+++ /dev/null
-services:
- code-server:
- container_name: code-server
- image: lscr.io/linuxserver/code-server:latest
- restart: unless-stopped
- #ports:
- # - 8443:8443
- environment:
- - TZ=${DOCKER_TZ}
- - PUID=1000
- - PGID=1000
- #- PASSWORD=password #optional
- # printf 'thisismypassword' | sha256sum | cut -d' ' -f1
- - HASHED_PASSWORD=5e2f4cae5d297d554b8a1840abd59bab2bfa93254081d733000deefbfb102c15
- #- SUDO_PASSWORD=password #optional
- - SUDO_PASSWORD_HASH=6dcd8d81529b070e3551b7615fc8573e58e9ad7dc7b4a94597ca801bc0e43d27
- - PROXY_DOMAIN=code.giorgioravera.it
- - DEFAULT_WORKSPACE=/config/workspace
- volumes:
- - ${DOCKER_CFG_DIR}/code-server:/config
- networks:
- - proxy
- labels:
- - "traefik.enable=true"
- # Router: HTTP
- - "traefik.http.routers.code-server.entrypoints=http"
- - "traefik.http.routers.code-server.rule=Host(`code.giorgioravera.it`)"
- #- "traefik.http.routers.code-server.service=code-server"
- - "traefik.http.routers.code-server.middlewares=code-server-https-redirect"
- # Router: HTTPS
- - "traefik.http.routers.code-server-secure.entrypoints=https"
- - "traefik.http.routers.code-server-secure.rule=Host(`code.giorgioravera.it`)"
- - "traefik.http.routers.code-server-secure.tls=true"
- - "traefik.http.routers.code-server-secure.service=code-server"
- # Middlewares: Redirect http to https
- - "traefik.http.middlewares.code-server-https-redirect.redirectscheme.scheme=https"
- # Services: Loadbalancer
- - "traefik.http.services.code-server.loadbalancer.server.port=8443"
-
-networks:
- proxy:
- external: true
- PGID=1000
volumes:
- /mnt/download/complete:/srv
- - ${DOCKER_CFG_DIR}/download/filebrowser/filebrowser.db:/database.db
- - ${DOCKER_CFG_DIR}/download/filebrowser/filebrowser.json:/.filebrowser.json
+ - ${DOCKER_CFG_DIR}/download/filebrowser/database:/database
+ - ${DOCKER_CFG_DIR}/download/filebrowser/config:/config
networks:
- proxy
healthcheck:
--- /dev/null
+services:
+ openvscode-server:
+ container_name: openvscode-server
+ image: lscr.io/linuxserver/openvscode-server:latest
+ restart: unless-stopped
+ #ports:
+ # - 3000:3000
+ environment:
+ - TZ=${DOCKER_TZ}
+ - PUID=1000
+ - PGID=1000
+ #- CONNECTION_TOKEN=supersecrettoken #optional
+ - CONNECTION_SECRET=/token
+ #- SUDO_PASSWORD=password #optional
+ #- SUDO_PASSWORD_HASH=$$2a$$12$$XJrWUkkJ/q9T/LbuH2Uw4OHrv0Ne1Ptc80WcEfOzAMOPsJbl.xiH2
+ - PROXY_DOMAIN=code.giorgioravera.it
+ - DEFAULT_WORKSPACE=/config/workspace
+ volumes:
+ - ${DOCKER_CFG_DIR}/openvscode-server/config:/config
+ - ${DOCKER_CFG_DIR}/openvscode-server/token:/token
+ # Projects
+ - ${DOCKER_CFG_DIR}/homeassistant:/homeassistant
+ networks:
+ - proxy
+ labels:
+ - "traefik.enable=true"
+ # Router: HTTP
+ - "traefik.http.routers.openvscode-server.entrypoints=http"
+ - "traefik.http.routers.openvscode-server.rule=Host(`code.giorgioravera.it`)"
+ #- "traefik.http.routers.openvscode-server.service=openvscode-server"
+ #- "traefik.http.routers.openvscode-server.middlewares=openvscode-server-auth-passwd"
+ #- "traefik.http.routers.openvscode-server.middlewares=openvscode-server-auth-ldap"
+ - "traefik.http.routers.openvscode-server.middlewares=openvscode-server-https-redirect"
+ # Router: HTTPS
+ - "traefik.http.routers.openvscode-server-secure.entrypoints=https"
+ - "traefik.http.routers.openvscode-server-secure.rule=Host(`code.giorgioravera.it`)"
+ - "traefik.http.routers.openvscode-server-secure.tls=true"
+ - "traefik.http.routers.openvscode-server-secure.service=openvscode-server"
+ #- "traefik.http.routers.openvscode-server-secure.middlewares=openvscode-server-passwd"
+ - "traefik.http.routers.openvscode-server-secure.middlewares=openvscode-server-auth-ldap"
+ # Middlewares: Redirect http to https
+ - "traefik.http.middlewares.openvscode-server-https-redirect.redirectscheme.scheme=https"
+ # Middlewares: Passwd Auth
+ #- "traefik.http.middlewares.openvscode-server-auth-passwd.basicauth.usersfile=/passwd/openvscode"
+ # Middlewares: LDAP Auth
+ - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.enabled=true"
+ - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.url=ldaps://ldap.giorgioravera.it"
+ - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.port=636"
+ - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.useTLS=true"
+ - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.baseDN=ou=Users,dc=giorgioravera,dc=it"
+ - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.attribute=uid"
+ # Services: Loadbalancer
+ - "traefik.http.services.openvscode-server.loadbalancer.server.port=3000"
+
+networks:
+ proxy:
+ external: true
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.rule=Host(`traefik.giorgioravera.it`)"
#- "traefik.http.routers.traefik.service=api@internal"
- - "traefik.http.routers.traefik.middlewares=traefik-auth"
+ #- "traefik.http.routers.traefik.middlewares=traefik-auth-passwd"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
# Router: HTTPS
- "traefik.http.routers.traefik-secure.entrypoints=https"
- "traefik.http.routers.traefik-secure.rule=Host(`traefik.giorgioravera.it`)"
- "traefik.http.routers.traefik-secure.tls=true"
- "traefik.http.routers.traefik-secure.service=api@internal"
- - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
+ - "traefik.http.routers.traefik-secure.middlewares=traefik-auth-passwd"
# Middlewares: Redirect http to https
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- - "traefik.http.middlewares.traefik-auth.basicauth.usersfile=/passwd"
+ # Middlewares: Passwd Auth
+ - "traefik.http.middlewares.traefik-auth-passwd.basicauth.usersfile=/passwd/traefik"
# Services: Loadbalancer
- - "traefik.http.services.workaround.loadbalancer.server.port=9999"
+ #- "traefik.http.services.workaround.loadbalancer.server.port=9999"
+ - "traefik.http.services.traefik.loadbalancer.server.port=9999"
--- /dev/null
+services:
+ traefik:
+ container_name: traefik
+ image: traefik:latest
+ command:
+ # Enable Hub communication (open the port 9900 and 9901 by default)
+ - --experimental.hub=true
+ - --hub.tls.insecure=true
+ - --metrics.prometheus.addrouterslabels=true
+# - --api
+# - --api.dashboard
+# - --entrypoints.http.address=:80
+# - --entrypoints.https.address=:443
+# - --providers.docker=true
+# - --providers.file.watch=true
+# - --log.level=DEBUG
+ restart: always
+ #ports:
+ # - 80:80
+ # - 443:443
+ environment:
+ - TZ=${DOCKER_TZ}
+ volumes:
+ - ${DOCKER_CFG_DIR}/traefik/traefik.yml:/traefik.yml:ro
+ - ${DOCKER_CFG_DIR}/traefik/passwd:/passwd
+ #- ${DOCKER_CFG_DIR}/traefik/acme.json:/acme.json
+ - ${DOCKER_CFG_DIR}/traefik/config:/config
+ - ${DOCKER_CFG_DIR}/traefik/traefik.log:/traefik.log
+ - ${DOCKER_CFG_DIR}/traefik/access.log:/access.log
+ - /etc/ssl/giorgioravera.it/fullchain.pem:/certs/fullchain.pem
+ - /etc/ssl/giorgioravera.it/privkey.pem:/certs/privkey.pem
+ - /var/run/docker.sock:/var/run/docker.sock
+ network_mode: host
+ labels:
+ - "traefik.enable=true"
+ # Router: HTTP
+ - "traefik.http.routers.traefik.entrypoints=http"
+ - "traefik.http.routers.traefik.rule=Host(`traefik.giorgioravera.it`)"
+ #- "traefik.http.routers.traefik.service=api@internal"
+ - "traefik.http.routers.traefik.middlewares=traefik-auth"
+ - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
+ # Router: HTTPS
+ - "traefik.http.routers.traefik-secure.entrypoints=https"
+ - "traefik.http.routers.traefik-secure.rule=Host(`traefik.giorgioravera.it`)"
+ - "traefik.http.routers.traefik-secure.tls=true"
+ - "traefik.http.routers.traefik-secure.service=api@internal"
+ - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
+ # Middlewares: Redirect http to https
+ - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
+ - "traefik.http.middlewares.traefik-auth.basicauth.usersfile=/passwd"
+ # Services: Loadbalancer
+ - "traefik.http.services.workaround.loadbalancer.server.port=9999"
+
+ # Start the agent with the latest version
+ hub-agent:
+ container_name: hub-agent
+ image: ghcr.io/traefik/hub-agent-traefik:v1.0.0
+ command:
+ - run
+ - --hub.token=efabfa58-21b6-489c-8d5d-da82f64e5f73
+ - --auth-server.advertise-url=http://hub-agent
+ - --traefik.host=traefik
+ - --traefik.tls.insecure=true
+ restart: "on-failure"
+ environment:
+ - TZ=${DOCKER_TZ}
+ volumes:
+ - /var/run/docker.sock:/var/run/docker.sock
+ depends_on:
+ - traefik
+ network_mode: host
+ labels:
+ - "traefik.enable=false"
+
+++ /dev/null
-version: '3'
-
-services:
- orchestra:
- container_name: XO_server
- image: ezka77/xen-orchestra-ce:latest
- restart: always
- ports:
- - "8000:8000"
- depends_on:
- - redis
- environment:
- - DEBUG=xo:main
- - NODE_ENV=production
- - XOA_PLAN=5
- - TZ=${DOCKER_TZ}
- #privileged: true
- # SYS_ADMIN should be enough capability to use NFS mount
- cap_add:
- - SYS_ADMIN
- volumes:
- - ${DOCKER_CFG_DIR}/xen-orchestra-ce/xo-data:/storage
- networks:
- - proxy
- logging: &default_logging
- driver: "json-file"
- options:
- max-size: "1M"
- max-file: "2"
- healthcheck:
- disable: true
- labels:
- - "traefik.enable=true"
- # Router: HTTP
- - "traefik.http.routers.xoa.entrypoints=http"
- - "traefik.http.routers.xoa.rule=Host(`xoa.giorgioravera.it`)"
- #- "traefik.http.routers.xoa.service=xoa"
- - "traefik.http.routers.xoa.middlewares=xoa-https-redirect"
- # Router: HTTPS
- - "traefik.http.routers.xoa-secure.entrypoints=https"
- - "traefik.http.routers.xoa-secure.rule=Host(`xoa.giorgioravera.it`)"
- - "traefik.http.routers.xoa-secure.tls=true"
- - "traefik.http.routers.xoa-secure.service=xoa"
- # Middlewares: Redirect http to https
- - "traefik.http.middlewares.xoa-https-redirect.redirectscheme.scheme=https"
- # Services: Loadbalancer
- - "traefik.http.services.xoa.loadbalancer.server.port=8000"
-
- redis:
- container_name: XO_redis
- image: redis:alpine
- command: redis-server --appendonly yes
- restart: always
- environment:
- - TZ=${DOCKER_TZ}
- volumes:
- - ${DOCKER_CFG_DIR}/xen-orchestra-ce/redis-data:/data
- networks:
- - proxy
- logging:
- <<: *default_logging
-
-networks:
- proxy:
- external: true
projects / docker.git / commitdiff