From 16ff239ea901ecd73bc317c06b4f80c2daf04f68 Mon Sep 17 00:00:00 2001 From: fzirker Date: Mon, 7 Oct 2024 13:09:09 +0000 Subject: [PATCH 1/5] doc/manual.md aktualisiert --- doc/manual.md | 101 +++++++++++++++++++++++++++++--------------------- 1 file changed, 59 insertions(+), 42 deletions(-) diff --git a/doc/manual.md b/doc/manual.md index a613734..14734af 100644 --- a/doc/manual.md +++ b/doc/manual.md @@ -1,61 +1,78 @@ # Manual and Help ## Upgrade Postgrs to newer Version (i.e. 15 to 16) +[Source](https://helgeklein.com/blog/upgrading-postgresql-in-docker-container/) - -### 1. Copy Service - -1.1 Copy whole service definition in docker-compose.yaml -1.2 Rename old service to *-old -1.3 Move path from new service to i.e postgres16 -1.4 Set postgres version explicit to new version - -Example: +### 1. Stopp application conatiner ``` - databasedb-old: - image: postgres:${POSTGRES_VERSION} - volumes: - - ${VOLUMES_PATH}/databasedb:/var/lib/postgresql/data - environment: - - POSTGRES_DB=${POSTGRES_DB} - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - - databasedb: - image: postgres:16 - volumes: - - ${VOLUMES_PATH}/databasedb16:/var/lib/postgresql/data - environment: - - POSTGRES_DB=${POSTGRES_DB} - - POSTGRES_USER=${POSTGRES_USER} - - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} +docker compose down APP_CONTAINER_NAME ``` -### 2. Move data -Backup data from service one to new servic with the following command: + +### 2. Create a Full DB Dump +Look up the name of your PostgreSQL user in your Docker configuration. Sometimes postgres or something + ``` -docker exec old-service pg_dumpall -U dbuser | docker exec -i new-service psql -U dbuser -d database +docker exec -it POSTGRESQL_CONTAINER_NAME pg_dumpall -U postgres > dump.sql ``` -### 3. Set password +### 3. Stop the PostgreSQL Container ``` -docker exec -i monitoring-databasedb-1 psql -U dbuser -d database -c "ALTER USER \"dbuser\" PASSWORD 'secret';" +docker stop POSTGRESQL_CONTAINER_NAME # with compose +docker compose stop POSTGRESQL_SERVICE_NAME # with compose +docker compose down # all ``` -### 4. Test -```docker compose up -d``` and check if service is correctly running. +### 4. Move the DB Data Directory +Use root priveleges to move data dir. Backup old one. +``` +mv db/ db-old/ +mkdir db +``` -### 5. Cleanup -5.1 Remove old service in docker-compose.yaml -5.2 Set explicit version again to ${POSTGRES_VERSION} and adopt .env file -5.4 remove old volume dir +### 5. Increment the PostgreSQL Version +Edit the Docker compose file, incrementing the image version. +If image is set with postgres:${POSTGRES_VERSION} change .env file. + + +### 6. Start container with empty data directory +Start container and Verify logs +``` +docker compose up -d POSTGRESQL_CONTAINER_NAME +docker compose logs -f +``` + + +### 7. Import DB Dump +Backup data from service one to new servic with the following command +Use this: +``` +docker compose exec -T POSTGRESQL_SERVICE_NAME psql -U POSTGRES_USER POSTGRES_DB < dump.sql +``` + +### 8. set password +``` +docker exec -i POSTGRESQL_CONTAINER_NAME psql -U POSTGRES_USER -d database -c "ALTER USER \"POSTGRES_USER\" PASSWORD 'POSTGRES_PASSWORD';" +``` + +### 8. Start the Application Container +``` +docker compose up -d APP_CONTAINER_NAME +``` + +### 9. Test +Check if service is working correctly. +Check logs: +``` +docker compose logs -f +``` + +### 10. Clean Up +* Delete the backup directory: rm -rf db-old/ +* Delete the dump file: rm dump.sql +* Delete the old PostgreSQL image: docker image prune -a -### 6. May be move Data dir -6.1. ```docker compose down``` -6.2 ```mv /mnt/dockervolumes/databasedb16 /mnt/dockervolumes/databasedb``` -6.3 docker-compose.yaml anpassen -6.1. ```docker compose up -d``` From fdd4b6faf18ed856ed8e3b3e9fd809ef8794dfb0 Mon Sep 17 00:00:00 2001 From: Florian Zirker Date: Tue, 8 Oct 2024 13:18:15 +0200 Subject: [PATCH 2/5] mqtt and zigbee non host mode --- proxy/docker-compose.yaml | 6 +++--- smartHome/docker-compose.yaml | 12 +++++++----- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/proxy/docker-compose.yaml b/proxy/docker-compose.yaml index 9600d1d..f5f3606 100644 --- a/proxy/docker-compose.yaml +++ b/proxy/docker-compose.yaml @@ -19,7 +19,7 @@ services: - "traefik.http.services.traefik.loadbalancer.server.port=8080" - "docker.group=proxy" extra_hosts: - - host.docker.internal:172.17.0.1 + - host.docker.internal:host-gateway depends_on: - docker-socket-proxy @@ -27,12 +27,12 @@ services: docker-socket-proxy: image: tecnativa/docker-socket-proxy restart: unless-stopped - volumes: + volumes: - /var/run/docker.sock:/var/run/docker.sock:ro environment: # grant privileges as environment variables: https://github.com/Tecnativa/docker-socket-proxy#grant-or-revoke-access-to-certain-api-sections - CONTAINERS=1 - - INFO=1 + - INFO=1 networks: - dockersocket privileged: true diff --git a/smartHome/docker-compose.yaml b/smartHome/docker-compose.yaml index 52b697a..913fc64 100644 --- a/smartHome/docker-compose.yaml +++ b/smartHome/docker-compose.yaml @@ -16,14 +16,14 @@ services: - "traefik.http.services.hassi.loadbalancer.server.port=8123" - "docker.group=smartHome" + mqttbroker: image: eclipse-mosquitto:${MOSQUITTO_VERSION} restart: unless-stopped - network_mode: host - expose: - - 1883 - #ports: - # - 1883:1883 # mqtt over TCP + networks: + - smarthome + ports: + - 1883:1883 # mqtt over TCP # - 9001:9001 # Websockets volumes: - ./mosquitto.conf:/mosquitto/config/mosquitto.conf @@ -43,6 +43,7 @@ services: - ${ZIGBEE_DEVICE}:/dev/ttyACM0 networks: - web + - smarthome labels: - "traefik.enable=true" - "traefik.http.routers.zigbee2mqtt.rule=Host(`zigbee2mqtt.${DOMAIN}`)" @@ -54,3 +55,4 @@ services: networks: web: external: true + smarthome: From a3944d38671c4d028805016e9209b35f99d7dcd5 Mon Sep 17 00:00:00 2001 From: Florian Zirker Date: Tue, 8 Oct 2024 16:02:32 +0200 Subject: [PATCH 3/5] Replace Traefik with Caddy as proxy --- dashboard/docker-compose.yaml | 4 --- download/docker-compose.yaml | 9 +----- media/docker-compose.yml | 12 ------- monitoring/docker-compose.yaml | 15 --------- paperless/docker-compose.yaml | 5 --- proxy/Caddyfile | 52 +++++++++++++++++++++++++++++++ proxy/docker-compose.yaml | 57 +++++++++------------------------- proxy/traefik.yml | 23 -------------- smartHome/docker-compose.yaml | 10 ++---- torrent/docker-compose.yaml | 4 --- 10 files changed, 69 insertions(+), 122 deletions(-) create mode 100644 proxy/Caddyfile delete mode 100644 proxy/traefik.yml diff --git a/dashboard/docker-compose.yaml b/dashboard/docker-compose.yaml index a6b4896..e53b870 100644 --- a/dashboard/docker-compose.yaml +++ b/dashboard/docker-compose.yaml @@ -10,10 +10,6 @@ services: environment: - INIT_ASSETS=1 labels: - - "traefik.enable=true" - - "traefik.http.routers.homer.rule=Host(`dashboard.${DOMAIN}`)" - - "traefik.http.routers.homer.entrypoints=web" - - "traefik.http.services.homer.loadbalancer.server.port=8080" - "docker.group=dashboard" restart: unless-stopped diff --git a/download/docker-compose.yaml b/download/docker-compose.yaml index cd57060..597dbbe 100644 --- a/download/docker-compose.yaml +++ b/download/docker-compose.yaml @@ -1,6 +1,6 @@ services: - app: + pyload: image: linuxserver/pyload-ng environment: - PUID=1000 @@ -9,16 +9,9 @@ services: volumes: - ${VOLUMES_PATH}/download/pyload:/config - ${DOWNLOAD_PATH}:/downloads -# ports: - #- 7227:7227 #optional Thrift Backend networks: - web labels: - - "traefik.enable=true" - - "traefik.http.routers.pyload.rule=Host(`download.${DOMAIN}`)" - - "traefik.http.routers.pyload.entrypoints=web" - - "traefik.http.services.pyload.loadbalancer.server.port=8000" - - "docker.group=selfhost" - "docker.group=download" restart: unless-stopped diff --git a/media/docker-compose.yml b/media/docker-compose.yml index c4bb361..fffe864 100644 --- a/media/docker-compose.yml +++ b/media/docker-compose.yml @@ -28,16 +28,4 @@ services: # - /dev/dri/renderD128:/dev/dri/renderD128 # - /dev/dri/card0:/dev/dri/card0 labels: - - "traefik.enable=true" - - "traefik.http.routers.jellyfin.rule=Host(`jellyfin.${DOMAIN}`)" - - "traefik.http.routers.jellyfin.entrypoints=web" - - "traefik.http.services.jellyfin.loadbalancer.server.port=8096" - - 'traefik.http.middlewares.jellyfin-mw.headers.customResponseHeaders.X-Robots-Tag=noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex' - - 'traefik.http.middlewares.jellyfin-mw.headers.frameDeny=true' - - 'traefik.http.middlewares.jellyfin-mw.headers.contentTypeNosniff=true' - - 'traefik.http.middlewares.jellyfin-mw.headers.customresponseheaders.X-XSS-PROTECTION=1' - - 'traefik.http.middlewares.jellyfin-mw.headers.browserXSSFilter=true' - - "traefik.http.middlewares.jellyfin-mw.headers.customFrameOptionsValue='allow-from http://jellyfin.${DOMAIN}'" - - "traefik.http.middlewares.jellyfin-mw.headers.customrequestheaders.X-Forwarded-Proto: https" - - 'traefik.http.routers.jellyfin.middlewares=jellyfin-mw' - "docker.group=media" diff --git a/monitoring/docker-compose.yaml b/monitoring/docker-compose.yaml index 0bb4db6..a8debb3 100644 --- a/monitoring/docker-compose.yaml +++ b/monitoring/docker-compose.yaml @@ -9,11 +9,6 @@ services: - web - monitoring labels: - - "traefik.enable=true" - - "traefik.http.routers.monitoring.rule=Host(`monitoring.${DOMAIN}`)" - - "traefik.http.routers.monitoring.entrypoints=web" - - "traefik.http.services.monitoring.loadbalancer.server.port=3000" - - "traefik.docker.network=web" - "docker.group=monitoring" environment: - GF_DEFAULT_INSTANCE_NAME=monitoring.${DOMAIN} @@ -62,11 +57,6 @@ services: - ${VOLUMES_PATH}/monitoring/influxdb/:/var/lib/influxdb - ${PWD}/influxdb.conf:/etc/influxdb/influxdb.conf:ro labels: - - "traefik.enable=true" - - "traefik.http.routers.influxdb.rule=Host(`influxdb.${DOMAIN}`)" - - "traefik.http.routers.influxdb.entrypoints=web" - - "traefik.http.services.influxdb.loadbalancer.server.port=8086" - - "traefik.docker.network=web" - "docker.group=monitoring" @@ -79,11 +69,6 @@ services: - dockersocket restart: unless-stopped labels: - - "traefik.enable=true" - - "traefik.http.routers.uptimekuma.rule=Host(`uptime.${DOMAIN}`)" - - "traefik.http.routers.uptimekuma.entrypoints=web" - - "traefik.http.services.uptimekuma.loadbalancer.server.port=3001" - - "traefik.docker.network=web" - "docker.group=monitoring" networks: diff --git a/paperless/docker-compose.yaml b/paperless/docker-compose.yaml index 53c1caf..6c30a30 100644 --- a/paperless/docker-compose.yaml +++ b/paperless/docker-compose.yaml @@ -59,11 +59,6 @@ services: - USERMAP_GID=1000 - PAPERLESS_PRE_CONSUME_SCRIPT=/usr/src/paperless/scripts/removePdfPassword.py labels: - - "traefik.enable=true" - - "traefik.http.routers.paperless.rule=Host(`paperless.${DOMAIN}`)" - - "traefik.http.routers.paperless.entrypoints=web" - - "traefik.http.services.paperless.loadbalancer.server.port=8000" - - "traefik.docker.network=web" - "docker.group=paperless" diff --git a/proxy/Caddyfile b/proxy/Caddyfile new file mode 100644 index 0000000..eabf0ec --- /dev/null +++ b/proxy/Caddyfile @@ -0,0 +1,52 @@ +{ + auto_https off +} + +http://whoami.lan { + reverse_proxy whoami:80 +} + +http://dashboard.lan { + reverse_proxy homer:8080 +} + +http://hassi.lan { +# reverse_proxy homeassistant:8123 + reverse_proxy dockerhost-1.lan:8123 +} + +http://zigbee2mqtt.lan { + reverse_proxy zigbee2mqtt:8080 +} + +http://jellyfin.lan { + reverse_proxy jellyfin:8096 +} + +http://paperless.lan { + reverse_proxy paperless-ngx:8000 +} + +http://download.lan { + reverse_proxy pyload:8000 +} + +http://monitoring.lan { + reverse_proxy grafana:3000 +} + +http://influxdb.lan { + reverse_proxy influxdb:8086 +} + +http://uptime.lan { + reverse_proxy uptime-kuma:3001 +} + +http://torrent.lan { + reverse_proxy transmission:9091 +} + +:80, :443 { + respond 404 +} diff --git a/proxy/docker-compose.yaml b/proxy/docker-compose.yaml index f5f3606..b9e91d5 100644 --- a/proxy/docker-compose.yaml +++ b/proxy/docker-compose.yaml @@ -1,54 +1,25 @@ services: - traefik: - image: traefik:${TRAEFIK_VERSION} - restart: always + caddy: + image: caddy:2 + restart: unless-stopped ports: - - "80:80" - - "443:443" + - 80:80 + volumes: + - ${VOLUMES_PATH}/proxy/caddy/data:/data + - ${VOLUMES_PATH}/proxy/caddy/config:/config + - ./Caddyfile:/etc/caddy/Caddyfile:ro networks: - web - - dockersocket - volumes: - - "$PWD/traefik.yml:/etc/traefik/traefik.yml" - - "$PWD/extraProviders/:/extraProviders:ro" - labels: - - "traefik.enable=true" - - "traefik.http.routers.traefik.rule=Host(`traefik.${HOSTNAME}`)" - - "traefik.http.routers.traefik.entrypoints=web" - - "traefik.http.services.traefik.loadbalancer.server.port=8080" - - "docker.group=proxy" - extra_hosts: - - host.docker.internal:host-gateway - depends_on: - - docker-socket-proxy - docker-socket-proxy: - image: tecnativa/docker-socket-proxy - restart: unless-stopped - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro - environment: - # grant privileges as environment variables: https://github.com/Tecnativa/docker-socket-proxy#grant-or-revoke-access-to-certain-api-sections - - CONTAINERS=1 - - INFO=1 + whoami: + image: containous/whoami networks: - - dockersocket - privileged: true - - -# whoami: -# image: containous/whoami -# networks: -# - web -# labels: -# - "traefik.enable=true" -# - "traefik.http.routers.whoami.rule=Host(`whoami.${HOSTNAME}`)" -# - "traefik.http.routers.whoami.entrypoints=web" -# - "traefik.http.services.whoami.loadbalancer.server.port=80" -# - "docker.group=proxy" -# restart: unless-stopped + - web + labels: + - "docker.group=proxy" + restart: unless-stopped networks: diff --git a/proxy/traefik.yml b/proxy/traefik.yml deleted file mode 100644 index 587f802..0000000 --- a/proxy/traefik.yml +++ /dev/null @@ -1,23 +0,0 @@ -debug: true -checkNewVersion: true -logLevel: INFO -#defaultEntryPoints: ["https","http"] -defaultEntryPoints: [http] - -api: - insecure: true - -providers: - docker: - exposedbydefault: false - endpoint: "tcp://docker-socket-proxy:2375" - - file: - directory: /extraProviders - - -entryPoints: - web: - address: ':80' - - diff --git a/smartHome/docker-compose.yaml b/smartHome/docker-compose.yaml index 913fc64..026778b 100644 --- a/smartHome/docker-compose.yaml +++ b/smartHome/docker-compose.yaml @@ -10,10 +10,6 @@ services: restart: unless-stopped network_mode: host labels: - - "traefik.enable=true" - - "traefik.http.routers.hassi.rule=Host(`hassi.${DOMAIN}`)" - - "traefik.http.routers.hassi.entrypoints=web" - - "traefik.http.services.hassi.loadbalancer.server.port=8123" - "docker.group=smartHome" @@ -29,6 +25,8 @@ services: - ./mosquitto.conf:/mosquitto/config/mosquitto.conf - ${VOLUMES_PATH}/smartHome/mosquitto/data:/mosquitto/data - ${VOLUMES_PATH}/smartHome/mosquitto/log:/mosquitto/log + labels: + - "docker.group=smartHome" zigbee2mqtt: @@ -45,10 +43,6 @@ services: - web - smarthome labels: - - "traefik.enable=true" - - "traefik.http.routers.zigbee2mqtt.rule=Host(`zigbee2mqtt.${DOMAIN}`)" - - "traefik.http.routers.zigbee2mqtt.entrypoints=web" - - "traefik.http.services.zigbee2mqtt.loadbalancer.server.port=8080" - "docker.group=smartHome" diff --git a/torrent/docker-compose.yaml b/torrent/docker-compose.yaml index 506235e..6331459 100644 --- a/torrent/docker-compose.yaml +++ b/torrent/docker-compose.yaml @@ -18,10 +18,6 @@ services: - 51413:51413/udp restart: unless-stopped labels: - - "traefik.enable=true" - - "traefik.http.routers.torrent.rule=Host(`torrent.${DOMAIN}`)" - - "traefik.http.routers.torrent.entrypoints=web" - - "traefik.http.services.torrent.loadbalancer.server.port=9091" - "docker.group=torrent" mem_limit: 512m From 99241d00612d3a542e574234c764a3b11600dcc0 Mon Sep 17 00:00:00 2001 From: Florian Zirker Date: Tue, 8 Oct 2024 13:18:15 +0200 Subject: [PATCH 4/5] mqtt and zigbee non host mode --- proxy/docker-compose.yaml | 6 +++--- smartHome/docker-compose.yaml | 12 +++++++----- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/proxy/docker-compose.yaml b/proxy/docker-compose.yaml index 9600d1d..f5f3606 100644 --- a/proxy/docker-compose.yaml +++ b/proxy/docker-compose.yaml @@ -19,7 +19,7 @@ services: - "traefik.http.services.traefik.loadbalancer.server.port=8080" - "docker.group=proxy" extra_hosts: - - host.docker.internal:172.17.0.1 + - host.docker.internal:host-gateway depends_on: - docker-socket-proxy @@ -27,12 +27,12 @@ services: docker-socket-proxy: image: tecnativa/docker-socket-proxy restart: unless-stopped - volumes: + volumes: - /var/run/docker.sock:/var/run/docker.sock:ro environment: # grant privileges as environment variables: https://github.com/Tecnativa/docker-socket-proxy#grant-or-revoke-access-to-certain-api-sections - CONTAINERS=1 - - INFO=1 + - INFO=1 networks: - dockersocket privileged: true diff --git a/smartHome/docker-compose.yaml b/smartHome/docker-compose.yaml index 52b697a..913fc64 100644 --- a/smartHome/docker-compose.yaml +++ b/smartHome/docker-compose.yaml @@ -16,14 +16,14 @@ services: - "traefik.http.services.hassi.loadbalancer.server.port=8123" - "docker.group=smartHome" + mqttbroker: image: eclipse-mosquitto:${MOSQUITTO_VERSION} restart: unless-stopped - network_mode: host - expose: - - 1883 - #ports: - # - 1883:1883 # mqtt over TCP + networks: + - smarthome + ports: + - 1883:1883 # mqtt over TCP # - 9001:9001 # Websockets volumes: - ./mosquitto.conf:/mosquitto/config/mosquitto.conf @@ -43,6 +43,7 @@ services: - ${ZIGBEE_DEVICE}:/dev/ttyACM0 networks: - web + - smarthome labels: - "traefik.enable=true" - "traefik.http.routers.zigbee2mqtt.rule=Host(`zigbee2mqtt.${DOMAIN}`)" @@ -54,3 +55,4 @@ services: networks: web: external: true + smarthome: From f20697a85c683d4a3586b8175776c9d07a986a03 Mon Sep 17 00:00:00 2001 From: Florian Zirker Date: Tue, 8 Oct 2024 16:02:32 +0200 Subject: [PATCH 5/5] Replace Traefik with Caddy as proxy --- dashboard/docker-compose.yaml | 4 --- download/docker-compose.yaml | 9 +----- media/docker-compose.yml | 12 ------- monitoring/docker-compose.yaml | 15 --------- paperless/docker-compose.yaml | 5 --- proxy/Caddyfile | 52 +++++++++++++++++++++++++++++++ proxy/docker-compose.yaml | 57 +++++++++------------------------- proxy/traefik.yml | 23 -------------- smartHome/docker-compose.yaml | 10 ++---- torrent/docker-compose.yaml | 4 --- 10 files changed, 69 insertions(+), 122 deletions(-) create mode 100644 proxy/Caddyfile delete mode 100644 proxy/traefik.yml diff --git a/dashboard/docker-compose.yaml b/dashboard/docker-compose.yaml index a6b4896..e53b870 100644 --- a/dashboard/docker-compose.yaml +++ b/dashboard/docker-compose.yaml @@ -10,10 +10,6 @@ services: environment: - INIT_ASSETS=1 labels: - - "traefik.enable=true" - - "traefik.http.routers.homer.rule=Host(`dashboard.${DOMAIN}`)" - - "traefik.http.routers.homer.entrypoints=web" - - "traefik.http.services.homer.loadbalancer.server.port=8080" - "docker.group=dashboard" restart: unless-stopped diff --git a/download/docker-compose.yaml b/download/docker-compose.yaml index cd57060..597dbbe 100644 --- a/download/docker-compose.yaml +++ b/download/docker-compose.yaml @@ -1,6 +1,6 @@ services: - app: + pyload: image: linuxserver/pyload-ng environment: - PUID=1000 @@ -9,16 +9,9 @@ services: volumes: - ${VOLUMES_PATH}/download/pyload:/config - ${DOWNLOAD_PATH}:/downloads -# ports: - #- 7227:7227 #optional Thrift Backend networks: - web labels: - - "traefik.enable=true" - - "traefik.http.routers.pyload.rule=Host(`download.${DOMAIN}`)" - - "traefik.http.routers.pyload.entrypoints=web" - - "traefik.http.services.pyload.loadbalancer.server.port=8000" - - "docker.group=selfhost" - "docker.group=download" restart: unless-stopped diff --git a/media/docker-compose.yml b/media/docker-compose.yml index c4bb361..fffe864 100644 --- a/media/docker-compose.yml +++ b/media/docker-compose.yml @@ -28,16 +28,4 @@ services: # - /dev/dri/renderD128:/dev/dri/renderD128 # - /dev/dri/card0:/dev/dri/card0 labels: - - "traefik.enable=true" - - "traefik.http.routers.jellyfin.rule=Host(`jellyfin.${DOMAIN}`)" - - "traefik.http.routers.jellyfin.entrypoints=web" - - "traefik.http.services.jellyfin.loadbalancer.server.port=8096" - - 'traefik.http.middlewares.jellyfin-mw.headers.customResponseHeaders.X-Robots-Tag=noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex' - - 'traefik.http.middlewares.jellyfin-mw.headers.frameDeny=true' - - 'traefik.http.middlewares.jellyfin-mw.headers.contentTypeNosniff=true' - - 'traefik.http.middlewares.jellyfin-mw.headers.customresponseheaders.X-XSS-PROTECTION=1' - - 'traefik.http.middlewares.jellyfin-mw.headers.browserXSSFilter=true' - - "traefik.http.middlewares.jellyfin-mw.headers.customFrameOptionsValue='allow-from http://jellyfin.${DOMAIN}'" - - "traefik.http.middlewares.jellyfin-mw.headers.customrequestheaders.X-Forwarded-Proto: https" - - 'traefik.http.routers.jellyfin.middlewares=jellyfin-mw' - "docker.group=media" diff --git a/monitoring/docker-compose.yaml b/monitoring/docker-compose.yaml index 0bb4db6..a8debb3 100644 --- a/monitoring/docker-compose.yaml +++ b/monitoring/docker-compose.yaml @@ -9,11 +9,6 @@ services: - web - monitoring labels: - - "traefik.enable=true" - - "traefik.http.routers.monitoring.rule=Host(`monitoring.${DOMAIN}`)" - - "traefik.http.routers.monitoring.entrypoints=web" - - "traefik.http.services.monitoring.loadbalancer.server.port=3000" - - "traefik.docker.network=web" - "docker.group=monitoring" environment: - GF_DEFAULT_INSTANCE_NAME=monitoring.${DOMAIN} @@ -62,11 +57,6 @@ services: - ${VOLUMES_PATH}/monitoring/influxdb/:/var/lib/influxdb - ${PWD}/influxdb.conf:/etc/influxdb/influxdb.conf:ro labels: - - "traefik.enable=true" - - "traefik.http.routers.influxdb.rule=Host(`influxdb.${DOMAIN}`)" - - "traefik.http.routers.influxdb.entrypoints=web" - - "traefik.http.services.influxdb.loadbalancer.server.port=8086" - - "traefik.docker.network=web" - "docker.group=monitoring" @@ -79,11 +69,6 @@ services: - dockersocket restart: unless-stopped labels: - - "traefik.enable=true" - - "traefik.http.routers.uptimekuma.rule=Host(`uptime.${DOMAIN}`)" - - "traefik.http.routers.uptimekuma.entrypoints=web" - - "traefik.http.services.uptimekuma.loadbalancer.server.port=3001" - - "traefik.docker.network=web" - "docker.group=monitoring" networks: diff --git a/paperless/docker-compose.yaml b/paperless/docker-compose.yaml index 53c1caf..6c30a30 100644 --- a/paperless/docker-compose.yaml +++ b/paperless/docker-compose.yaml @@ -59,11 +59,6 @@ services: - USERMAP_GID=1000 - PAPERLESS_PRE_CONSUME_SCRIPT=/usr/src/paperless/scripts/removePdfPassword.py labels: - - "traefik.enable=true" - - "traefik.http.routers.paperless.rule=Host(`paperless.${DOMAIN}`)" - - "traefik.http.routers.paperless.entrypoints=web" - - "traefik.http.services.paperless.loadbalancer.server.port=8000" - - "traefik.docker.network=web" - "docker.group=paperless" diff --git a/proxy/Caddyfile b/proxy/Caddyfile new file mode 100644 index 0000000..eabf0ec --- /dev/null +++ b/proxy/Caddyfile @@ -0,0 +1,52 @@ +{ + auto_https off +} + +http://whoami.lan { + reverse_proxy whoami:80 +} + +http://dashboard.lan { + reverse_proxy homer:8080 +} + +http://hassi.lan { +# reverse_proxy homeassistant:8123 + reverse_proxy dockerhost-1.lan:8123 +} + +http://zigbee2mqtt.lan { + reverse_proxy zigbee2mqtt:8080 +} + +http://jellyfin.lan { + reverse_proxy jellyfin:8096 +} + +http://paperless.lan { + reverse_proxy paperless-ngx:8000 +} + +http://download.lan { + reverse_proxy pyload:8000 +} + +http://monitoring.lan { + reverse_proxy grafana:3000 +} + +http://influxdb.lan { + reverse_proxy influxdb:8086 +} + +http://uptime.lan { + reverse_proxy uptime-kuma:3001 +} + +http://torrent.lan { + reverse_proxy transmission:9091 +} + +:80, :443 { + respond 404 +} diff --git a/proxy/docker-compose.yaml b/proxy/docker-compose.yaml index f5f3606..b9e91d5 100644 --- a/proxy/docker-compose.yaml +++ b/proxy/docker-compose.yaml @@ -1,54 +1,25 @@ services: - traefik: - image: traefik:${TRAEFIK_VERSION} - restart: always + caddy: + image: caddy:2 + restart: unless-stopped ports: - - "80:80" - - "443:443" + - 80:80 + volumes: + - ${VOLUMES_PATH}/proxy/caddy/data:/data + - ${VOLUMES_PATH}/proxy/caddy/config:/config + - ./Caddyfile:/etc/caddy/Caddyfile:ro networks: - web - - dockersocket - volumes: - - "$PWD/traefik.yml:/etc/traefik/traefik.yml" - - "$PWD/extraProviders/:/extraProviders:ro" - labels: - - "traefik.enable=true" - - "traefik.http.routers.traefik.rule=Host(`traefik.${HOSTNAME}`)" - - "traefik.http.routers.traefik.entrypoints=web" - - "traefik.http.services.traefik.loadbalancer.server.port=8080" - - "docker.group=proxy" - extra_hosts: - - host.docker.internal:host-gateway - depends_on: - - docker-socket-proxy - docker-socket-proxy: - image: tecnativa/docker-socket-proxy - restart: unless-stopped - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro - environment: - # grant privileges as environment variables: https://github.com/Tecnativa/docker-socket-proxy#grant-or-revoke-access-to-certain-api-sections - - CONTAINERS=1 - - INFO=1 + whoami: + image: containous/whoami networks: - - dockersocket - privileged: true - - -# whoami: -# image: containous/whoami -# networks: -# - web -# labels: -# - "traefik.enable=true" -# - "traefik.http.routers.whoami.rule=Host(`whoami.${HOSTNAME}`)" -# - "traefik.http.routers.whoami.entrypoints=web" -# - "traefik.http.services.whoami.loadbalancer.server.port=80" -# - "docker.group=proxy" -# restart: unless-stopped + - web + labels: + - "docker.group=proxy" + restart: unless-stopped networks: diff --git a/proxy/traefik.yml b/proxy/traefik.yml deleted file mode 100644 index 587f802..0000000 --- a/proxy/traefik.yml +++ /dev/null @@ -1,23 +0,0 @@ -debug: true -checkNewVersion: true -logLevel: INFO -#defaultEntryPoints: ["https","http"] -defaultEntryPoints: [http] - -api: - insecure: true - -providers: - docker: - exposedbydefault: false - endpoint: "tcp://docker-socket-proxy:2375" - - file: - directory: /extraProviders - - -entryPoints: - web: - address: ':80' - - diff --git a/smartHome/docker-compose.yaml b/smartHome/docker-compose.yaml index 913fc64..026778b 100644 --- a/smartHome/docker-compose.yaml +++ b/smartHome/docker-compose.yaml @@ -10,10 +10,6 @@ services: restart: unless-stopped network_mode: host labels: - - "traefik.enable=true" - - "traefik.http.routers.hassi.rule=Host(`hassi.${DOMAIN}`)" - - "traefik.http.routers.hassi.entrypoints=web" - - "traefik.http.services.hassi.loadbalancer.server.port=8123" - "docker.group=smartHome" @@ -29,6 +25,8 @@ services: - ./mosquitto.conf:/mosquitto/config/mosquitto.conf - ${VOLUMES_PATH}/smartHome/mosquitto/data:/mosquitto/data - ${VOLUMES_PATH}/smartHome/mosquitto/log:/mosquitto/log + labels: + - "docker.group=smartHome" zigbee2mqtt: @@ -45,10 +43,6 @@ services: - web - smarthome labels: - - "traefik.enable=true" - - "traefik.http.routers.zigbee2mqtt.rule=Host(`zigbee2mqtt.${DOMAIN}`)" - - "traefik.http.routers.zigbee2mqtt.entrypoints=web" - - "traefik.http.services.zigbee2mqtt.loadbalancer.server.port=8080" - "docker.group=smartHome" diff --git a/torrent/docker-compose.yaml b/torrent/docker-compose.yaml index 506235e..6331459 100644 --- a/torrent/docker-compose.yaml +++ b/torrent/docker-compose.yaml @@ -18,10 +18,6 @@ services: - 51413:51413/udp restart: unless-stopped labels: - - "traefik.enable=true" - - "traefik.http.routers.torrent.rule=Host(`torrent.${DOMAIN}`)" - - "traefik.http.routers.torrent.entrypoints=web" - - "traefik.http.services.torrent.loadbalancer.server.port=9091" - "docker.group=torrent" mem_limit: 512m