appletalk
/
traefik
forked from coop-cloud/traefik
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: appletalk:master
Branches Tags
appletalk:master
appletalk:forward-auth-2
appletalk:digitalocean-dns
appletalk:error-pages
appletalk:rejig-compose-vars
coop-cloud:master
coop-cloud:error-pages-again
coop-cloud:metrics
coop-cloud:basic-auth
coop-cloud:error-messages-attempt
coop-cloud:error-pages-attempt
coop-cloud:minecraft
coop-cloud:forward-auth-2
coop-cloud:error-pages
coop-cloud:rejig-compose-vars
coop-cloud:self-signed
appletalk:1.0.1+v2.5.6
appletalk:1.0.0+v2.5.2
appletalk:v2.4.9
appletalk:v2.4.8_1
appletalk:v2.4.8
coop-cloud:3.0.0+v3.0.0
coop-cloud:2.6.3+v2.11.2
coop-cloud:2.6.2+v2.11.1
coop-cloud:2.6.1+v2.11.0
coop-cloud:2.6.0+v2.11.0
coop-cloud:2.5.0+v2.11.0
coop-cloud:2.4.3+v2.10.5
coop-cloud:2.1.0+v2.9.9
coop-cloud:2.4.2+v2.10.4
coop-cloud:2.4.1+v2.10.3
coop-cloud:2.4.0+v2.10.1
coop-cloud:2.3.1+v2.10.2
coop-cloud:2.3.0+v2.10.2
coop-cloud:2.2.0+v2.10.2
coop-cloud:2.2.0+v2.10.1
coop-cloud:2.0.4+v2.9.6
coop-cloud:2.0.3+v2.9.6
coop-cloud:2.0.2+v2.9.5
coop-cloud:2.0.0+v2.9.1
coop-cloud:1.1.1+v2.8.1
coop-cloud:1.1.0+v2.8.0
coop-cloud:1.0.1+v2.5.6
coop-cloud:1.0.0+v2.5.2
..
compare: appletalk:error-pages
Branches Tags
appletalk:master
appletalk:forward-auth-2
appletalk:digitalocean-dns
appletalk:error-pages
appletalk:rejig-compose-vars
coop-cloud:master
coop-cloud:error-pages-again
coop-cloud:metrics
coop-cloud:basic-auth
coop-cloud:error-messages-attempt
coop-cloud:error-pages-attempt
coop-cloud:minecraft
coop-cloud:forward-auth-2
coop-cloud:error-pages
coop-cloud:rejig-compose-vars
coop-cloud:self-signed
appletalk:1.0.1+v2.5.6
appletalk:1.0.0+v2.5.2
appletalk:v2.4.9
appletalk:v2.4.8_1
appletalk:v2.4.8
coop-cloud:3.0.0+v3.0.0
coop-cloud:2.6.3+v2.11.2
coop-cloud:2.6.2+v2.11.1
coop-cloud:2.6.1+v2.11.0
coop-cloud:2.6.0+v2.11.0
coop-cloud:2.5.0+v2.11.0
coop-cloud:2.4.3+v2.10.5
coop-cloud:2.1.0+v2.9.9
coop-cloud:2.4.2+v2.10.4
coop-cloud:2.4.1+v2.10.3
coop-cloud:2.4.0+v2.10.1
coop-cloud:2.3.1+v2.10.2
coop-cloud:2.3.0+v2.10.2
coop-cloud:2.2.0+v2.10.2
coop-cloud:2.2.0+v2.10.1
coop-cloud:2.0.4+v2.9.6
coop-cloud:2.0.3+v2.9.6
coop-cloud:2.0.2+v2.9.5
coop-cloud:2.0.0+v2.9.1
coop-cloud:1.1.1+v2.8.1
coop-cloud:1.1.0+v2.8.0
coop-cloud:1.0.1+v2.5.6
coop-cloud:1.0.0+v2.5.2

1 Commits
master ... error-page

Author SHA1 Message Date
decentral1se b538fa1509
feat: error pages 
See coop-cloud/organising#115 (comment).
 2021-11-14 00:34:57 +01:00
13 changed files with 30 additions and 102 deletions
Show Stats Expand all files Collapse all files

18
.env.sample
View File

@ -1,6 +1,6 @@
TYPE=traefik
DOMAIN={{ .Domain }}
DOMAIN=traefik.example.com
LETS_ENCRYPT_ENV=production
LETS_ENCRYPT_EMAIL=certs@example.com
@ -44,12 +44,6 @@ COMPOSE_FILE="compose.yml"
#GANDI_ENABLED=1
#SECRET_GANDIV5_API_KEY_VERSION=v1
## Cloudflare, https://cloudflare.com
#COMPOSE_FILE="$COMPOSE_FILE:compose.cloudflare.yml"
#CLOUDFLARE_ENABLED=1
#SECRET_CLOUDFLARE_EMAIL_VERSION=v1
#SECRET_CLOUDFLARE_API_KEY=v1
#####################################################################
# Keycloak log-in #
#####################################################################
@ -58,8 +52,6 @@ COMPOSE_FILE="compose.yml"
#COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml"
#KEYCLOAK_MIDDLEWARE_ENABLED=1
#KEYCLOAK_TFA_SERVICE=traefik-forward-auth_app
#KEYCLOAK_MIDDLEWARE_2_ENABLED=1
#KEYCLOAK_TFA_SERVICE_2=traefik-forward-auth_app
#####################################################################
# Prometheus metrics #
@ -77,10 +69,6 @@ COMPOSE_FILE="compose.yml"
#COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
#SMTP_ENABLED=1
## Compy
#COMPOSE_FILE="$COMPOSE_FILE:compose.compy.yml"
#COMPY_ENABLED=1
## Gitea SSH
# COMPOSE_FILE="$COMPOSE_FILE:compose.gitea.yml"
# GITEA_SSH_ENABLED=1
@ -104,7 +92,3 @@ COMPOSE_FILE="compose.yml"
## Mumble
#COMPOSE_FILE="$COMPOSE_FILE:compose.mumble.yml"
#MUMBLE_ENABLED=1
## Matrix
#COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml"
#MATRIX_FEDERATION_ENABLED=1

4
README.md
View File

@ -7,11 +7,11 @@
<!-- metadata -->
* **Category**: Utilities
* **Status**: ?
* **Image**: [`traefik`](https://hub.docker.com/_/traefik), 4, upstream
* **Image**: [`traefik`](https://hub.docker.com/_/traefik), ❶💚, upstream
* **Healthcheck**: Yes
* **Backups**: No
* **Email**: N/A
* **Tests**: 2
* **Tests**: ❷💛
* **SSO**: ? (Keycloak)
<!-- endmetadata -->

4
abra.sh
View File

@ -1,3 +1,3 @@
export TRAEFIK_YML_VERSION=v14
export FILE_PROVIDER_YML_VERSION=v6
export TRAEFIK_YML_VERSION=v12
export FILE_PROVIDER_YML_VERSION=v3
export ENTRYPOINT_VERSION=v2

20
compose.cloudflare.yml
View File

@ -1,20 +0,0 @@
version: "3.8"
services:
app:
environment:
- CLOUDFLARE_EMAIL_FILE=/run/secrets/cloudflare_email
- CLOUDFLARE_API_KEY_FILE=/run/secrets/cloudflare_api_key
- LETS_ENCRYPT_DNS_CHALLENGE_ENABLED
- LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER
secrets:
- cloudflare_email
- cloudflare_api_key
secrets:
cloudflare_email:
name: ${STACK_NAME}_cloudflare_email_${SECRET_CLOUDFLARE_EMAIL_VERSION}
external: true
cloudflare_api_key:
name: ${STACK_NAME}_cloudflare_api_key_${SECRET_CLOUDFLARE_API_KEY}
external: true

7
compose.compy.yml
View File

@ -1,7 +0,0 @@
version: "3.8"
services:
app:
environment:
- COMPY_ENABLED
ports:
- "9999:9999"

1
compose.headless.yml
View File

@ -12,3 +12,4 @@ services:
- "traefik.http.services.traefik.loadbalancer.server.port=web"
- "traefik.http.routers.traefik.entrypoints=web-secure"
- "traefik.http.routers.traefik.service=api@internal"
- "coop-cloud.${STACK_NAME}.app.version=v2.4.9-be23e1f6"

4
compose.keycloak.yml
View File

@ -5,9 +5,7 @@ services:
app:
deploy:
labels:
- "traefik.http.routers.${STACK_NAME}.middlewares=keycloak@file"
- "traefik.http.routers.traefik.middlewares=keycloak@file"
environment:
- KEYCLOAK_MIDDLEWARE_ENABLED
- KEYCLOAK_TFA_SERVICE
- KEYCLOAK_MIDDLEWARE_2_ENABLED
- KEYCLOAK_TFA_SERVICE_2

7
compose.matrix.yml
View File

@ -1,7 +0,0 @@
version: "3.8"
services:
app:
environment:
- MATRIX_FEDERATION_ENABLED
ports:
- "8448:8448"

9
compose.minio.yml
View File

@ -1,9 +0,0 @@
---
version: "3.8"
services:
app:
environment:
- MINIO_CONSOLE_ENABLED
ports:
- "9001:9001"

23
compose.yml
View File

@ -3,7 +3,7 @@ version: "3.8"
services:
app:
image: "traefik:v2.5.6"
image: "traefik:v2.5.2"
# Note(decentral1se): *please do not* add any additional ports here.
# Doing so could break new installs with port conflicts. Please use
# the usual `compose.$app.yml` approach for any additional ports
@ -26,8 +26,6 @@ services:
environment:
- DASHBOARD_ENABLED
- LOG_LEVEL
- LETS_ENCRYPT_EMAIL
- LETS_ENCRYPT_ENV
healthcheck:
test: ["CMD", "traefik", "healthcheck"]
interval: 30s
@ -49,7 +47,24 @@ services:
- "traefik.http.routers.traefik.tls.options=default@file"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.middlewares=security@file"
- "coop-cloud.${STACK_NAME}.version=1.0.1+v2.5.6"
- "coop-cloud.${STACK_NAME}.version=1.0.0+v2.5.2"
web:
image: tarampampam/error-pages:2.2.0
environment:
- TEMPLATE_NAME=shuffle
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.services.error-pages-service.loadbalancer.server.port=8080"
- "traefik.http.routers.error-router.entrypoints=web-secure"
- "traefik.http.routers.error-router.rule=HostRegexp(`{host:.+}`)"
- "traefik.http.routers.error-router.priority=10"
- "traefik.http.routers.error-router.middlewares=error-pages-middleware@docker"
- "traefik.http.middlewares.error-pages-middleware.errors.status=400-599"
- "traefik.http.middlewares.error-pages-middleware.errors.service=error-pages-service@docker"
- "traefik.http.middlewares.error-pages-middleware.errors.query=/{status}.html"
networks:
proxy:

5
entrypoint.sh.tmpl
View File

@ -11,9 +11,4 @@ export OVH_APPLICATION_SECRET=$(cat "$OVH_APPLICATION_SECRET_FILE")
export GANDIV5_API_KEY=$(cat "$GANDIV5_API_KEY_FILE")
{{ end }}
{{ if eq (env "CLOUDFLARE_ENABLED") "1" }}
export CLOUDFLARE_EMAIL=$(cat "$CLOUDFLARE_EMAIL_FILE")
export CLOUDFLARE_API_KEY=$(cat "$CLOUDFLARE_API_KEY_FILE")
{{ end }}
/entrypoint.sh "$@"

8
file-provider.yml.tmpl
View File

@ -9,14 +9,6 @@ http:
authResponseHeaders:
- X-Forwarded-User
{{ end }}
{{ if eq (env "KEYCLOAK_MIDDLEWARE_2_ENABLED") "1" }}
keycloak2:
forwardAuth:
address: "http://{{ env "KEYCLOAK_TFA_SERVICE_2" }}:4181"
trustForwardHeader: true
authResponseHeaders:
- X-Forwarded-User
{{ end }}
security:
headers:
frameDeny: true

22
traefik.yml.tmpl
View File

@ -54,18 +54,10 @@ entrypoints:
mumble-udp:
address: ":64738/udp"
{{ end }}
{{ if eq (env "COMPY_ENABLED") "1" }}
compy:
address: ":9999"
{{ end }}
{{ if eq (env "METRICS_ENABLED") "1" }}
metrics:
address: ":8082"
{{ end }}
{{ if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
matrix-federation:
address: ":9001"
{{ end }}
ping:
entryPoint: web
@ -77,36 +69,30 @@ metrics:
{{ end }}
certificatesResolvers:
{{ if eq (env "LETS_ENCRYPT_ENV") "staging" }}
staging:
acme:
email: {{ env "LETS_ENCRYPT_EMAIL" }}
storage: /etc/letsencrypt/staging-acme.json
caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
httpChallenge:
entryPoint: web
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
dnsChallenge:
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
resolvers:
- "1.1.1.1:53"
- "8.8.8.8:53"
{{ else }}
httpChallenge:
entryPoint: web
{{ end }}
{{ end }}
{{ if eq (env "LETS_ENCRYPT_ENV") "production" }}
production:
acme:
email: {{ env "LETS_ENCRYPT_EMAIL" }}
storage: /etc/letsencrypt/production-acme.json
httpChallenge:
entryPoint: web
{{ if eq (env "LETS_ENCRYPT_DNS_CHALLENGE_ENABLED") "1" }}
dnsChallenge:
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
resolvers:
- "1.1.1.1:53"
- "8.8.8.8:53"
{{ else }}
httpChallenge:
entryPoint: web
{{ end }}
{{ end }}