/stacks/navidrome.yml b/stacks/navidrome.yml deleted file mode 100644 index 92e286e..0000000 --- a/stacks/navidrome.yml +++ /dev/null @@ -1,17 +0,0 @@ -services: - navidrome: - image: deluan/navidrome:latest - user: 1000:1000 - restart: unless-stopped - environment: - ND_BASEURL: "https:://navi.skrd.fun" - networks: - macvlan_192_168_3_0: - ipv4_address: 192.168.103.10 - volumes: - - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/navidrome:/data - - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/music:/music:ro -networks: - macvlan_192_168_3_0: - external: true - diff --git a/stacks/navidrome/navidrome.yml b/stacks/navidrome/navidrome.yml new file mode 100644 index 0000000..dfd7a1b --- /dev/null +++ b/stacks/navidrome/navidrome.yml @@ -0,0 +1,24 @@ +services: + navidrome: + image: deluan/navidrome:latest + user: 1000:1000 + restart: unless-stopped + environment: + ND_BASEURL: "https:://navi.skrd.fun" + labels: + - "traefik.enable=true" + - "traefik.http.routers.navidrome-web.rule=Host(`navi.skrd.fun`)" + - "traefik.http.routers.navidrome-web.entrypoints=web" + - "traefik.http.routers.navidrome-web.middlewares=redirect-to-https@file" + - "traefik.http.routers.navidrome.rule=Host(`navi.skrd.fun`)" + - "traefik.http.routers.navidrome.entrypoints=websecure" + - "traefik.http.routers.navidrome.tls.certresolver=cf" + - "traefik.http.services.navidrome.loadbalancer.server.port=4533" + volumes: + - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/navidrome:/data + - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/music:/music:ro + +networks: + default: + name: traefik + external: true diff --git a/stacks/qbittorrent.yml b/stacks/qbittorrent.yml deleted file mode 100644 index a6be6b3..0000000 --- a/stacks/qbittorrent.yml +++ /dev/null @@ -1,20 +0,0 @@ -services: - qbittorrent: - image: lscr.io/linuxserver/qbittorrent:latest - environment: - - PUID=1000 - - PGID=1000 - - TZ=America/Santiago - - WEBUI_PORT=80 - - TORRENTING_PORT=6881 - volumes: - - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/qbittorrent:/config:/config - - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/downloads:/downloads - restart: unless-stopped - networks: - macvlan_192_168_3_0: - ipv4_address: 192.168.103.4 - -networks: - macvlan_192_168_3_0: - external: true diff --git a/stacks/qbittorrent/qbittorrent.yml b/stacks/qbittorrent/qbittorrent.yml new file mode 100644 index 0000000..d80060c --- /dev/null +++ b/stacks/qbittorrent/qbittorrent.yml @@ -0,0 +1,28 @@ +services: + qbittorrent: + image: lscr.io/linuxserver/qbittorrent:latest + environment: + - PUID=1000 + - PGID=1000 + - TZ=America/Santiago + - WEBUI_PORT=80 + - TORRENTING_PORT=6881 + ports: + - "6881:6881" + volumes: + - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/qbittorrent:/config:/config + - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/downloads:/downloads + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.routers.qbittorrent-web.rule=Host(`torrent.skrd.fun`)" + - "traefik.http.routers.qbittorrent-web.entrypoints=web" + - "traefik.http.routers.qbittorrent-web.middlewares=redirect-to-https@file" + - "traefik.http.routers.qbittorrent.rule=Host(`torrent.skrd.fun`)" + - "traefik.http.routers.qbittorrent.entrypoints=websecure" + - "traefik.http.routers.qbittorrent.tls.certresolver=cf" + - "traefik.http.services.qbittorrent.loadbalancer.server.port=80" +networks: + default: + name: traefik + external: true diff --git a/stacks/traefik/dynamic/komodo.yml b/stacks/traefik/dynamic/komodo.yml new file mode 100644 index 0000000..ec0ef76 --- /dev/null +++ b/stacks/traefik/dynamic/komodo.yml @@ -0,0 +1,16 @@ +http: + routers: + komodo: + rule: Host(`komodo.skrd.fun`) + entryPoints: + - websecure + service: komodo-svc + tls: + certResolver: cf + middlewares: + - local-only + services: + komodo-svc: + loadBalancer: + servers: + - url: "http://192.168.102.1:9120" diff --git a/stacks/traefik/dynamic/middlewares.yml b/stacks/traefik/dynamic/middlewares.yml new file mode 100644 index 0000000..787f3fc --- /dev/null +++ b/stacks/traefik/dynamic/middlewares.yml @@ -0,0 +1,12 @@ +http: + middlewares: + local-only: + ipWhiteList: + sourceRange: + - "192.168.0.0/16" + - "10.0.0.0/8" + - "127.0.0.1/32" + redirect-to-https: + redirectScheme: + scheme: https + permanent: true diff --git a/stacks/traefik/trafik.yml b/stacks/traefik/trafik.yml new file mode 100644 index 0000000..e6857bc --- /dev/null +++ b/stacks/traefik/trafik.yml @@ -0,0 +1,42 @@ +services: + traefik: + image: traefik:v3.5 + command: + - "--log.level=DEBUG" + - "--accesslog=true" + - "--api.dashboard=true" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--providers.file.directory=/dynamic" + - "--providers.file.watch=true" + - "--entryPoints.web.address=:80" + - "--entryPoints.websecure.address=:443" + - "--certificatesresolvers.cf.acme.dnschallenge=true" + - "--certificatesresolvers.cf.acme.dnschallenge.provider=cloudflare" + - "--certificatesresolvers.cf.acme.email=tls@skrd.fun" + - "--certificatesresolvers.cf.acme.storage=/letsencrypt/acme.json" + ports: + - "80:80" + - "443:443" + labels: + - "traefik.enable=true" + - "traefik.http.routers.dashboard-web.rule=Host(`traefik.skrd.fun`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))" + - "traefik.http.routers.dashboard-web.entrypoints=web" + - "traefik.http.routers.dashboard-web.middlewares=local-only@file, redirect-to-https@file" + - "traefik.http.routers.dashboard.rule=Host(`traefik.skrd.fun`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))" + - "traefik.http.routers.dashboard.entrypoints=websecure" + - "traefik.http.routers.dashboard.tls=true" + - "traefik.http.routers.dashboard.tls.certresolver=cf" + - "traefik.http.routers.dashboard.service=api@internal" + - "traefik.http.routers.dashboard.middlewares=local-only@file" + volumes: + - "/var/run/docker.sock:/var/run/docker.sock" + - "/srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/traefik/letsencrypt:/letsencrypt" + - "/srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/traefik/dynamic:/dynamic" + environment: + CF_API_EMAIL: "${CF_API_EMAIL}" + CF_DNS_API_TOKEN: "${CF_DNS_API_TOKEN}" + +networks: + default: + name: traefik diff --git a/stacks/zenithar.env.example b/stacks/zenithar/zenithar.env.example similarity index 100% rename from stacks/zenithar.env.example rename to stacks/zenithar/zenithar.env.example diff --git a/stacks/zenithar.yml b/stacks/zenithar/zenithar.yml similarity index 63% rename from stacks/zenithar.yml rename to stacks/zenithar/zenithar.yml index ed4a838..3109265 100644 --- a/stacks/zenithar.yml +++ b/stacks/zenithar/zenithar.yml @@ -3,15 +3,9 @@ services: db: image: mariadb restart: unless-stopped + ports: + - "3306:3306" env_file: - zenithar.env volumes: - /srv/dev-disk-by-uuid-1582b800-1f82-407a-a3aa-3460b3390127/docker/zenithar:/var/lib/mysql:Z - networks: - macvlan_192_168_3_0: - ipv4_address: 192.168.103.7 - -networks: - macvlan_192_168_3_0: - external: true -