Compare commits
28 Commits
1.0.0+v2.5
...
error-page
| Author | SHA1 | Date | |
|---|---|---|---|
| a805f5de26 | |||
| f1cfb814dd | |||
| ece8807959 | |||
| a1e75e8c8b | |||
| b62cb273ef | |||
| 5f25a272cb | |||
| 4c7a272838 | |||
| 2e68186042 | |||
| 975d8e01a4 | |||
| fcff3a2d6a | |||
| 981d2a3808 | |||
| 29eb1058cd | |||
df49a1f3b2
|
|||
| 099dcfaed0 | |||
|
1d7542cd5f
|
|||
|
5e1604322e
|
|||
|
36707989d2
|
|||
|
29f90fe409
|
|||
| 8a48c5e507 | |||
|
612d0cc6cc
|
|||
| 36c7b740ab | |||
| 59b0f8d645 | |||
| 556c448c05 | |||
| 26fcaaea69 | |||
| 02ebb1412f | |||
| 8e91a5a3ee | |||
| 3048d09cd8 | |||
| 2c9e980809 |
17
.env.sample
17
.env.sample
@ -8,14 +8,16 @@ LETS_ENCRYPT_EMAIL=certs@example.com
|
||||
# WARN, INFO etc.
|
||||
LOG_LEVEL=WARN
|
||||
|
||||
# This is here so later lines can extend the definition; you likely don't wanna
|
||||
# edit
|
||||
# This is here so later lines can extend it; you likely don't wanna edit
|
||||
COMPOSE_FILE="compose.yml"
|
||||
|
||||
#####################################################################
|
||||
# General settings #
|
||||
#####################################################################
|
||||
|
||||
## Error pages
|
||||
COMPOSE_FILE="$COMPOSE_FILE:compose.error-pages.yml"
|
||||
|
||||
## Host-mode networking
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.host.yml"
|
||||
|
||||
@ -52,6 +54,9 @@ COMPOSE_FILE="compose.yml"
|
||||
## Enable Keycloak
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml"
|
||||
#KEYCLOAK_MIDDLEWARE_ENABLED=1
|
||||
#KEYCLOAK_TFA_SERVICE=traefik-forward-auth_app
|
||||
#KEYCLOAK_MIDDLEWARE_2_ENABLED=1
|
||||
#KEYCLOAK_TFA_SERVICE_2=traefik-forward-auth_app
|
||||
|
||||
#####################################################################
|
||||
# Prometheus metrics #
|
||||
@ -69,6 +74,10 @@ COMPOSE_FILE="compose.yml"
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml"
|
||||
#SMTP_ENABLED=1
|
||||
|
||||
## Compy
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.compy.yml"
|
||||
#COMPY_ENABLED=1
|
||||
|
||||
## Gitea SSH
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.gitea.yml"
|
||||
# GITEA_SSH_ENABLED=1
|
||||
@ -92,3 +101,7 @@ COMPOSE_FILE="compose.yml"
|
||||
## Mumble
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.mumble.yml"
|
||||
#MUMBLE_ENABLED=1
|
||||
|
||||
## Matrix
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml"
|
||||
#MATRIX_FEDERATION_ENABLED=1
|
||||
|
||||
@ -7,11 +7,11 @@
|
||||
<!-- metadata -->
|
||||
* **Category**: Utilities
|
||||
* **Status**: ?
|
||||
* **Image**: [`traefik`](https://hub.docker.com/_/traefik), ❶💚, upstream
|
||||
* **Image**: [`traefik`](https://hub.docker.com/_/traefik), 4, upstream
|
||||
* **Healthcheck**: Yes
|
||||
* **Backups**: No
|
||||
* **Email**: N/A
|
||||
* **Tests**: ❷💛
|
||||
* **Tests**: 2
|
||||
* **SSO**: ? (Keycloak)
|
||||
<!-- endmetadata -->
|
||||
|
||||
@ -21,6 +21,6 @@
|
||||
2. `abra app new traefik`
|
||||
3. `abra app YOURAPPDOMAIN config` - be sure to change `DOMAIN` to something that resolves to
|
||||
your Docker swarm box
|
||||
4. `abra app YOURAPPDOMAIN deploy`
|
||||
4. `abra app deploy YOURAPPDOMAIN`
|
||||
|
||||
[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
|
||||
|
||||
4
abra.sh
4
abra.sh
@ -1,3 +1,3 @@
|
||||
export TRAEFIK_YML_VERSION=v12
|
||||
export FILE_PROVIDER_YML_VERSION=v2
|
||||
export TRAEFIK_YML_VERSION=v15
|
||||
export FILE_PROVIDER_YML_VERSION=v6
|
||||
export ENTRYPOINT_VERSION=v2
|
||||
|
||||
7
compose.compy.yml
Normal file
7
compose.compy.yml
Normal file
@ -0,0 +1,7 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- COMPY_ENABLED
|
||||
ports:
|
||||
- "9999:9999"
|
||||
36
compose.error-pages.yml
Normal file
36
compose.error-pages.yml
Normal file
@ -0,0 +1,36 @@
|
||||
version: '3.8'
|
||||
|
||||
services:
|
||||
error-pages:
|
||||
image: tarampampam/error-pages:latest # Using the latest tag is highly discouraged. Please, use tags in X.Y.Z format
|
||||
environment:
|
||||
TEMPLATE_NAME: app-down
|
||||
networks:
|
||||
- proxy
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
- node.role == worker
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.docker.network=proxy"
|
||||
- # use as "fallback" for any non-registered services (with priority below normal)
|
||||
- "traefik.http.routers.error-pages-router.rule=HostRegexp(`{host:.+}`)"
|
||||
- "traefik.http.routers.error-pages-router.priority=10"
|
||||
- # should say that all of your services work on https
|
||||
- "traefik.http.routers.error-pages-router.tls=true"
|
||||
- "traefik.http.routers.error-pages-router.entrypoints=https"
|
||||
- "traefik.http.routers.error-pages-router.middlewares=error-pages-middleware"
|
||||
- "traefik.http.services.error-pages-service.loadbalancer.server.port=8080"
|
||||
- # "errors" middleware settings
|
||||
- "traefik.http.middlewares.error-pages-middleware.errors.status=400-599"
|
||||
- "traefik.http.middlewares.error-pages-middleware.errors.service=error-pages-service"
|
||||
- "traefik.http.middlewares.error-pages-middleware.errors.query=/{status}.html"
|
||||
|
||||
app:
|
||||
deploy:
|
||||
labels:
|
||||
# next line is important
|
||||
- "traefik.http.routers.${STACK_NAME}.middlewares=error-pages-middleware"
|
||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
|
||||
|
||||
@ -10,6 +10,5 @@ services:
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.services.traefik.loadbalancer.server.port=web"
|
||||
- "traefik.http.routers.traefik.entrypoints=web-secure"
|
||||
- "traefik.http.routers.traefik.service=api@internal"
|
||||
- "coop-cloud.${STACK_NAME}.app.version=v2.4.9-be23e1f6"
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
- "traefik.http.routers.${STACK_NAME}.service=api@internal"
|
||||
|
||||
@ -5,6 +5,9 @@ services:
|
||||
app:
|
||||
deploy:
|
||||
labels:
|
||||
- "traefik.http.routers.traefik.middlewares=keycloak@file"
|
||||
- "traefik.http.routers.${STACK_NAME}.middlewares=keycloak@file"
|
||||
environment:
|
||||
- KEYCLOAK_MIDDLEWARE_ENABLED
|
||||
- KEYCLOAK_TFA_SERVICE
|
||||
- KEYCLOAK_MIDDLEWARE_2_ENABLED
|
||||
- KEYCLOAK_TFA_SERVICE_2
|
||||
|
||||
7
compose.matrix.yml
Normal file
7
compose.matrix.yml
Normal file
@ -0,0 +1,7 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- MATRIX_FEDERATION_ENABLED
|
||||
ports:
|
||||
- "8448:8448"
|
||||
9
compose.minio.yml
Normal file
9
compose.minio.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- MINIO_CONSOLE_ENABLED
|
||||
ports:
|
||||
- "9001:9001"
|
||||
18
compose.yml
18
compose.yml
@ -3,7 +3,7 @@ version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
image: "traefik:v2.5.2"
|
||||
image: "traefik:v2.9.6"
|
||||
# Note(decentral1se): *please do not* add any additional ports here.
|
||||
# Doing so could break new installs with port conflicts. Please use
|
||||
# the usual `compose.$app.yml` approach for any additional ports
|
||||
@ -40,14 +40,14 @@ services:
|
||||
order: start-first
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.services.traefik.loadbalancer.server.port=web"
|
||||
- "traefik.http.routers.traefik.rule=Host(`${DOMAIN}`)"
|
||||
- "traefik.http.routers.traefik.entrypoints=web-secure"
|
||||
- "traefik.http.routers.traefik.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- "traefik.http.routers.traefik.tls.options=default@file"
|
||||
- "traefik.http.routers.traefik.service=api@internal"
|
||||
- "traefik.http.routers.traefik.middlewares=security@file"
|
||||
- "coop-cloud.${STACK_NAME}.version=1.0.0+v2.5.2"
|
||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=web"
|
||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.options=default@file"
|
||||
- "traefik.http.routers.${STACK_NAME}.service=api@internal"
|
||||
- "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
|
||||
- "coop-cloud.${STACK_NAME}.version=2.0.3+v2.9.6"
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
|
||||
@ -4,7 +4,15 @@ http:
|
||||
{{ if eq (env "KEYCLOAK_MIDDLEWARE_ENABLED") "1" }}
|
||||
keycloak:
|
||||
forwardAuth:
|
||||
address: "http://traefik-forward-auth:4181"
|
||||
address: "http://{{ env "KEYCLOAK_TFA_SERVICE" }}:4181"
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-Forwarded-User
|
||||
{{ end }}
|
||||
{{ if eq (env "KEYCLOAK_MIDDLEWARE_2_ENABLED") "1" }}
|
||||
keycloak2:
|
||||
forwardAuth:
|
||||
address: "http://{{ env "KEYCLOAK_TFA_SERVICE_2" }}:4181"
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-Forwarded-User
|
||||
|
||||
@ -1,6 +0,0 @@
|
||||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"extends": [
|
||||
"config:base"
|
||||
]
|
||||
}
|
||||
@ -54,10 +54,18 @@ entrypoints:
|
||||
mumble-udp:
|
||||
address: ":64738/udp"
|
||||
{{ end }}
|
||||
{{ if eq (env "COMPY_ENABLED") "1" }}
|
||||
compy:
|
||||
address: ":9999"
|
||||
{{ end }}
|
||||
{{ if eq (env "METRICS_ENABLED") "1" }}
|
||||
metrics:
|
||||
address: ":8082"
|
||||
{{ end }}
|
||||
{{ if eq (env "MATRIX_FEDERATION_ENABLED") "1" }}
|
||||
matrix-federation:
|
||||
address: ":9001"
|
||||
{{ end }}
|
||||
|
||||
ping:
|
||||
entryPoint: web
|
||||
@ -94,5 +102,5 @@ certificatesResolvers:
|
||||
provider: {{ (env "LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER") }}
|
||||
resolvers:
|
||||
- "1.1.1.1:53"
|
||||
- "8.8.8.8:53"
|
||||
- "9.9.9.9:53"
|
||||
{{ end }}
|
||||
|
||||
Reference in New Issue
Block a user