Replace Traefik with Caddy as proxy #2

Merged
fzirker merged 1 commit from caddy-proxy into main 2024-10-08 16:12:38 +02:00
10 changed files with 69 additions and 122 deletions

View file

@ -10,10 +10,6 @@ services:
environment:
- INIT_ASSETS=1
labels:
- "traefik.enable=true"
- "traefik.http.routers.homer.rule=Host(`dashboard.${DOMAIN}`)"
- "traefik.http.routers.homer.entrypoints=web"
- "traefik.http.services.homer.loadbalancer.server.port=8080"
- "docker.group=dashboard"
restart: unless-stopped

View file

@ -1,6 +1,6 @@
services:
app:
pyload:
image: linuxserver/pyload-ng
environment:
- PUID=1000
@ -9,16 +9,9 @@ services:
volumes:
- ${VOLUMES_PATH}/download/pyload:/config
- ${DOWNLOAD_PATH}:/downloads
# ports:
#- 7227:7227 #optional Thrift Backend
networks:
- web
labels:
- "traefik.enable=true"
- "traefik.http.routers.pyload.rule=Host(`download.${DOMAIN}`)"
- "traefik.http.routers.pyload.entrypoints=web"
- "traefik.http.services.pyload.loadbalancer.server.port=8000"
- "docker.group=selfhost"
- "docker.group=download"
restart: unless-stopped

View file

@ -28,16 +28,4 @@ services:
# - /dev/dri/renderD128:/dev/dri/renderD128
# - /dev/dri/card0:/dev/dri/card0
labels:
- "traefik.enable=true"
- "traefik.http.routers.jellyfin.rule=Host(`jellyfin.${DOMAIN}`)"
- "traefik.http.routers.jellyfin.entrypoints=web"
- "traefik.http.services.jellyfin.loadbalancer.server.port=8096"
- 'traefik.http.middlewares.jellyfin-mw.headers.customResponseHeaders.X-Robots-Tag=noindex,nofollow,nosnippet,noarchive,notranslate,noimageindex'
- 'traefik.http.middlewares.jellyfin-mw.headers.frameDeny=true'
- 'traefik.http.middlewares.jellyfin-mw.headers.contentTypeNosniff=true'
- 'traefik.http.middlewares.jellyfin-mw.headers.customresponseheaders.X-XSS-PROTECTION=1'
- 'traefik.http.middlewares.jellyfin-mw.headers.browserXSSFilter=true'
- "traefik.http.middlewares.jellyfin-mw.headers.customFrameOptionsValue='allow-from http://jellyfin.${DOMAIN}'"
- "traefik.http.middlewares.jellyfin-mw.headers.customrequestheaders.X-Forwarded-Proto: https"
- 'traefik.http.routers.jellyfin.middlewares=jellyfin-mw'
- "docker.group=media"

View file

@ -9,11 +9,6 @@ services:
- web
- monitoring
labels:
- "traefik.enable=true"
- "traefik.http.routers.monitoring.rule=Host(`monitoring.${DOMAIN}`)"
- "traefik.http.routers.monitoring.entrypoints=web"
- "traefik.http.services.monitoring.loadbalancer.server.port=3000"
- "traefik.docker.network=web"
- "docker.group=monitoring"
environment:
- GF_DEFAULT_INSTANCE_NAME=monitoring.${DOMAIN}
@ -62,11 +57,6 @@ services:
- ${VOLUMES_PATH}/monitoring/influxdb/:/var/lib/influxdb
- ${PWD}/influxdb.conf:/etc/influxdb/influxdb.conf:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.influxdb.rule=Host(`influxdb.${DOMAIN}`)"
- "traefik.http.routers.influxdb.entrypoints=web"
- "traefik.http.services.influxdb.loadbalancer.server.port=8086"
- "traefik.docker.network=web"
- "docker.group=monitoring"
@ -79,11 +69,6 @@ services:
- dockersocket
restart: unless-stopped
labels:
- "traefik.enable=true"
- "traefik.http.routers.uptimekuma.rule=Host(`uptime.${DOMAIN}`)"
- "traefik.http.routers.uptimekuma.entrypoints=web"
- "traefik.http.services.uptimekuma.loadbalancer.server.port=3001"
- "traefik.docker.network=web"
- "docker.group=monitoring"
networks:

View file

@ -59,11 +59,6 @@ services:
- USERMAP_GID=1000
- PAPERLESS_PRE_CONSUME_SCRIPT=/usr/src/paperless/scripts/removePdfPassword.py
labels:
- "traefik.enable=true"
- "traefik.http.routers.paperless.rule=Host(`paperless.${DOMAIN}`)"
- "traefik.http.routers.paperless.entrypoints=web"
- "traefik.http.services.paperless.loadbalancer.server.port=8000"
- "traefik.docker.network=web"
- "docker.group=paperless"

52
proxy/Caddyfile Normal file
View file

@ -0,0 +1,52 @@
{
auto_https off
}
http://whoami.lan {
reverse_proxy whoami:80
}
http://dashboard.lan {
reverse_proxy homer:8080
}
http://hassi.lan {
# reverse_proxy homeassistant:8123
reverse_proxy dockerhost-1.lan:8123
}
http://zigbee2mqtt.lan {
reverse_proxy zigbee2mqtt:8080
}
http://jellyfin.lan {
reverse_proxy jellyfin:8096
}
http://paperless.lan {
reverse_proxy paperless-ngx:8000
}
http://download.lan {
reverse_proxy pyload:8000
}
http://monitoring.lan {
reverse_proxy grafana:3000
}
http://influxdb.lan {
reverse_proxy influxdb:8086
}
http://uptime.lan {
reverse_proxy uptime-kuma:3001
}
http://torrent.lan {
reverse_proxy transmission:9091
}
:80, :443 {
respond 404
}

View file

@ -1,54 +1,25 @@
services:
traefik:
image: traefik:${TRAEFIK_VERSION}
restart: always
caddy:
image: caddy:2
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- 80:80
volumes:
- ${VOLUMES_PATH}/proxy/caddy/data:/data
- ${VOLUMES_PATH}/proxy/caddy/config:/config
- ./Caddyfile:/etc/caddy/Caddyfile:ro
networks:
- web
- dockersocket
volumes:
- "$PWD/traefik.yml:/etc/traefik/traefik.yml"
- "$PWD/extraProviders/:/extraProviders:ro"
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`traefik.${HOSTNAME}`)"
- "traefik.http.routers.traefik.entrypoints=web"
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
- "docker.group=proxy"
extra_hosts:
- host.docker.internal:host-gateway
depends_on:
- docker-socket-proxy
docker-socket-proxy:
image: tecnativa/docker-socket-proxy
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
# grant privileges as environment variables: https://github.com/Tecnativa/docker-socket-proxy#grant-or-revoke-access-to-certain-api-sections
- CONTAINERS=1
- INFO=1
whoami:
image: containous/whoami
networks:
- dockersocket
privileged: true
# whoami:
# image: containous/whoami
# networks:
# - web
# labels:
# - "traefik.enable=true"
# - "traefik.http.routers.whoami.rule=Host(`whoami.${HOSTNAME}`)"
# - "traefik.http.routers.whoami.entrypoints=web"
# - "traefik.http.services.whoami.loadbalancer.server.port=80"
# - "docker.group=proxy"
# restart: unless-stopped
- web
labels:
- "docker.group=proxy"
restart: unless-stopped
networks:

View file

@ -1,23 +0,0 @@
debug: true
checkNewVersion: true
logLevel: INFO
#defaultEntryPoints: ["https","http"]
defaultEntryPoints: [http]
api:
insecure: true
providers:
docker:
exposedbydefault: false
endpoint: "tcp://docker-socket-proxy:2375"
file:
directory: /extraProviders
entryPoints:
web:
address: ':80'

View file

@ -10,10 +10,6 @@ services:
restart: unless-stopped
network_mode: host
labels:
- "traefik.enable=true"
- "traefik.http.routers.hassi.rule=Host(`hassi.${DOMAIN}`)"
- "traefik.http.routers.hassi.entrypoints=web"
- "traefik.http.services.hassi.loadbalancer.server.port=8123"
- "docker.group=smartHome"
@ -29,6 +25,8 @@ services:
- ./mosquitto.conf:/mosquitto/config/mosquitto.conf
- ${VOLUMES_PATH}/smartHome/mosquitto/data:/mosquitto/data
- ${VOLUMES_PATH}/smartHome/mosquitto/log:/mosquitto/log
labels:
- "docker.group=smartHome"
zigbee2mqtt:
@ -45,10 +43,6 @@ services:
- web
- smarthome
labels:
- "traefik.enable=true"
- "traefik.http.routers.zigbee2mqtt.rule=Host(`zigbee2mqtt.${DOMAIN}`)"
- "traefik.http.routers.zigbee2mqtt.entrypoints=web"
- "traefik.http.services.zigbee2mqtt.loadbalancer.server.port=8080"
- "docker.group=smartHome"

View file

@ -18,10 +18,6 @@ services:
- 51413:51413/udp
restart: unless-stopped
labels:
- "traefik.enable=true"
- "traefik.http.routers.torrent.rule=Host(`torrent.${DOMAIN}`)"
- "traefik.http.routers.torrent.entrypoints=web"
- "traefik.http.services.torrent.loadbalancer.server.port=9091"
- "docker.group=torrent"
mem_limit: 512m