feat: Increased timeout length to allow for registry container pushses

FEAT: Added matarius web app
Merged in Master
2025-08-14 01:32:00 +01:00 · 2025-06-18 19:45:05 +01:00 · 2025-05-30 20:51:59 +01:00 · 2025-05-30 18:54:29 +01:00 · 2025-05-30 18:44:26 +01:00 · 2025-05-30 00:38:19 +01:00
22 changed files with 402 additions and 100 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,9 @@
 # Allow docker-compose.yml
 !**/docker-compose.yml
 !/*
 # Allow assets folder
 !assets/**
 # Don't allow .env files, just env-exmaple files
 !.env-example
--- a/Database/docker-compose.yml
+++ b/Database/docker-compose.yml
@@ -8,49 +8,19 @@ services:
    container_name: mongoDB
    volumes:
      - ./mongo/:/data/db
-    ports:
+    networks:
-      - "27017:27017"
+      - proxy
    labels:
      - "traefik.enable=true"
      - "traefik.tcp.routers.mongodb.rule=HostSNI(`*`)"
      - "traefik.tcp.routers.mongodb.entrypoints=mongo"
      - "traefik.tcp.routers.mongodb.service=mongodb"
      - "traefik.tcp.services.mongodb.loadbalancer.server.port=27017"
    environment:
      MONGO_INITDB_ROOT_USERNAME: root
      MONGO_INITDB_ROOT_PASSWORD: rootpassword
    restart: unless-stopped
 #MySQL (3306) + phpMyAdmin ()
  mysql:
    image: "mysql"
    container_name: MySQL
    volumes: 
      - ./mysql/:/var/lib/mysql
    ports:
      - "3306:3306"
    environment:
      MYSQL_ROOT_PASSWORD: rootpassword
      MYSQL_DATABASE: test_db
    restart: unless-stopped
  phpMyAdmin:
    image: "phpmyadmin/phpmyadmin:latest"
    container_name: phpMyAdmin
    networks:
      - proxy
    depends_on:
      - mysql
    environment:
      PMA_HOST: mysql
    labels:
      ## Expose phpMyAdmin Through Trefik ##
      - "traefik.enable=true" # <== Enable traefik to proxy this container
      - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
      - "traefik.http.routers.phpmyadmin-insecure.middlewares=redirect-web-secure"
      - "traefik.http.routers.phpmyadmin-insecure.rule=Host(`mysql.luke-else.co.uk`)"
      - "traefik.http.routers.phpmyadmin-insecure.entrypoints=web"
      - "traefik.http.routers.phpmyadmin.rule=Host(`mysql.luke-else.co.uk`)"
      - "traefik.http.routers.phpmyadmin.entrypoints=websecure"
      - "traefik.http.routers.phpmyadmin.tls.certresolver=myresolver"
    restart: unless-stopped
 networks:
  proxy:
    external: true
--- a/Development/Gitea/docker-compose.yml
+++ b/Development/Gitea/docker-compose.yml
@@ -32,6 +32,13 @@ services:
      ## Expose Gitea Through Trefik ##
      - "traefik.enable=true" # <== Enable traefik to proxy this container
      - "traefik.http.middlewares.cors-gitea.headers.accesscontrolallowmethods=*"
      - "traefik.http.middlewares.cors-gitea.headers.accesscontrolalloworiginlist=*"
      - "traefik.http.middlewares.cors-gitea.headers.addvaryheader=true"
      - "traefik.http.middlewares.cors-gitea.headers.accesscontrolallowcredentials=true"
      - "traefik.http.middlewares.cors-gitea.headers.accesscontrolallowheaders=Content-Type,Authorization"
      - "traefik.http.middlewares.cors-gitea.headers.accesscontrolmaxage=100"
      - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
      - "traefik.http.routers.gitea-insecure.middlewares=redirect-web-secure"
      - "traefik.http.routers.gitea-insecure.rule=Host(`git.luke-else.co.uk`)"
@@ -41,6 +48,7 @@ services:
      - "traefik.http.routers.gitea.rule=Host(`git.luke-else.co.uk`)"
      - "traefik.http.routers.gitea.entrypoints=websecure"
      - "traefik.http.routers.gitea.tls.certresolver=myresolver"
      - "traefik.http.routers.gitea.middlewares=cors-gitea"
    restart: unless-stopped
 networks:
--- a/Development/Runners/config.yaml
+++ b/Development/Runners/config.yaml
--- a/Development/Runners/docker-compose.yml
+++ b/Development/Runners/docker-compose.yml
@@ -12,7 +12,7 @@ services:
      - proxy
    environment:
      CONFIG_FILE: /config.yaml
-      GITEA_INSTANCE_URL: "git.luke-else.co.uk"
+      GITEA_INSTANCE_URL: "https://git.luke-else.co.uk"
      GITEA_RUNNER_REGISTRATION_TOKEN: "INSERT REGISTRATION TOKEN"
      GITEA_RUNNER_NAME: "CICD"
    labels:
--- a/Misc/docker-compose.yml
+++ b/Misc/docker-compose.yml
@@ -1,12 +1,11 @@
 version: '3.8'
 services:
  #Status Page ()
  status:
    image: louislam/uptime-kuma:latest
    container_name: status
    volumes:
-      - ./data:/app/data
+      - ./uptime-kuma/data:/app/data
    networks:
      - proxy
    labels:
@@ -23,6 +22,32 @@ services:
      - "traefik.http.routers.status.tls.certresolver=myresolver"
    restart: unless-stopped
  portainer:
      image: portainer/portainer-ce:latest
      container_name: portainer
      security_opt:
        - no-new-privileges:true
      volumes:
        - /etc/localtime:/etc/localtime:ro
        - /var/run/docker.sock:/var/run/docker.sock:ro
        - ./portainer-data:/data
      networks:
        - proxy
      labels:
        ## Expose portainer Through Trefik ##
        - "traefik.enable=true" # <== Enable traefik to proxy this container
        - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
        - "traefik.http.routers.portainer-insecure.middlewares=redirect-web-secure"
        - "traefik.http.routers.portainer-insecure.rule=Host(`portainer.luke-else.co.uk`)"
        - "traefik.http.routers.portainer-insecure.entrypoints=web"
        - "traefik.http.routers.portainer.rule=Host(`portainer.luke-else.co.uk`)"
        - "traefik.http.services.portainer.loadbalancer.server.port=9000"
        - "traefik.http.routers.portainer.entrypoints=websecure"
        - "traefik.http.routers.portainer.tls.certresolver=myresolver"
      restart: unless-stopped
 networks:
  proxy:
    external: true
--- a/Tracking/docker-compose.yml
+++ b/Tracking/docker-compose.yml
@@ -0,0 +1,54 @@
 version: '3.8'
 services:
  ackee:
    image: electerious/ackee
    container_name: ackee
    environment:
      - WAIT_HOSTS=mongo:27017
      - ACKEE_MONGODB=mongodb://mongo-ackee:27017/ackee
    env_file:
      - .env
    expose:
      - 3000
    networks:
      - tracking
      - proxy
    labels:
      ## Expose Ackee Through Trefik ##
      - "traefik.enable=true" # <== Enable traefik to proxy this container
      # Enable CORS headers
      - "traefik.http.middlewares.cors-tracking.headers.accesscontrolallowmethods=*"
      - "traefik.http.middlewares.cors-tracking.headers.accesscontrolalloworiginlist=https://luke-else.co.uk"
      - "traefik.http.middlewares.cors-tracking.headers.accesscontrolallowcredentials=true"
      - "traefik.http.middlewares.cors-tracking.headers.accesscontrolallowheaders=Content-Type,Authorization"
      - "traefik.http.middlewares.cors-tracking.headers.addvaryheader=true"
      - "traefik.http.middlewares.cors-tracking.headers.accesscontrolmaxage=100"
      - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
      - "traefik.http.routers.ackee-insecure.middlewares=redirect-web-secure"
      - "traefik.http.routers.ackee-insecure.rule=Host(`tracking.luke-else.co.uk`)"
      - "traefik.http.routers.ackee-insecure.entrypoints=web"
      - "traefik.http.routers.ackee.rule=Host(`tracking.luke-else.co.uk`)"
      - "traefik.http.routers.ackee.entrypoints=websecure"
      - "traefik.http.routers.ackee.tls.certresolver=myresolver"
      - "traefik.http.routers.ackee.middlewares=cors-tracking"
    depends_on:
      - mongo
    restart: unless-stopped
  mongo:
    image: mongo
    container_name: mongo-ackee
    volumes:
      - ./data:/data/db
    networks:
      - tracking
    restart: unless-stopped
 networks:
  proxy:
    external: true
  tracking:
--- a/Traefik/docker-compose.yml
+++ b/Traefik/docker-compose.yml
@@ -9,12 +9,18 @@ services:
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.mongo.address=:27017"
      - "--entrypoints.web.transport.respondingTimeouts.readTimeout=120s"
      - "--entrypoints.websecure.transport.respondingTimeouts.readTimeout=120s"
      - "--entrypoints.web.transport.respondingTimeouts.writeTimeout=120s"
      - "--entrypoints.websecure.transport.respondingTimeouts.writeTimeout=120s"
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
      - "--certificatesresolvers.myresolver.acme.email=contact@luke-else.co.uk"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
      - "27017:27017"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
--- a/TraefikRunner/docker-compose.yml
+++ b/TraefikRunner/docker-compose.yml
@@ -0,0 +1,41 @@
 version: "3.8"
 services:
  traefik:
    image: "traefik:latest"
    container_name: "traefik"
    command:
      - "--api.dashboard=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
      - "--certificatesresolvers.myresolver.acme.email=contact@luke-else.co.uk"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    networks:
      - proxy
    labels:
      - "traefik.enable=true"
      - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
      - "traefik.http.routers.traefik-insecure.middlewares=redirect-web-secure"
      - "traefik.http.routers.traefik-insecure.rule=Host(`traefik.cicd.luke-else.co.uk`)"
      - "traefik.http.routers.traefik-insecure.entrypoints=web"
      - "traefik.http.routers.traefik.rule=Host(`traefik.cicd.luke-else.co.uk`)"
      - "traefik.http.routers.traefik.entrypoints=websecure"
      - "traefik.http.routers.traefik.service=api@internal"
      - "traefik.http.routers.traefik.tls.certresolver=myresolver" 
      - "traefik.http.routers.traefik.middlewares=traefik-auth"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$2y$$05$$s/vPphFtSO2fWJR7SYkEb.90UwPDRM3aOKqgOF/rme/3fUQ5tvpTS"
    restart: unless-stopped
 networks:
  proxy:
    name: proxy
--- a/TraefikVPN/docker-compose.yml
+++ b/TraefikVPN/docker-compose.yml
@@ -0,0 +1,41 @@
 version: "3.8"
 services:
  traefik:
    image: "traefik:latest"
    container_name: "traefik"
    command:
      - "--api.dashboard=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
      - "--certificatesresolvers.myresolver.acme.email=contact@luke-else.co.uk"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    networks:
      - proxy
    labels:
      - "traefik.enable=true"
      - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
      - "traefik.http.routers.traefik-insecure.middlewares=redirect-web-secure"
      - "traefik.http.routers.traefik-insecure.rule=Host(`traefik.vpn.luke-else.co.uk`)"
      - "traefik.http.routers.traefik-insecure.entrypoints=web"
      - "traefik.http.routers.traefik.rule=Host(`traefik.vpn.luke-else.co.uk`)"
      - "traefik.http.routers.traefik.entrypoints=websecure"
      - "traefik.http.routers.traefik.service=api@internal"
      - "traefik.http.routers.traefik.tls.certresolver=myresolver" 
      - "traefik.http.routers.traefik.middlewares=traefik-auth"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$2y$$05$$s/vPphFtSO2fWJR7SYkEb.90UwPDRM3aOKqgOF/rme/3fUQ5tvpTS"
    restart: unless-stopped
 networks:
  proxy:
    name: proxy
--- a/VPN/docker-compose.yml
+++ b/VPN/docker-compose.yml
@@ -0,0 +1,25 @@
 version: "3.8"
 services:
  dockovpn:
    image: alekslitvinenk/openvpn
    cap_add:
        - NET_ADMIN
    ports:
        - 1194:1194/udp # Expose tcp if you defined HOST_TUN_PROTOCOL=tcp
    environment:
        HOST_ADDR: vpn.luke-else.co.uk # Your VPN server address 
    volumes:
        - ./openvpn_conf:/opt/Dockovpn_data
    labels:
      ## Expose vpn Through Trefik ##
      - "traefik.enable=true" # <== Enable traefik to proxy this container
      - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
      - "traefik.http.routers.vpn-insecure.middlewares=redirect-web-secure"
      - "traefik.http.routers.vpn-insecure.rule=Host(`vpn.luke-else.co.uk`)"
      - "traefik.http.routers.vpn-insecure.entrypoints=web"
      - "traefik.http.routers.vpn.rule=Host(`vpn.luke-else.co.uk`)"
      - "traefik.http.routers.vpn.entrypoints=websecure"
      - "traefik.http.routers.vpn.tls.certresolver=myresolver"
    restart: always
--- a/Watchtower/docker-compose.yml
+++ b/Watchtower/docker-compose.yml
@@ -0,0 +1,9 @@
 version: "3.8"
 services:
  watchtower:
    image: containrrr/watchtower
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - WATCHTOWER_CLEANUP=true
      - WATCHTOWER_POLL_INTERVAL=60
--- a/Websites/docker-compose.yml
+++ b/Websites/docker-compose.yml
@@ -2,9 +2,9 @@ version: '3.8'
 services:
-#Websites luke-else.co.uk (8000) snexo.co.uk (8001) wmgzon.luke-else.co.uk (8080)
+#Websites luke-else.co.uk (8000) snexo.co.uk (8001) divine-couture.co.uk (80) wmgzon.luke-else.co.uk (8080)
  luke-else:
-    build: ./luke-else.co.uk
+    image: git.luke-else.co.uk/luke-else/luke-else.co.uk
    container_name: luke-else
    networks:
      - proxy
@@ -22,6 +22,63 @@ services:
      - "traefik.http.routers.personal.tls.certresolver=myresolver"
    restart: unless-stopped
  luke-else-dev:
    image: git.luke-else.co.uk/luke-else/luke-else.co.uk:dev
    container_name: luke-else-dev
    networks:
      - proxy
    labels:
      ## Expose luke-else Through Trefik ##
      - "traefik.enable=true" # <== Enable traefik to proxy this container
      - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
      - "traefik.http.routers.personal-dev-insecure.middlewares=redirect-web-secure"
      - "traefik.http.routers.personal-dev-insecure.rule=Host(`dev.luke-else.co.uk`)"
      - "traefik.http.routers.personal-dev-insecure.entrypoints=web"
      - "traefik.http.routers.personal-dev.rule=Host(`dev.luke-else.co.uk`)"
      - "traefik.http.routers.personal-dev.entrypoints=websecure"
      - "traefik.http.routers.personal-dev.tls.certresolver=myresolver"
    restart: unless-stopped
  metarius:
    image: git.luke-else.co.uk/luke-else/metarius:latest
    container_name: metarius
    networks:
      - proxy
    labels:
      ## Expose metarius Through Trefik ##
      - "traefik.enable=true" # <== Enable traefik to proxy this container
      - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
      - "traefik.http.routers.metarius-insecure.middlewares=redirect-web-secure"
      - "traefik.http.routers.metarius-insecure.rule=Host(`metarius.luke-else.co.uk`)"
      - "traefik.http.routers.metarius-insecure.entrypoints=web"
      - "traefik.http.routers.metarius.rule=Host(`metarius.luke-else.co.uk`)"
      - "traefik.http.routers.metarius.entrypoints=websecure"
      - "traefik.http.routers.metarius.tls.certresolver=myresolver"
    restart: unless-stopped
  divine-couture:
    image: git.luke-else.co.uk/luke-else/divine-couture.co.uk:latest
    container_name: divine-couture
    networks:
      - proxy
    labels:
      ## Expose divine-couture Through Trefik ##
      - "traefik.enable=true" # <== Enable traefik to proxy this container
      - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
      - "traefik.http.routers.divine-couture-insecure.middlewares=redirect-web-secure"
      - "traefik.http.routers.divine-couture-insecure.rule=Host(`www.divine-couture.co.uk`)"
      - "traefik.http.routers.divine-couture-insecure.entrypoints=web"
      - "traefik.http.routers.divine-couture.rule=Host(`www.divine-couture.co.uk`)"
      - "traefik.http.routers.divine-couture.entrypoints=websecure"
      - "traefik.http.routers.divine-couture.tls.certresolver=myresolver"
    restart: unless-stopped
  snexo:
    image: "php:apache"
    container_name: snexo
@@ -43,29 +100,6 @@ services:
      - "traefik.http.routers.snexo.tls.certresolver=myresolver"
    restart: unless-stopped
  wmgzon:
    container_name: "wmgzon"
    image: lukeelse/wmgzon:latest
    tty: true
    volumes:
      - ./files:/app/static/assets/img/products/
      - ./data:/app/data/
    networks:
      - proxy
    labels:
      ## Expose WMGZON Through Trefik ##
      - "traefik.enable=true" # <== Enable traefik to proxy this container
      - "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
      - "traefik.http.routers.wmgzon-insecure.middlewares=redirect-web-secure"
      - "traefik.http.routers.wmgzon-insecure.rule=Host(`wmgzon.luke-else.co.uk`)"
      - "traefik.http.routers.wmgzon-insecure.entrypoints=web"
      - "traefik.http.routers.wmgzon.rule=Host(`wmgzon.luke-else.co.uk`)"
      - "traefik.http.routers.wmgzon.entrypoints=websecure"
      - "traefik.http.routers.wmgzon.tls.certresolver=myresolver"
    restart: unless-stopped
 networks:
  proxy:
    external: true
--- a/assets/images/main.png
+++ b/assets/images/main.png
--- a/cicd-spindown.sh
+++ b/cicd-spindown.sh
@@ -1,11 +1,12 @@
 #Script file for spinning down all CICD relevant docker-containers
    cd ./Development/Runners/
-    docker-compose down
+    docker compose down
    cd ../..
-cd ./Traefik/
+cd ./TraefikRunner/
-docker-compose down
+docker compose down
 cd ..
 docker rmi $(docker images -q)
-docker system prune
+docker system prune -f
 docker volume prune -f
--- a/cicd-spinup.sh
+++ b/cicd-spinup.sh
@@ -1,25 +1,9 @@
 #Script file for spinning up all docker-containers
-cd ./Traefik/
+cd ./TraefikRunner/
-docker-compose pull && docker-compose up -d
+docker compose pull && docker compose up -d
 cd ..
-cd ./Websites/
+    cd ./Development/Runners/
-docker-compose pull && docker-compose up -d
+    docker compose pull && docker compose up -d
 cd ..
    cd ./Development/Gitea/
    docker-compose pull && docker-compose up -d
    cd ../..
 cd ./Database/
 docker-compose pull && docker-compose up -d
 cd ..
 cd ./Bitwarden/
 docker-compose pull && docker-compose up -d
 cd ..
 cd ./Misc/
 docker-compose pull && docker-compose up -d
 cd ..
--- a/main-spindown.sh
+++ b/main-spindown.sh
@@ -4,6 +4,10 @@ cd ./Websites/
 docker-compose down
 cd ..
 cd ./Tracking/
 docker-compose down
 cd ..
    cd ./Development/Gitea/
    docker-compose down
@@ -21,9 +25,14 @@ cd ./Misc/
 docker-compose down
 cd ..
 cd ./Watchtower/
 docker-compose down
 cd ..
 cd ./Traefik/
 docker-compose down
 cd ..
 docker rmi $(docker images -q)
-docker system prune
+docker system prune -f
 docker volume prune -f
--- a/main-spinup.sh
+++ b/main-spinup.sh
@@ -2,16 +2,26 @@
 cd ./Traefik/
 docker-compose pull && docker-compose up -d
 cd ..
 cd ./Websites/
 docker-compose pull && docker-compose up -d
 cd ..
    cd ./Development/Gitea/
    docker-compose pull && docker-compose up -d
    cd ../..
 sleep 20 # Allow Gitea + registry to start up before starting the rest of the services
 cd ./Watchtower/
 docker-compose pull && docker-compose up -d
 cd ..
 cd ./Tracking/
 docker-compose pull && docker-compose up -d
 cd ..
 cd ./Websites/
 docker-compose pull && docker-compose up -d
 cd ..
 cd ./Database/
 docker-compose pull && docker-compose up -d
 cd ..
--- a/readme.md
+++ b/readme.md
@@ -0,0 +1,48 @@
 # Server Repository
 This repository contains various scripts and configurations for managing Docker containers and services.
 <p align="center">
  <img src="assets/images/main.png" width="70%">
 </p>
 ## Scripts
 - `cicd-spindown.sh`: Spins down all CICD relevant Docker containers.
 - `cicd-spinup.sh`: Spins up all CICD relevant Docker containers.
 - `main-spindown.sh`: Spins down all Docker containers.
 - `main-spinup.sh`: Spins up all Docker containers.
 ## Services
 ### Bitwarden
 Configuration for Bitwarden is located in [Bitwarden/docker-compose.yml](Bitwarden/docker-compose.yml).
 ### Database
 Configuration for MongoDB is located in [Database/docker-compose.yml](Database/docker-compose.yml).
 ### Misc
 Configuration for miscellaneous services is located in [Misc/docker-compose.yml](Misc/docker-compose.yml).
 ### Tracking
 Configuration for tracking services is located in [Tracking/docker-compose.yml](Tracking/docker-compose.yml).
 ### Traefik
 Configuration for Traefik is located in [Traefik/docker-compose.yml](Traefik/docker-compose.yml).
 ### TraefikRunner
 Configuration for TraefikRunner is located in [TraefikRunner/docker-compose.yml](TraefikRunner/docker-compose.yml).
 ### Websites
 Configuration for websites is located in [Websites/docker-compose.yml](Websites/docker-compose.yml).
 ## ToDo
 See [todo.md](todo.md) for a list of tasks and configurations that need to be completed.
--- a/todo.md
+++ b/todo.md
@@ -4,18 +4,18 @@
 - Setup non root user
 - UFW should be setup to keep VPS secure and only allow for:
   - https
   - http
   - ssh
   - ftp
   - 27017
   - 3306
 - Install SSH keys
 - Setup unattended upgrades
 - Install docker, docker-compose and apache utils.
-## Traefik
+## Traefik + TraefikRunner + Traefik VPN
 - Setup htaccess -> `echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g`
 - Ensure email address is correct
@@ -28,6 +28,15 @@
 - Ensure that a registration token has been setup before continuing
 ## Tracking
 Create a .env file with the following content:
 ```sh
 ACKEE_USERNAME=luke-else
 ACKEE_PASSWORD=XXX
 ```
 ## Websites
 - Ensure website files are copied over
--- a/vpn-spindown.sh
+++ b/vpn-spindown.sh
@@ -0,0 +1,13 @@
 #Script file for spinning down all CICD relevant docker-containers
 cd ./VPN/
 docker compose down
 cd ..
 cd ./TraefikVPN/
 docker compose down
 cd ..
 docker rmi $(docker images -q)
 docker system prune -f
 docker volume prune -f
--- a/vpn-spinup.sh
+++ b/vpn-spinup.sh
@@ -0,0 +1,9 @@
 #Script file for spinning up all docker-containers
 cd ./TraefikRunner/
 docker compose pull && docker compose up -d
 cd ..
 cd ./VPN/
 docker compose pull && docker compose up -d
 cd ..
Author	SHA1	Message	Date
Luke Else	8976878ba0	feat: Increased timeout length to allow for registry container pushses	2025-08-14 01:32:00 +01:00
Luke Else	fe00c9ee0c	FEAT: Added matarius web app	2025-06-18 19:45:05 +01:00
Luke Else	9c7225e8ef	Merged in Master	2025-05-30 20:51:59 +01:00
Luke Else	b618727280	FEAT: Update cleanup and interval of watchtower	2025-05-30 18:54:29 +01:00
Luke Else	d3b8830cc8	FEAT: Added Watchtower service	2025-05-30 18:44:26 +01:00
Luke Else	98847c4bf3	Removed Meridian.. will try again some point soon	2025-05-30 00:38:19 +01:00
Luke Else	f47c0ed774	Opted to use flighttime contained pushed to docker hub	2025-05-30 00:20:04 +01:00
Luke Else	3dcc017007	Updated install instructions for Meridian	2025-05-30 00:09:11 +01:00
Luke Else	e557ae0152	Added Merdiaan service	2025-05-30 00:06:50 +01:00
Luke Else	aa3d9c4ea2	Added readme items for VPN setup	2025-05-04 17:10:25 +01:00
Luke Else	49b1cd26f4	Added VPN service to list of docker containers	2025-05-04 17:09:07 +01:00
Luke Else	f4b44c7aa7	Changed gitignore to allow image to be seen	2025-03-12 15:11:34 +00:00
Luke Else	ba10482e1a	Updated readme to properly show images	2025-03-12 15:03:20 +00:00
Luke Else	03526e89f6	Added image and readme	2025-03-12 15:00:49 +00:00
Luke Else	b2cf51838e	Cleaned up scripts	2025-03-06 15:12:41 +00:00
Luke Else	6f07648212	Cleaned up scripts	2025-03-06 15:12:21 +00:00
Luke Else	6b82c70d97	Added dev site to server	2025-03-06 14:59:32 +00:00
Luke Else	c02adbb830	Removed Kafka from server	2025-03-06 12:13:35 +00:00
Luke Else	0c2380d9ac	Added content type and auth headers to CORS	2025-02-09 16:46:25 +00:00
Luke Else	ad052fea2d	Added CORS headers to gitea to allow API access	2025-02-09 16:33:42 +00:00
Luke Else	53be537298	Removed TLs from mongo	2025-02-07 13:09:37 +00:00
Luke Else	abacd59331	Removed service line from kafka traefik labels config	2025-02-07 11:37:10 +00:00
Luke Else	99983d8064	change SNI to wildcard	2025-02-07 11:33:30 +00:00
Luke Else	d8460151fe	Added TLS to kafka and mongo services	2025-02-07 11:13:46 +00:00
Luke Else	7ca996ccbb	Updated kafka config to reflect external exposure correctly	2025-02-07 11:03:47 +00:00
Luke Else	a49dd79555	Changed KAFKA listeners address	2025-02-07 10:53:54 +00:00
Luke Else	d1db292328	Added missing kafka port in traefik service	2025-02-07 10:22:28 +00:00
Luke Else	0013aabf12	Changed Advertised listeners to reflect server proxy entrypoint	2025-02-07 10:04:42 +00:00
Luke Else	f23b9ac291	Added entrypoint for kafka	2025-02-06 15:23:31 +00:00
Luke Else	36f2813708	Added kafka service to server	2025-02-06 14:40:06 +00:00
Luke Else	a654276a14	Added missing port to traefik process	2025-02-06 13:15:16 +00:00
Luke Else	5d8760a80f	Exposed mongo through traefik instead of having it handled through raw ports	2025-02-06 11:50:33 +00:00
Luke Else	d8f0e65888	Changed origin back to correct domain	2025-02-03 11:03:59 +00:00
Luke Else	38d5304fdd	Changed allow list to tracking subdomain	2025-02-03 10:56:11 +00:00
Luke Else	080233afa7	Added content type and vary headers to request	2025-02-03 10:49:12 +00:00
Luke Else	38fd80b59b	Added allow credentials to the CORS requests	2025-02-03 10:44:42 +00:00
Luke Else	40832b601d	Removed vary header from request	2025-02-03 10:40:51 +00:00
Luke Else	72903ede51	Changed allow list for CORS	2025-02-03 10:37:47 +00:00
Luke Else	3675c75687	Changed wildcard allow to the correct domain	2025-02-03 10:31:32 +00:00
Luke Else	4501c444d1	Added CORS passthrough for all domains with Ackee	2025-02-03 10:28:42 +00:00
Luke Else	ff01fd4639	Missed off origin allow list for Ackee	2025-02-03 10:22:03 +00:00
Luke Else	5dce096d62	Allow CORS and expose 3000 for ackee	2025-02-03 09:30:45 +00:00
Luke Else	ee7d01edeb	Added Ackee containers to a network	2025-02-03 09:18:39 +00:00
Luke Else	1d79b63862	Added ackee	2025-02-02 17:58:52 +00:00
Luke Else	d4e7748973	Added Ackee Tracking service to server	2025-02-02 17:57:01 +00:00
Luke Else	3f14369230	Removed bin	2025-02-02 11:29:51 +00:00
Luke Else	0cdd63cc07	Corrected broken config	2025-02-02 11:24:28 +00:00
Luke Else	7ded6ca85a	Removed obsidian	2025-02-02 11:22:08 +00:00
Luke Else	09de07b177	Corrected broken compose file	2025-02-02 11:20:33 +00:00
Luke Else	6f3bffe1fb	Added pastebin and removed obsidian	2025-02-02 11:19:56 +00:00
Luke Else	9e1cf178af	Added Obsidian Remote port	2025-02-02 11:10:08 +00:00
Luke Else	137c32330b	Added Obsidian Remote	2025-02-02 11:06:51 +00:00
Luke Else	64f1c349a3	Reverted back to port 9000 for portainer	2025-02-01 17:43:45 +00:00
Luke Else	0e3b1b024c	Corrected invalid port label	2025-02-01 17:42:35 +00:00
Luke Else	e09ac79c6e	Corrected invalid port label	2025-02-01 17:42:26 +00:00
Luke Else	563726d2f3	Added exposure of port 9000	2025-02-01 17:40:11 +00:00
Luke Else	de22bf7196	Updated port for portainer	2025-02-01 17:34:45 +00:00
Luke Else	8a3b599c7c	Moved portainer port assignments	2025-02-01 17:29:34 +00:00
Luke Else	bb96fd2433	Selected different port for traefik to route portainer traffic to	2025-02-01 17:19:12 +00:00
Luke Else	da40ab5dc5	Exposed Portainer through Trefik	2025-02-01 14:46:05 +00:00
Luke Else	a25b0502f4	Added portainer to server	2025-02-01 14:31:30 +00:00
Luke Else	babfad9b78	Updated container registry and launch order	2025-02-01 13:33:49 +00:00
Luke Else	e3f2be7b08	Remvoed WMGZON	2025-02-01 12:38:13 +00:00
Luke Else	be4d4f2b50	Merge branch 'master' of ssh://git.luke-else.co.uk:222/luke-else/server	2024-12-12 12:42:57 +00:00
Luke Else	061d4022a6	Added divine couture to website list	2024-12-12 12:42:45 +00:00
Luke Else	3ff3cb5449	Removed mysql from server hosted applications	2024-11-28 15:14:14 +00:00
Luke Else	3360d966f7	Added required yml config file	2024-10-05 13:13:37 +01:00
Luke Else	644ff974ce	Changed url of gitea instance	2024-10-05 12:51:37 +01:00
Luke Else	4152ca43a7	Changed CICD to use docker compose v2 syntax	2024-10-05 12:43:29 +01:00
Luke Else	3e6cc9c948	Updated CICD config	2024-10-05 12:06:37 +01:00
Luke Else	166172cc00	Updated CICD config	2024-10-05 12:06:27 +01:00