Replace Traefik with Caddy as proxy

dashboard/docker-compose.yaml

@@ -10,10 +10,6 @@ services:
     environment:
       - INIT_ASSETS=1
     labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.homer.rule=Host(`dashboard.${DOMAIN}`)"
-      - "traefik.http.routers.homer.entrypoints=web"
-      - "traefik.http.services.homer.loadbalancer.server.port=8080"
       - "docker.group=dashboard"
     restart: unless-stopped
 

doc/manual.md

@@ -1,61 +1,78 @@
 # Manual and Help
 
 ## Upgrade Postgrs to newer Version (i.e. 15 to 16)
+[Source](https://helgeklein.com/blog/upgrading-postgresql-in-docker-container/)
 
-
-### 1. Copy Service 
-
-1.1 Copy whole service definition in docker-compose.yaml  
-1.2 Rename old service to *-old  
-1.3 Move path from new service to i.e postgres16  
-1.4 Set postgres version explicit to new version
-
-Example:
+### 1. Stopp application conatiner
 ```
-  databasedb-old:
-    image: postgres:${POSTGRES_VERSION}
-    volumes:
-      - ${VOLUMES_PATH}/databasedb:/var/lib/postgresql/data
-    environment:
-      - POSTGRES_DB=${POSTGRES_DB}
-      - POSTGRES_USER=${POSTGRES_USER}
-      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
-
-  databasedb:
-    image: postgres:16
-    volumes:
-      - ${VOLUMES_PATH}/databasedb16:/var/lib/postgresql/data
-    environment:
-      - POSTGRES_DB=${POSTGRES_DB}
-      - POSTGRES_USER=${POSTGRES_USER}
-      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
+docker compose down APP_CONTAINER_NAME
 ```
 
-### 2. Move data
-Backup data from service one to new servic with the following command: 
+
+### 2. Create a Full DB Dump
+Look up the name of your PostgreSQL user in your Docker configuration. Sometimes postgres or something
+
 ```
-docker exec old-service pg_dumpall -U dbuser | docker exec -i new-service psql -U dbuser -d database
+docker exec -it POSTGRESQL_CONTAINER_NAME pg_dumpall -U postgres > dump.sql
 ```
 
-### 3. Set password
+### 3. Stop the PostgreSQL Container
 ```
-docker exec -i monitoring-databasedb-1 psql -U dbuser -d database -c "ALTER USER \"dbuser\" PASSWORD 'secret';"
+docker stop POSTGRESQL_CONTAINER_NAME # with compose
+docker compose stop POSTGRESQL_SERVICE_NAME # with compose
+docker compose down # all
 ```
 
-### 4. Test
-```docker compose up -d``` and check if service is correctly running.
+### 4. Move the DB Data Directory
+Use root priveleges to move data dir. Backup old one.
+```
+mv db/ db-old/
+mkdir db
+```
 
-### 5. Cleanup
-5.1 Remove old service in docker-compose.yaml  
-5.2 Set explicit version again to ${POSTGRES_VERSION} and adopt .env file  
-5.4 remove old volume dir
+### 5. Increment the PostgreSQL Version
+Edit the Docker compose file, incrementing the image version.  
+If image is set with postgres:${POSTGRES_VERSION} change .env file.
+
+
+### 6. Start container with empty data directory
+Start container and Verify logs
+```
+docker compose up -d POSTGRESQL_CONTAINER_NAME
+docker compose logs -f
+```
+
+
+### 7. Import DB Dump
+Backup data from service one to new servic with the following command
+Use this:
+```
+docker compose exec -T POSTGRESQL_SERVICE_NAME psql -U POSTGRES_USER POSTGRES_DB < dump.sql
+```
+
+### 8. set password
+```
+docker exec -i POSTGRESQL_CONTAINER_NAME psql -U POSTGRES_USER -d database -c "ALTER USER \"POSTGRES_USER\" PASSWORD 'POSTGRES_PASSWORD';"
+```
+
+### 8. Start the Application Container
+```
+docker compose up -d APP_CONTAINER_NAME
+```
+
+### 9. Test
+Check if service is working correctly.  
+Check logs:
+```
+docker compose logs -f
+``` 
+
+### 10. Clean Up
+* Delete the backup directory: rm -rf db-old/
+* Delete the dump file: rm dump.sql
+* Delete the old PostgreSQL image: docker image prune -a 
 
 
-### 6. May be move Data dir
-6.1. ```docker compose down```  
-6.2 ```mv /mnt/dockervolumes/databasedb16 /mnt/dockervolumes/databasedb```  
-6.3 docker-compose.yaml anpassen  
-6.1. ```docker compose up -d```
 
 
 

download/docker-compose.yaml

@@ -1,6 +1,6 @@
 services:
 
-  app:
+  pyload:
     image: linuxserver/pyload-ng
     environment:
       - PUID=1000
@@ -9,16 +9,9 @@ services:
     volumes:
       - ${VOLUMES_PATH}/download/pyload:/config
       - ${DOWNLOAD_PATH}:/downloads
-#    ports:
-      #- 7227:7227 #optional Thrift Backend
     networks:
       - web
     labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.pyload.rule=Host(`download.${DOMAIN}`)"
-      - "traefik.http.routers.pyload.entrypoints=web"
-      - "traefik.http.services.pyload.loadbalancer.server.port=8000"
-      - "docker.group=selfhost"
       - "docker.group=download"
     restart: unless-stopped
 

media/docker-compose.yml

@@ -28,16 +28,4 @@ services:
 #      - /dev/dri/renderD128:/dev/dri/renderD128
 #      - /dev/dri/card0:/dev/dri/card0
     labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.jellyfin.rule=Host(`jellyfin.${DOMAIN}`)"
-      - "traefik.http.routers.jellyfin.entrypoints=web"
-      - "traefik.http.services.jellyfin.loadbalancer.server.port=8096"
-      - 'traefik.http.middlewares.jellyfin-mw.headers.customResponseHeaders.X-Robots-Tag=noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex'
-      - 'traefik.http.middlewares.jellyfin-mw.headers.frameDeny=true'
-      - 'traefik.http.middlewares.jellyfin-mw.headers.contentTypeNosniff=true'
-      - 'traefik.http.middlewares.jellyfin-mw.headers.customresponseheaders.X-XSS-PROTECTION=1'
-      - 'traefik.http.middlewares.jellyfin-mw.headers.browserXSSFilter=true'
-      - "traefik.http.middlewares.jellyfin-mw.headers.customFrameOptionsValue='allow-from http://jellyfin.${DOMAIN}'"
-      - "traefik.http.middlewares.jellyfin-mw.headers.customrequestheaders.X-Forwarded-Proto: https"
-      - 'traefik.http.routers.jellyfin.middlewares=jellyfin-mw'
       - "docker.group=media"

monitoring/docker-compose.yaml

@@ -9,11 +9,6 @@ services:
       - web
       - monitoring
     labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.monitoring.rule=Host(`monitoring.${DOMAIN}`)"
-      - "traefik.http.routers.monitoring.entrypoints=web"
-      - "traefik.http.services.monitoring.loadbalancer.server.port=3000"
-      - "traefik.docker.network=web"
       - "docker.group=monitoring"
     environment:
       - GF_DEFAULT_INSTANCE_NAME=monitoring.${DOMAIN}
@@ -62,11 +57,6 @@ services:
       - ${VOLUMES_PATH}/monitoring/influxdb/:/var/lib/influxdb
       - ${PWD}/influxdb.conf:/etc/influxdb/influxdb.conf:ro
     labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.influxdb.rule=Host(`influxdb.${DOMAIN}`)"
-      - "traefik.http.routers.influxdb.entrypoints=web"
-      - "traefik.http.services.influxdb.loadbalancer.server.port=8086"
-      - "traefik.docker.network=web"
       - "docker.group=monitoring"
 
 
@@ -79,11 +69,6 @@ services:
       - dockersocket
     restart: unless-stopped
     labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.uptimekuma.rule=Host(`uptime.${DOMAIN}`)"
-      - "traefik.http.routers.uptimekuma.entrypoints=web"
-      - "traefik.http.services.uptimekuma.loadbalancer.server.port=3001"
-      - "traefik.docker.network=web"
       - "docker.group=monitoring"
 
 networks:

paperless/docker-compose.yaml

@@ -59,11 +59,6 @@ services:
       - USERMAP_GID=1000
       - PAPERLESS_PRE_CONSUME_SCRIPT=/usr/src/paperless/scripts/removePdfPassword.py
     labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.paperless.rule=Host(`paperless.${DOMAIN}`)"
-      - "traefik.http.routers.paperless.entrypoints=web"
-      - "traefik.http.services.paperless.loadbalancer.server.port=8000"
-      - "traefik.docker.network=web"
       - "docker.group=paperless"
 
 

proxy/Caddyfile

@@ -0,0 +1,52 @@
+{
+  auto_https off
+}
+
+http://whoami.lan {
+  reverse_proxy whoami:80
+}
+
+http://dashboard.lan {
+  reverse_proxy homer:8080
+}
+
+http://hassi.lan {
+#  reverse_proxy homeassistant:8123
+  reverse_proxy dockerhost-1.lan:8123
+}
+
+http://zigbee2mqtt.lan {
+  reverse_proxy zigbee2mqtt:8080
+}
+
+http://jellyfin.lan {
+  reverse_proxy jellyfin:8096
+}
+
+http://paperless.lan {
+  reverse_proxy paperless-ngx:8000
+}
+
+http://download.lan {
+  reverse_proxy pyload:8000
+}
+
+http://monitoring.lan {
+  reverse_proxy grafana:3000
+}
+
+http://influxdb.lan {
+  reverse_proxy influxdb:8086
+}
+
+http://uptime.lan {
+  reverse_proxy uptime-kuma:3001
+}
+
+http://torrent.lan {
+  reverse_proxy transmission:9091
+}
+
+:80, :443 {
+  respond 404
+}

proxy/docker-compose.yaml

@@ -1,54 +1,25 @@
 services:
 
-  traefik:
-    image: traefik:${TRAEFIK_VERSION}
-    restart: always
+  caddy:
+    image: caddy:2
+    restart: unless-stopped
     ports:
-      - "80:80"
-      - "443:443"
+      - 80:80
+    volumes:
+      - ${VOLUMES_PATH}/proxy/caddy/data:/data
+      - ${VOLUMES_PATH}/proxy/caddy/config:/config
+      - ./Caddyfile:/etc/caddy/Caddyfile:ro
     networks:
       - web
-      - dockersocket
-    volumes:
-      - "$PWD/traefik.yml:/etc/traefik/traefik.yml"
-      - "$PWD/extraProviders/:/extraProviders:ro"
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.traefik.rule=Host(`traefik.${HOSTNAME}`)"
-      - "traefik.http.routers.traefik.entrypoints=web"
-      - "traefik.http.services.traefik.loadbalancer.server.port=8080"
-      - "docker.group=proxy"
-    extra_hosts:
-      - host.docker.internal:172.17.0.1
-    depends_on:
-      - docker-socket-proxy
 
 
-  docker-socket-proxy:
-    image: tecnativa/docker-socket-proxy
-    restart: unless-stopped
-    volumes: 
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    environment:
-      # grant privileges as environment variables: https://github.com/Tecnativa/docker-socket-proxy#grant-or-revoke-access-to-certain-api-sections
-      - CONTAINERS=1
-      - INFO=1      
+  whoami:
+    image: containous/whoami
     networks:
-      - dockersocket
-    privileged: true
-
-
-#  whoami:
-#    image: containous/whoami
-#    networks:
-#      - web
-#    labels:
-#      - "traefik.enable=true"
-#      - "traefik.http.routers.whoami.rule=Host(`whoami.${HOSTNAME}`)"
-#      - "traefik.http.routers.whoami.entrypoints=web"
-#      - "traefik.http.services.whoami.loadbalancer.server.port=80"
-#      - "docker.group=proxy"
-#    restart: unless-stopped
+      - web
+    labels:
+      - "docker.group=proxy"
+    restart: unless-stopped
 
 
 networks:

proxy/traefik.yml

@@ -1,23 +0,0 @@
-debug: true
-checkNewVersion: true
-logLevel: INFO
-#defaultEntryPoints: ["https","http"]
-defaultEntryPoints: [http]
-
-api:
-  insecure: true
-
-providers:
-  docker:
-    exposedbydefault: false
-    endpoint: "tcp://docker-socket-proxy:2375"
-
-  file:
-    directory: /extraProviders
-    
-
-entryPoints:
-  web:
-    address: ':80'
-
-

smartHome/docker-compose.yaml

@@ -10,25 +10,23 @@ services:
     restart: unless-stopped
     network_mode: host
     labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.hassi.rule=Host(`hassi.${DOMAIN}`)"
-      - "traefik.http.routers.hassi.entrypoints=web"
-      - "traefik.http.services.hassi.loadbalancer.server.port=8123"
       - "docker.group=smartHome"
 
+
   mqttbroker:
     image: eclipse-mosquitto:${MOSQUITTO_VERSION}
     restart: unless-stopped
-    network_mode: host
-    expose:
-      - 1883
-    #ports:
-    #  - 1883:1883 # mqtt over TCP
+    networks:
+       - smarthome
+    ports:
+      - 1883:1883 # mqtt over TCP
     #  - 9001:9001 # Websockets
     volumes:
       - ./mosquitto.conf:/mosquitto/config/mosquitto.conf
       - ${VOLUMES_PATH}/smartHome/mosquitto/data:/mosquitto/data
       - ${VOLUMES_PATH}/smartHome/mosquitto/log:/mosquitto/log
+    labels:
+      - "docker.group=smartHome"
 
 
   zigbee2mqtt:
@@ -43,14 +41,12 @@ services:
       - ${ZIGBEE_DEVICE}:/dev/ttyACM0
     networks:
       - web
+      - smarthome
     labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.zigbee2mqtt.rule=Host(`zigbee2mqtt.${DOMAIN}`)"
-      - "traefik.http.routers.zigbee2mqtt.entrypoints=web"
-      - "traefik.http.services.zigbee2mqtt.loadbalancer.server.port=8080"
       - "docker.group=smartHome"
 
 
 networks:
   web:
     external: true
+  smarthome:

torrent/docker-compose.yaml

@@ -18,10 +18,6 @@ services:
       - 51413:51413/udp
     restart: unless-stopped
     labels:
-     - "traefik.enable=true"
-     - "traefik.http.routers.torrent.rule=Host(`torrent.${DOMAIN}`)"
-     - "traefik.http.routers.torrent.entrypoints=web"
-     - "traefik.http.services.torrent.loadbalancer.server.port=9091"
      - "docker.group=torrent"
     mem_limit: 512m