forked from coop-cloud/traefik
Compare commits
11 Commits
2.7.0+v2.1
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
| 51099c5ca0 | |||
| 8cce1b7ff7 | |||
| b9cbc9ba92 | |||
| d5f36255fe | |||
| b836d441f5 | |||
| 8de23fd652 | |||
| 6133be7830 | |||
| 5803d05532 | |||
| 0ace5037db | |||
| 9e2d000d12 | |||
| d4f1c6b45c |
10
.env.sample
10
.env.sample
@ -42,10 +42,16 @@ COMPOSE_FILE="compose.yml"
|
|||||||
|
|
||||||
## Gandi, https://gandi.net
|
## Gandi, https://gandi.net
|
||||||
## note(3wc): only "V5" (new) API is supported, so far
|
## note(3wc): only "V5" (new) API is supported, so far
|
||||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.gandi.yml"
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.gandi-api-key.yml"
|
||||||
#GANDI_ENABLED=1
|
#GANDI_API_KEY_ENABLED=1
|
||||||
#SECRET_GANDIV5_API_KEY_VERSION=v1
|
#SECRET_GANDIV5_API_KEY_VERSION=v1
|
||||||
|
|
||||||
|
## Gandi, https://gandi.net
|
||||||
|
## note: uses GandiV5 Personal Access Token
|
||||||
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.gandi-personal-access-token.yml"
|
||||||
|
#GANDI_PERSONAL_ACCESS_TOKEN_ENABLED=1
|
||||||
|
#SECRET_GANDIV5_PERSONAL_ACCESS_TOKEN_VERSION=v1
|
||||||
|
|
||||||
## DigitalOcean, https://digitalocean.com
|
## DigitalOcean, https://digitalocean.com
|
||||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.digitalocean.yml"
|
#COMPOSE_FILE="$COMPOSE_FILE:compose.digitalocean.yml"
|
||||||
#DIGITALOCEAN_ENABLED=1
|
#DIGITALOCEAN_ENABLED=1
|
||||||
|
|||||||
@ -40,8 +40,10 @@ Letsencrypt DNS challenges.
|
|||||||
`SECRET_GANDIV5_API_KEY_VERSION`
|
`SECRET_GANDIV5_API_KEY_VERSION`
|
||||||
4. Generate an API key for your provider
|
4. Generate an API key for your provider
|
||||||
5. Run `abra app secret insert YOURAPPDOMAIN SECRETNAME v1 SECRETVALUE`, where
|
5. Run `abra app secret insert YOURAPPDOMAIN SECRETNAME v1 SECRETVALUE`, where
|
||||||
`SECRETNAME` is from the compose file (e.g. `compose.gandi.yml`) e.g.
|
`SECRETNAME` is from the compose file (e.g. `compose.gandi-api-key.yml`) e.g.
|
||||||
`gandiv5_api_key` and `SECRETVALUE` is the API key.
|
`gandiv5_api_key` and `SECRETVALUE` is the API key.
|
||||||
|
- For Gandi, you can use either the deprecated API Key or a GandiV5 Personal
|
||||||
|
Access Token, in which case use compose.gandi-personal-access-token.yml.
|
||||||
6. Redeploy Traefik, using e.g. `abra app deploy YOURAPPDOMAIN -f`
|
6. Redeploy Traefik, using e.g. `abra app deploy YOURAPPDOMAIN -f`
|
||||||
|
|
||||||
[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
|
[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra
|
||||||
|
|||||||
15
compose.gandi-personal-access-token.yml
Normal file
15
compose.gandi-personal-access-token.yml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
environment:
|
||||||
|
- GANDIV5_PERSONAL_ACCESS_TOKEN_FILE=/run/secrets/gandiv5_personal_access_token
|
||||||
|
- LETS_ENCRYPT_DNS_CHALLENGE_ENABLED
|
||||||
|
- LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER
|
||||||
|
secrets:
|
||||||
|
- gandiv5_personal_access_token
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
gandiv5_personal_access_token:
|
||||||
|
name: ${STACK_NAME}_gandiv5_personal_access_token_${SECRET_GANDIV5_PERSONAL_ACCESS_TOKEN_VERSION}
|
||||||
|
external: true
|
||||||
@ -3,7 +3,7 @@ version: "3.8"
|
|||||||
|
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
image: "traefik:v2.11.8"
|
image: "traefik:v2.11.10"
|
||||||
# Note(decentral1se): *please do not* add any additional ports here.
|
# Note(decentral1se): *please do not* add any additional ports here.
|
||||||
# Doing so could break new installs with port conflicts. Please use
|
# Doing so could break new installs with port conflicts. Please use
|
||||||
# the usual `compose.$app.yml` approach for any additional ports
|
# the usual `compose.$app.yml` approach for any additional ports
|
||||||
@ -47,11 +47,11 @@ services:
|
|||||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||||
- "traefik.http.routers.${STACK_NAME}.service=api@internal"
|
- "traefik.http.routers.${STACK_NAME}.service=api@internal"
|
||||||
- "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
|
- "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
|
||||||
- "coop-cloud.${STACK_NAME}.version=2.7.0+v2.11.8"
|
- "coop-cloud.${STACK_NAME}.version=2.8.0+v2.11.10"
|
||||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||||
|
|
||||||
socket-proxy:
|
socket-proxy:
|
||||||
image: lscr.io/linuxserver/socket-proxy:1.26.1-r0-ls15
|
image: lscr.io/linuxserver/socket-proxy:1.26.2-r0-ls26
|
||||||
environment:
|
environment:
|
||||||
- ALLOW_START=0
|
- ALLOW_START=0
|
||||||
- ALLOW_STOP=0
|
- ALLOW_STOP=0
|
||||||
|
|||||||
@ -7,10 +7,14 @@ export OVH_CONSUMER_KEY=$(cat "$OVH_CONSUMER_KEY_FILE")
|
|||||||
export OVH_APPLICATION_SECRET=$(cat "$OVH_APPLICATION_SECRET_FILE")
|
export OVH_APPLICATION_SECRET=$(cat "$OVH_APPLICATION_SECRET_FILE")
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
{{ if eq (env "GANDI_ENABLED") "1" }}
|
{{ if eq (env "GANDI_API_KEY_ENABLED") "1" }}
|
||||||
export GANDIV5_API_KEY=$(cat "$GANDIV5_API_KEY_FILE")
|
export GANDIV5_API_KEY=$(cat "$GANDIV5_API_KEY_FILE")
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
|
{{ if eq (env "GANDI_PERSONAL_ACCESS_TOKEN_ENABLED") "1" }}
|
||||||
|
export GANDIV5_PERSONAL_ACCESS_TOKEN=$(cat "$GANDIV5_PERSONAL_ACCESS_TOKEN_FILE")
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
{{ if eq (env "DIGITALOCEAN_ENABLED") "1" }}
|
{{ if eq (env "DIGITALOCEAN_ENABLED") "1" }}
|
||||||
export DO_AUTH_TOKEN=$(cat "$DO_AUTH_TOKEN_FILE")
|
export DO_AUTH_TOKEN=$(cat "$DO_AUTH_TOKEN_FILE")
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|||||||
1
release/2.8.0+v2.11.10
Normal file
1
release/2.8.0+v2.11.10
Normal file
@ -0,0 +1 @@
|
|||||||
|
Important Security Update! https://nvd.nist.gov/vuln/detail/CVE-2024-45410
|
||||||
Reference in New Issue
Block a user