luke-else/server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: luke-else:3e6cc9c94870cf090333d566e05078445ed83aad
Branches Tags
luke-else:master
..
compare: luke-else:182f10a7650dc0c59f0692b56cc1a1485d99abdd
Branches Tags
luke-else:master

No commits in common. "3e6cc9c94870cf090333d566e05078445ed83aad" and "182f10a7650dc0c59f0692b56cc1a1485d99abdd" have entirely different histories.
3e6cc9c948 ... 182f10a765

4 changed files with 21 additions and 47 deletions
Show Stats Expand all files Collapse all files

41
TraefikRunner/docker-compose.yml
View File

@ -1,41 +0,0 @@
version: "3.8"
services:
traefik:
image: "traefik:latest"
container_name: "traefik"
command:
- "--api.dashboard=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.email=contact@luke-else.co.uk"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
- "traefik.http.routers.traefik-insecure.middlewares=redirect-web-secure"
- "traefik.http.routers.traefik-insecure.rule=Host(`traefik.cicd.luke-else.co.uk`)"
- "traefik.http.routers.traefik-insecure.entrypoints=web"
- "traefik.http.routers.traefik.rule=Host(`traefik.cicd.luke-else.co.uk`)"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.tls.certresolver=myresolver"
- "traefik.http.routers.traefik.middlewares=traefik-auth"
- "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$2y$$05$$s/vPphFtSO2fWJR7SYkEb.90UwPDRM3aOKqgOF/rme/3fUQ5tvpTS"
restart: unless-stopped
networks:
proxy:
name: proxy

2
cicd-spindown.sh
View File

@ -3,7 +3,7 @@
docker-compose down docker-compose down
cd ../.. cd ../..
cd ./TraefikRunner/ cd ./Traefik/
docker-compose down docker-compose down
cd .. cd ..

20
cicd-spinup.sh
View File

@ -1,9 +1,25 @@
#Script file for spinning up all docker-containers #Script file for spinning up all docker-containers
cd ./TraefikRunner/ cd ./Traefik/
docker-compose pull && docker-compose up -d docker-compose pull && docker-compose up -d
cd .. cd ..
cd ./Development/Runners/ cd ./Websites/
docker-compose pull && docker-compose up -d
cd ..
cd ./Development/Gitea/
docker-compose pull && docker-compose up -d docker-compose pull && docker-compose up -d
cd ../.. cd ../..
cd ./Database/
docker-compose pull && docker-compose up -d
cd ..
cd ./Bitwarden/
docker-compose pull && docker-compose up -d
cd ..
cd ./Misc/
docker-compose pull && docker-compose up -d
cd ..

3
todo.md
View File

@ -4,7 +4,6 @@
- Setup non root user - Setup non root user
- UFW should be setup to keep VPS secure and only allow for: - UFW should be setup to keep VPS secure and only allow for:
- https - https
- http - http
- ssh - ssh
@ -16,7 +15,7 @@
- Setup unattended upgrades - Setup unattended upgrades
- Install docker, docker-compose and apache utils. - Install docker, docker-compose and apache utils.
## Traefik + TraefikRunner ## Traefik
- Setup htaccess -> `echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g` - Setup htaccess -> `echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g`
- Ensure email address is correct - Ensure email address is correct