diff --git a/.editorconfig b/.editorconfig
index b7a329e..8237425 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -22,3 +22,12 @@ end_of_line = lf
indent_style = space
indent_size = 4
tab_width = 4
+
+[Caddyfile]
+indent_style = tab
+indent_size = 4
+tab_width = 4
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
diff --git a/paperless/docker-compose.yaml b/paperless/docker-compose.yaml
index 6c30a30..20b0079 100644
--- a/paperless/docker-compose.yaml
+++ b/paperless/docker-compose.yaml
@@ -53,11 +53,13 @@ services:
- PAPERLESS_OCR_LANGUAGES=deu eng
- PAPERLESS_URL=http://paperless.${DOMAIN}
- PAPERLESS_OCR_LANGUAGE=deu
- - PAPERLESS_FILENAME_FORMAT={correspondent}/{created} {title}
+ #- PAPERLESS_FILENAME_FORMAT={correspondent}/{created} {title}
+ - PAPERLESS_FILENAME_FORMAT={{ correspondent }}/{{ created }} {{ title }}
- PAPERLESS_CONSUMER_POLLING=60
- USERMAP_UID=1000
- USERMAP_GID=1000
- PAPERLESS_PRE_CONSUME_SCRIPT=/usr/src/paperless/scripts/removePdfPassword.py
+ - PAPERLESS_OCR_USER_ARGS=${USER_ARGS_JSON}
labels:
- "docker.group=paperless"
@@ -66,3 +68,4 @@ networks:
paperless:
web:
external: true
+
diff --git a/proxy/Caddyfile b/proxy/Caddyfile
index fcc0f48..c155caf 100644
--- a/proxy/Caddyfile
+++ b/proxy/Caddyfile
@@ -1,44 +1,86 @@
{
- auto_https off
+ auto_https disable_redirects
+ local_certs
+ pki {
+ ca local {
+ name "{$LOCAL_CA_NAME}"
+ }
+ }
+ log default {
+ output stdout
+ format console
+ }
}
-http://whoami.lan {
- reverse_proxy whoami:80
+(errorhandler) {
+ handle_errors {
+ root * /usr/share/caddy/web
+ rewrite * /error.html
+ templates
+ file_server {
+ status {err.status_code}
+ }
+ }
}
-http://dashboard.lan {
- reverse_proxy homer:8080
+(localtls) {
+ tls internal
}
-http://hassi.lan {
-# reverse_proxy homeassistant:8123
- reverse_proxy dockerhost-1.lan:8123
+whoami.{$DOMAIN} http://whoami.{$DOMAIN} {
+ reverse_proxy whoami:80
+ import errorhandler
}
-http://zigbee2mqtt.lan {
- reverse_proxy zigbee2mqtt:8080
+dashboard.{$DOMAIN} http://dashboard.{$DOMAIN} {
+ reverse_proxy homer:8080
+ import errorhandler
}
-http://jellyfin.lan {
- reverse_proxy jellyfin:8096
+hassi.{$DOMAIN} http://hassi.{$DOMAIN} {
+ # reverse_proxy homeassistant:8123
+ reverse_proxy {host}:8123
+ import errorhandler
}
-http://paperless.lan {
- reverse_proxy paperless-ngx:8000
+zigbee2mqtt.{$DOMAIN} http://zigbee2mqtt.{$DOMAIN} {
+ reverse_proxy zigbee2mqtt:8080
+ import errorhandler
}
-http://download.lan {
- reverse_proxy pyload:8000
+jellyfin.{$DOMAIN} http://jellyfin.{$DOMAIN} {
+ reverse_proxy jellyfin:8096
+ import errorhandler
}
-http://uptime.lan {
- reverse_proxy uptime-kuma:3001
+paperless.{$DOMAIN} http://paperless.{$DOMAIN} {
+ reverse_proxy paperless-ngx:8000
+ import errorhandler
}
-http://torrent.lan {
- reverse_proxy transmission:9091
+download.{$DOMAIN} http://download.{$DOMAIN} {
+ reverse_proxy pyload:8000
+ import errorhandler
}
-:80, :443 {
- respond 404
+uptime.{$DOMAIN} http://uptime.{$DOMAIN} {
+ reverse_proxy uptime-kuma:3001
+ import errorhandler
+}
+
+torrent.{$DOMAIN} http://torrent.{$DOMAIN} {
+ reverse_proxy transmission:9091
+ import errorhandler
+}
+
+root-ca.{$DOMAIN} http://root-ca.{$DOMAIN} {
+ file_server * {
+ root /usr/share/caddy/web
+ hide .git Readme.md
+ }
+ file_server /root.crt {
+ root /data/caddy/pki/authorities/local/
+ hide *.key
+ }
+ import errorhandler
}
diff --git a/proxy/docker-compose.yaml b/proxy/docker-compose.yaml
index b9e91d5..2870b0b 100644
--- a/proxy/docker-compose.yaml
+++ b/proxy/docker-compose.yaml
@@ -5,12 +5,20 @@ services:
restart: unless-stopped
ports:
- 80:80
+ - 443:443
+ - "443:443/udp"
volumes:
- ${VOLUMES_PATH}/proxy/caddy/data:/data
- ${VOLUMES_PATH}/proxy/caddy/config:/config
- ./Caddyfile:/etc/caddy/Caddyfile:ro
+ - ./web:/usr/share/caddy/web:ro
networks:
- web
+ environment:
+ - DOMAIN=${DOMAIN}
+ - LOCAL_CA_NAME=${LOCAL_CA_NAME}
+ cap_add:
+ - cap_net_bind_service
whoami:
diff --git a/proxy/web/default.css b/proxy/web/default.css
new file mode 100644
index 0000000..a4c1d6d
--- /dev/null
+++ b/proxy/web/default.css
@@ -0,0 +1,13 @@
+:root {
+ max-width: 80ch;
+ padding: 3em 1em;
+ margin: auto;
+ font-size: 1.25em;
+ font-family: Arial, Helvetica, sans-serif;
+}
+
+footer {
+ position: absolute;
+ bottom: 0;
+ height: 50px;
+}
diff --git a/proxy/web/index.html b/proxy/web/index.html
new file mode 100644
index 0000000..76a3485
--- /dev/null
+++ b/proxy/web/index.html
@@ -0,0 +1,72 @@
+”
+
+
+
+ Containerize Root-CA
+ Containerize Root-CA
+
+
+ Caddy dient als lokale Zertifizierungsstelle (CA) um eigene lokale Zertifikate zu signieren.
+ Details siehe Caddy Doku .
+
+
+
+ Führe folgendes aus:
+
+
+ Klicken sie hier um das CA-Zertifikat von Caddy herunter
+ zu laden.
+
+
+ Installiere das caddy-root-ca.crt in den Windwos Truststore.
+
+
+ Installiere das caddy-root-ca.crt manuell in deinen Browser. Chrome benutzt den Zertifikatsspeicher vom
+ Betriebsystem.
+
+
+
+ Um das CA-Certifikat in den Linux-Truststore zu installieren führen Sie folgende Befehle aus:
+ curl -o caddy-root-ca.crt http://example.lan/ root.crt
+sudo mkdir -p /usr/local/share/ca-certificates/extra
+sudo cp caddy-root-ca.crt /usr/local/share/ca-certificates/extra/
+sudo update-ca-certificates
+
+
+
+ Fertig.
+ Wechsle jetzt zu https
+
+ .
+
+
+
+
+
+
+
+
+
+
diff --git a/torrent/docker-compose.yaml b/torrent/docker-compose.yaml
index 6331459..f5b6923 100644
--- a/torrent/docker-compose.yaml
+++ b/torrent/docker-compose.yaml
@@ -13,7 +13,7 @@ services:
networks:
- web
ports:
-# - 9091:9091
+ - 9091:9091
- 51413:51413
- 51413:51413/udp
restart: unless-stopped