forked from coop-cloud/traefik
Compare commits
1 Commits
master
...
error-page
Author | SHA1 | Date |
---|---|---|
decentral1se | b538fa1509 |
18
.env.sample
18
.env.sample
|
@ -1,6 +1,6 @@
|
|||
TYPE=traefik
|
||||
|
||||
DOMAIN={{ .Domain }}
|
||||
DOMAIN=traefik.example.com
|
||||
LETS_ENCRYPT_ENV=production
|
||||
|
||||
LETS_ENCRYPT_EMAIL=certs@example.com
|
||||
|
@ -44,12 +44,6 @@ COMPOSE_FILE="compose.yml"
|
|||
#GANDI_ENABLED=1
|
||||
#SECRET_GANDIV5_API_KEY_VERSION=v1
|
||||
|
||||
## Cloudflare, https://cloudflare.com
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.cloudflare.yml"
|
||||
#CLOUDFLARE_ENABLED=1
|
||||
#SECRET_CLOUDFLARE_EMAIL_VERSION=v1
|
||||
#SECRET_CLOUDFLARE_API_KEY=v1
|
||||
|
||||
#####################################################################
|
||||
# Keycloak log-in #
|
||||
#####################################################################
|
||||
|
@ -58,8 +52,6 @@ COMPOSE_FILE="compose.yml"
|
|||
#COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml"
|
||||
#KEYCLOAK_MIDDLEWARE_ENABLED=1
|
||||
#KEYCLOAK_TFA_SERVICE=traefik-forward-auth_app
|
||||
#KEYCLOAK_MIDDLEWARE_2_ENABLED=1
|
||||
#KEYCLOAK_TFA_SERVICE_2=traefik-forward-auth_app
|
||||
|
||||
#####################################################################
|
||||
# Prometheus metrics #
|
||||
|
@ -77,10 +69,6 @@ COMPOSE_FILE="compose.yml"
|
|||
#COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
|
||||
#SMTP_ENABLED=1
|
||||
|
||||
## Compy
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.compy.yml"
|
||||
#COMPY_ENABLED=1
|
||||
|
||||
## Gitea SSH
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.gitea.yml"
|
||||
# GITEA_SSH_ENABLED=1
|
||||
|
@ -104,7 +92,3 @@ COMPOSE_FILE="compose.yml"
|
|||
## Mumble
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.mumble.yml"
|
||||
#MUMBLE_ENABLED=1
|
||||
|
||||
## Matrix
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml"
|
||||
#MATRIX_FEDERATION_ENABLED=1
|
||||
|
|
|
@ -7,11 +7,11 @@
|
|||
<!-- metadata -->
|
||||
* **Category**: Utilities
|
||||
* **Status**: ?
|
||||
* **Image**: [`traefik`](https://hub.docker.com/_/traefik), 4, upstream
|
||||
* **Image**: [`traefik`](https://hub.docker.com/_/traefik), ❶💚, upstream
|
||||
* **Healthcheck**: Yes
|
||||
* **Backups**: No
|
||||
* **Email**: N/A
|
||||
* **Tests**: 2
|
||||
* **Tests**: ❷💛
|
||||
* **SSO**: ? (Keycloak)
|
||||
<!-- endmetadata -->
|
||||
|
||||
|
|
4
abra.sh
4
abra.sh
|
@ -1,3 +1,3 @@
|
|||
export TRAEFIK_YML_VERSION=v14
|
||||
export FILE_PROVIDER_YML_VERSION=v6
|
||||
export TRAEFIK_YML_VERSION=v12
|
||||
export FILE_PROVIDER_YML_VERSION=v3
|
||||
export ENTRYPOINT_VERSION=v2
|
||||
|
|
|
@ -1,20 +0,0 @@
|
|||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- CLOUDFLARE_EMAIL_FILE=/run/secrets/cloudflare_email
|
||||
- CLOUDFLARE_API_KEY_FILE=/run/secrets/cloudflare_api_key
|
||||
- LETS_ENCRYPT_DNS_CHALLENGE_ENABLED
|
||||
- LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER
|
||||
secrets:
|
||||
- cloudflare_email
|
||||
- cloudflare_api_key
|
||||
|
||||
secrets:
|
||||
cloudflare_email:
|
||||
name: ${STACK_NAME}_cloudflare_email_${SECRET_CLOUDFLARE_EMAIL_VERSION}
|
||||
external: true
|
||||
cloudflare_api_key:
|
||||
name: ${STACK_NAME}_cloudflare_api_key_${SECRET_CLOUDFLARE_API_KEY}
|
||||
external: true
|
|
@ -1,7 +0,0 @@
|
|||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- COMPY_ENABLED
|
||||
ports:
|
||||
- "9999:9999"
|
|
@ -12,3 +12,4 @@ services:
|
|||
- "traefik.http.services.traefik.loadbalancer.server.port=web"
|
||||
- "traefik.http.routers.traefik.entrypoints=web-secure"
|
||||
- "traefik.http.routers.traefik.service=api@internal"
|
||||
- "coop-cloud.${STACK_NAME}.app.version=v2.4.9-be23e1f6"
|
||||
|
|
|
@ -5,9 +5,7 @@ services:
|
|||
app:
|
||||
deploy:
|
||||
labels:
|
||||
- "traefik.http.routers.${STACK_NAME}.middlewares=keycloak@file"
|
||||
- "traefik.http.routers.traefik.middlewares=keycloak@file"
|
||||
environment:
|
||||
- KEYCLOAK_MIDDLEWARE_ENABLED
|
||||
- KEYCLOAK_TFA_SERVICE
|
||||
- KEYCLOAK_MIDDLEWARE_2_ENABLED
|
||||
- KEYCLOAK_TFA_SERVICE_2
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- MATRIX_FEDERATION_ENABLED
|
||||
ports:
|
||||
- "8448:8448"
|
|
@ -1,9 +0,0 @@
|
|||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- MINIO_CONSOLE_ENABLED
|
||||
ports:
|
||||
- "9001:9001"
|
23
compose.yml
23
compose.yml
|
@ -3,7 +3,7 @@ version: "3.8"
|
|||
|
||||
services:
|
||||
app:
|
||||
image: "traefik:v2.5.6"
|
||||
image: "traefik:v2.5.2"
|
||||
# Note(decentral1se): *please do not* add any additional ports here.
|
||||
# Doing so could break new installs with port conflicts. Please use
|
||||
# the usual `compose.$app.yml` approach for any additional ports
|
||||
|
@ -26,8 +26,6 @@ services:
|
|||
environment:
|
||||
- DASHBOARD_ENABLED
|
||||
- LOG_LEVEL
|
||||
- LETS_ENCRYPT_EMAIL
|
||||
- LETS_ENCRYPT_ENV
|
||||
healthcheck:
|
||||
test: ["CMD", "traefik", "healthcheck"]
|
||||
interval: 30s
|
||||
|
@ -49,7 +47,24 @@ services:
|
|||
- "traefik.http.routers.traefik.tls.options=default@file"
|
||||
- "traefik.http.routers.traefik.service=api@internal"
|
||||
- "traefik.http.routers.traefik.middlewares=security@file"
|
||||
- "coop-cloud.${STACK_NAME}.version=1.0.1+v2.5.6"
|
||||
- "coop-cloud.${STACK_NAME}.version=1.0.0+v2.5.2"
|
||||
|
||||
web:
|
||||
image: tarampampam/error-pages:2.2.0
|
||||
environment:
|
||||
- TEMPLATE_NAME=shuffle
|
||||
networks:
|
||||
- proxy
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.services.error-pages-service.loadbalancer.server.port=8080"
|
||||
- "traefik.http.routers.error-router.entrypoints=web-secure"
|
||||
- "traefik.http.routers.error-router.rule=HostRegexp(`{host:.+}`)"
|
||||
- "traefik.http.routers.error-router.priority=10"
|
||||
- "traefik.http.routers.error-router.middlewares=error-pages-middleware@docker"
|
||||
- "traefik.http.middlewares.error-pages-middleware.errors.status=400-599"
|
||||
- "traefik.http.middlewares.error-pages-middleware.errors.service=error-pages-service@docker"
|
||||
- "traefik.http.middlewares.error-pages-middleware.errors.query=/{status}.html"
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
|
|
|
@ -11,9 +11,4 @@ export OVH_APPLICATION_SECRET=$(cat "$OVH_APPLICATION_SECRET_FILE")
|
|||
export GANDIV5_API_KEY=$(cat "$GANDIV5_API_KEY_FILE")
|
||||
{{ end }}
|
||||
|
||||
{{ if eq (env "CLOUDFLARE_ENABLED") "1" }}
|
||||
export CLOUDFLARE_EMAIL=$(cat "$CLOUDFLARE_EMAIL_FILE")
|
||||
export CLOUDFLARE_API_KEY=$(cat "$CLOUDFLARE_API_KEY_FILE")
|
||||
{{ end }}
|
||||
|
||||
/entrypoint.sh "$@"
|
||||
|
|
|
@ -9,14 +9,6 @@ http:
|
|||
authResponseHeaders:
|
||||
- X-Forwarded-User
|
||||
{{ end }}
|
||||
{{ if eq (env "KEYCLOAK_MIDDLEWARE_2_ENABLED") "1" }}
|
||||
keycloak2:
|
||||
forwardAuth:
|
||||
address: "http://{{ env "KEYCLOAK_TFA_SERVICE_2" }}:4181"
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-Forwarded-User
|
||||
{{ end }}
|
||||
security:
|
||||
headers:
|
||||
frameDeny: true
|
||||
|
|
|
@ -54,18 +54,10 @@ entrypoints:
|
|||
mumble-udp:
|
||||
address: ":64738/udp"
|
||||
{{ end }}
|
||||
{{ if eq (env "COMPY_ENABLED") "1" }}
|
||||
compy:
|
||||
address: ":9999"
|
||||
{{ end }}
|
||||
{{ if eq (env "METRICS_ENABLED") "1" }}
|
||||
metrics:
|
||||
address: ":8082"
|
||||
{{ end }}
|
||||
{{ if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
|
||||
matrix-federation:
|
||||
address: ":9001"
|
||||
{{ end }}
|
||||
|
||||
ping:
|
||||
entryPoint: web
|
||||
|
@ -77,36 +69,30 @@ metrics:
|
|||
{{ end }}
|
||||
|
||||
certificatesResolvers:
|
||||
{{ if eq (env "LETS_ENCRYPT_ENV") "staging" }}
|
||||
staging:
|
||||
acme:
|
||||
email: {{ env "LETS_ENCRYPT_EMAIL" }}
|
||||
storage: /etc/letsencrypt/staging-acme.json
|
||||
caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
|
||||
httpChallenge:
|
||||
entryPoint: web
|
||||
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||
dnsChallenge:
|
||||
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
|
||||
resolvers:
|
||||
- "1.1.1.1:53"
|
||||
- "8.8.8.8:53"
|
||||
{{ else }}
|
||||
httpChallenge:
|
||||
entryPoint: web
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
{{ if eq (env "LETS_ENCRYPT_ENV") "production" }}
|
||||
production:
|
||||
acme:
|
||||
email: {{ env "LETS_ENCRYPT_EMAIL" }}
|
||||
storage: /etc/letsencrypt/production-acme.json
|
||||
httpChallenge:
|
||||
entryPoint: web
|
||||
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
|
||||
dnsChallenge:
|
||||
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
|
||||
resolvers:
|
||||
- "1.1.1.1:53"
|
||||
- "8.8.8.8:53"
|
||||
{{ else }}
|
||||
httpChallenge:
|
||||
entryPoint: web
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
|
|
Loading…
Reference in New Issue