From a3944d38671c4d028805016e9209b35f99d7dcd5 Mon Sep 17 00:00:00 2001 From: Florian Zirker Date: Tue, 8 Oct 2024 16:02:32 +0200 Subject: [PATCH] Replace Traefik with Caddy as proxy --- dashboard/docker-compose.yaml | 4 --- download/docker-compose.yaml | 9 +----- media/docker-compose.yml | 12 ------- monitoring/docker-compose.yaml | 15 --------- paperless/docker-compose.yaml | 5 --- proxy/Caddyfile | 52 +++++++++++++++++++++++++++++++ proxy/docker-compose.yaml | 57 +++++++++------------------------- proxy/traefik.yml | 23 -------------- smartHome/docker-compose.yaml | 10 ++---- torrent/docker-compose.yaml | 4 --- 10 files changed, 69 insertions(+), 122 deletions(-) create mode 100644 proxy/Caddyfile delete mode 100644 proxy/traefik.yml diff --git a/dashboard/docker-compose.yaml b/dashboard/docker-compose.yaml index a6b4896..e53b870 100644 --- a/dashboard/docker-compose.yaml +++ b/dashboard/docker-compose.yaml @@ -10,10 +10,6 @@ services: environment: - INIT_ASSETS=1 labels: - - "traefik.enable=true" - - "traefik.http.routers.homer.rule=Host(`dashboard.${DOMAIN}`)" - - "traefik.http.routers.homer.entrypoints=web" - - "traefik.http.services.homer.loadbalancer.server.port=8080" - "docker.group=dashboard" restart: unless-stopped diff --git a/download/docker-compose.yaml b/download/docker-compose.yaml index cd57060..597dbbe 100644 --- a/download/docker-compose.yaml +++ b/download/docker-compose.yaml @@ -1,6 +1,6 @@ services: - app: + pyload: image: linuxserver/pyload-ng environment: - PUID=1000 @@ -9,16 +9,9 @@ services: volumes: - ${VOLUMES_PATH}/download/pyload:/config - ${DOWNLOAD_PATH}:/downloads -# ports: - #- 7227:7227 #optional Thrift Backend networks: - web labels: - - "traefik.enable=true" - - "traefik.http.routers.pyload.rule=Host(`download.${DOMAIN}`)" - - "traefik.http.routers.pyload.entrypoints=web" - - "traefik.http.services.pyload.loadbalancer.server.port=8000" - - "docker.group=selfhost" - "docker.group=download" restart: unless-stopped diff --git a/media/docker-compose.yml b/media/docker-compose.yml index c4bb361..fffe864 100644 --- a/media/docker-compose.yml +++ b/media/docker-compose.yml @@ -28,16 +28,4 @@ services: # - /dev/dri/renderD128:/dev/dri/renderD128 # - /dev/dri/card0:/dev/dri/card0 labels: - - "traefik.enable=true" - - "traefik.http.routers.jellyfin.rule=Host(`jellyfin.${DOMAIN}`)" - - "traefik.http.routers.jellyfin.entrypoints=web" - - "traefik.http.services.jellyfin.loadbalancer.server.port=8096" - - 'traefik.http.middlewares.jellyfin-mw.headers.customResponseHeaders.X-Robots-Tag=noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex' - - 'traefik.http.middlewares.jellyfin-mw.headers.frameDeny=true' - - 'traefik.http.middlewares.jellyfin-mw.headers.contentTypeNosniff=true' - - 'traefik.http.middlewares.jellyfin-mw.headers.customresponseheaders.X-XSS-PROTECTION=1' - - 'traefik.http.middlewares.jellyfin-mw.headers.browserXSSFilter=true' - - "traefik.http.middlewares.jellyfin-mw.headers.customFrameOptionsValue='allow-from http://jellyfin.${DOMAIN}'" - - "traefik.http.middlewares.jellyfin-mw.headers.customrequestheaders.X-Forwarded-Proto: https" - - 'traefik.http.routers.jellyfin.middlewares=jellyfin-mw' - "docker.group=media" diff --git a/monitoring/docker-compose.yaml b/monitoring/docker-compose.yaml index 0bb4db6..a8debb3 100644 --- a/monitoring/docker-compose.yaml +++ b/monitoring/docker-compose.yaml @@ -9,11 +9,6 @@ services: - web - monitoring labels: - - "traefik.enable=true" - - "traefik.http.routers.monitoring.rule=Host(`monitoring.${DOMAIN}`)" - - "traefik.http.routers.monitoring.entrypoints=web" - - "traefik.http.services.monitoring.loadbalancer.server.port=3000" - - "traefik.docker.network=web" - "docker.group=monitoring" environment: - GF_DEFAULT_INSTANCE_NAME=monitoring.${DOMAIN} @@ -62,11 +57,6 @@ services: - ${VOLUMES_PATH}/monitoring/influxdb/:/var/lib/influxdb - ${PWD}/influxdb.conf:/etc/influxdb/influxdb.conf:ro labels: - - "traefik.enable=true" - - "traefik.http.routers.influxdb.rule=Host(`influxdb.${DOMAIN}`)" - - "traefik.http.routers.influxdb.entrypoints=web" - - "traefik.http.services.influxdb.loadbalancer.server.port=8086" - - "traefik.docker.network=web" - "docker.group=monitoring" @@ -79,11 +69,6 @@ services: - dockersocket restart: unless-stopped labels: - - "traefik.enable=true" - - "traefik.http.routers.uptimekuma.rule=Host(`uptime.${DOMAIN}`)" - - "traefik.http.routers.uptimekuma.entrypoints=web" - - "traefik.http.services.uptimekuma.loadbalancer.server.port=3001" - - "traefik.docker.network=web" - "docker.group=monitoring" networks: diff --git a/paperless/docker-compose.yaml b/paperless/docker-compose.yaml index 53c1caf..6c30a30 100644 --- a/paperless/docker-compose.yaml +++ b/paperless/docker-compose.yaml @@ -59,11 +59,6 @@ services: - USERMAP_GID=1000 - PAPERLESS_PRE_CONSUME_SCRIPT=/usr/src/paperless/scripts/removePdfPassword.py labels: - - "traefik.enable=true" - - "traefik.http.routers.paperless.rule=Host(`paperless.${DOMAIN}`)" - - "traefik.http.routers.paperless.entrypoints=web" - - "traefik.http.services.paperless.loadbalancer.server.port=8000" - - "traefik.docker.network=web" - "docker.group=paperless" diff --git a/proxy/Caddyfile b/proxy/Caddyfile new file mode 100644 index 0000000..eabf0ec --- /dev/null +++ b/proxy/Caddyfile @@ -0,0 +1,52 @@ +{ + auto_https off +} + +http://whoami.lan { + reverse_proxy whoami:80 +} + +http://dashboard.lan { + reverse_proxy homer:8080 +} + +http://hassi.lan { +# reverse_proxy homeassistant:8123 + reverse_proxy dockerhost-1.lan:8123 +} + +http://zigbee2mqtt.lan { + reverse_proxy zigbee2mqtt:8080 +} + +http://jellyfin.lan { + reverse_proxy jellyfin:8096 +} + +http://paperless.lan { + reverse_proxy paperless-ngx:8000 +} + +http://download.lan { + reverse_proxy pyload:8000 +} + +http://monitoring.lan { + reverse_proxy grafana:3000 +} + +http://influxdb.lan { + reverse_proxy influxdb:8086 +} + +http://uptime.lan { + reverse_proxy uptime-kuma:3001 +} + +http://torrent.lan { + reverse_proxy transmission:9091 +} + +:80, :443 { + respond 404 +} diff --git a/proxy/docker-compose.yaml b/proxy/docker-compose.yaml index f5f3606..b9e91d5 100644 --- a/proxy/docker-compose.yaml +++ b/proxy/docker-compose.yaml @@ -1,54 +1,25 @@ services: - traefik: - image: traefik:${TRAEFIK_VERSION} - restart: always + caddy: + image: caddy:2 + restart: unless-stopped ports: - - "80:80" - - "443:443" + - 80:80 + volumes: + - ${VOLUMES_PATH}/proxy/caddy/data:/data + - ${VOLUMES_PATH}/proxy/caddy/config:/config + - ./Caddyfile:/etc/caddy/Caddyfile:ro networks: - web - - dockersocket - volumes: - - "$PWD/traefik.yml:/etc/traefik/traefik.yml" - - "$PWD/extraProviders/:/extraProviders:ro" - labels: - - "traefik.enable=true" - - "traefik.http.routers.traefik.rule=Host(`traefik.${HOSTNAME}`)" - - "traefik.http.routers.traefik.entrypoints=web" - - "traefik.http.services.traefik.loadbalancer.server.port=8080" - - "docker.group=proxy" - extra_hosts: - - host.docker.internal:host-gateway - depends_on: - - docker-socket-proxy - docker-socket-proxy: - image: tecnativa/docker-socket-proxy - restart: unless-stopped - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro - environment: - # grant privileges as environment variables: https://github.com/Tecnativa/docker-socket-proxy#grant-or-revoke-access-to-certain-api-sections - - CONTAINERS=1 - - INFO=1 + whoami: + image: containous/whoami networks: - - dockersocket - privileged: true - - -# whoami: -# image: containous/whoami -# networks: -# - web -# labels: -# - "traefik.enable=true" -# - "traefik.http.routers.whoami.rule=Host(`whoami.${HOSTNAME}`)" -# - "traefik.http.routers.whoami.entrypoints=web" -# - "traefik.http.services.whoami.loadbalancer.server.port=80" -# - "docker.group=proxy" -# restart: unless-stopped + - web + labels: + - "docker.group=proxy" + restart: unless-stopped networks: diff --git a/proxy/traefik.yml b/proxy/traefik.yml deleted file mode 100644 index 587f802..0000000 --- a/proxy/traefik.yml +++ /dev/null @@ -1,23 +0,0 @@ -debug: true -checkNewVersion: true -logLevel: INFO -#defaultEntryPoints: ["https","http"] -defaultEntryPoints: [http] - -api: - insecure: true - -providers: - docker: - exposedbydefault: false - endpoint: "tcp://docker-socket-proxy:2375" - - file: - directory: /extraProviders - - -entryPoints: - web: - address: ':80' - - diff --git a/smartHome/docker-compose.yaml b/smartHome/docker-compose.yaml index 913fc64..026778b 100644 --- a/smartHome/docker-compose.yaml +++ b/smartHome/docker-compose.yaml @@ -10,10 +10,6 @@ services: restart: unless-stopped network_mode: host labels: - - "traefik.enable=true" - - "traefik.http.routers.hassi.rule=Host(`hassi.${DOMAIN}`)" - - "traefik.http.routers.hassi.entrypoints=web" - - "traefik.http.services.hassi.loadbalancer.server.port=8123" - "docker.group=smartHome" @@ -29,6 +25,8 @@ services: - ./mosquitto.conf:/mosquitto/config/mosquitto.conf - ${VOLUMES_PATH}/smartHome/mosquitto/data:/mosquitto/data - ${VOLUMES_PATH}/smartHome/mosquitto/log:/mosquitto/log + labels: + - "docker.group=smartHome" zigbee2mqtt: @@ -45,10 +43,6 @@ services: - web - smarthome labels: - - "traefik.enable=true" - - "traefik.http.routers.zigbee2mqtt.rule=Host(`zigbee2mqtt.${DOMAIN}`)" - - "traefik.http.routers.zigbee2mqtt.entrypoints=web" - - "traefik.http.services.zigbee2mqtt.loadbalancer.server.port=8080" - "docker.group=smartHome" diff --git a/torrent/docker-compose.yaml b/torrent/docker-compose.yaml index 506235e..6331459 100644 --- a/torrent/docker-compose.yaml +++ b/torrent/docker-compose.yaml @@ -18,10 +18,6 @@ services: - 51413:51413/udp restart: unless-stopped labels: - - "traefik.enable=true" - - "traefik.http.routers.torrent.rule=Host(`torrent.${DOMAIN}`)" - - "traefik.http.routers.torrent.entrypoints=web" - - "traefik.http.services.torrent.loadbalancer.server.port=9091" - "docker.group=torrent" mem_limit: 512m