Compare commits
7 Commits
b618727280
...
9c7225e8ef
Author | SHA1 | Date | |
---|---|---|---|
9c7225e8ef | |||
98847c4bf3 | |||
f47c0ed774 | |||
3dcc017007 | |||
e557ae0152 | |||
aa3d9c4ea2 | |||
49b1cd26f4 |
5
.gitignore
vendored
5
.gitignore
vendored
@ -6,4 +6,7 @@
|
||||
!/*
|
||||
|
||||
# Allow assets folder
|
||||
!assets/**
|
||||
!assets/**
|
||||
|
||||
# Don't allow .env files, just env-exmaple files
|
||||
!.env-example
|
||||
|
41
TraefikVPN/docker-compose.yml
Normal file
41
TraefikVPN/docker-compose.yml
Normal file
@ -0,0 +1,41 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
traefik:
|
||||
image: "traefik:latest"
|
||||
container_name: "traefik"
|
||||
command:
|
||||
- "--api.dashboard=true"
|
||||
- "--providers.docker=true"
|
||||
- "--providers.docker.exposedbydefault=false"
|
||||
- "--entrypoints.web.address=:80"
|
||||
- "--entrypoints.websecure.address=:443"
|
||||
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
|
||||
- "--certificatesresolvers.myresolver.acme.email=contact@luke-else.co.uk"
|
||||
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
volumes:
|
||||
- "./letsencrypt:/letsencrypt"
|
||||
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
||||
networks:
|
||||
- proxy
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
|
||||
- "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
|
||||
- "traefik.http.routers.traefik-insecure.middlewares=redirect-web-secure"
|
||||
- "traefik.http.routers.traefik-insecure.rule=Host(`traefik.vpn.luke-else.co.uk`)"
|
||||
- "traefik.http.routers.traefik-insecure.entrypoints=web"
|
||||
|
||||
- "traefik.http.routers.traefik.rule=Host(`traefik.vpn.luke-else.co.uk`)"
|
||||
- "traefik.http.routers.traefik.entrypoints=websecure"
|
||||
- "traefik.http.routers.traefik.service=api@internal"
|
||||
- "traefik.http.routers.traefik.tls.certresolver=myresolver"
|
||||
- "traefik.http.routers.traefik.middlewares=traefik-auth"
|
||||
- "traefik.http.middlewares.traefik-auth.basicauth.users=user:$$2y$$05$$s/vPphFtSO2fWJR7SYkEb.90UwPDRM3aOKqgOF/rme/3fUQ5tvpTS"
|
||||
restart: unless-stopped
|
||||
|
||||
networks:
|
||||
proxy:
|
||||
name: proxy
|
25
VPN/docker-compose.yml
Normal file
25
VPN/docker-compose.yml
Normal file
@ -0,0 +1,25 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
dockovpn:
|
||||
image: alekslitvinenk/openvpn
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
ports:
|
||||
- 1194:1194/udp # Expose tcp if you defined HOST_TUN_PROTOCOL=tcp
|
||||
environment:
|
||||
HOST_ADDR: vpn.luke-else.co.uk # Your VPN server address
|
||||
volumes:
|
||||
- ./openvpn_conf:/opt/Dockovpn_data
|
||||
labels:
|
||||
## Expose vpn Through Trefik ##
|
||||
- "traefik.enable=true" # <== Enable traefik to proxy this container
|
||||
|
||||
- "traefik.http.middlewares.redirect-web-secure.redirectscheme.scheme=https"
|
||||
- "traefik.http.routers.vpn-insecure.middlewares=redirect-web-secure"
|
||||
- "traefik.http.routers.vpn-insecure.rule=Host(`vpn.luke-else.co.uk`)"
|
||||
- "traefik.http.routers.vpn-insecure.entrypoints=web"
|
||||
|
||||
- "traefik.http.routers.vpn.rule=Host(`vpn.luke-else.co.uk`)"
|
||||
- "traefik.http.routers.vpn.entrypoints=websecure"
|
||||
- "traefik.http.routers.vpn.tls.certresolver=myresolver"
|
||||
restart: always
|
4
todo.md
4
todo.md
@ -15,7 +15,7 @@
|
||||
- Setup unattended upgrades
|
||||
- Install docker, docker-compose and apache utils.
|
||||
|
||||
## Traefik + TraefikRunner
|
||||
## Traefik + TraefikRunner + Traefik VPN
|
||||
|
||||
- Setup htaccess -> `echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g`
|
||||
- Ensure email address is correct
|
||||
@ -35,8 +35,6 @@ Create a .env file with the following content:
|
||||
```sh
|
||||
ACKEE_USERNAME=luke-else
|
||||
ACKEE_PASSWORD=XXX
|
||||
|
||||
|
||||
```
|
||||
|
||||
## Websites
|
||||
|
13
vpn-spindown.sh
Normal file
13
vpn-spindown.sh
Normal file
@ -0,0 +1,13 @@
|
||||
#Script file for spinning down all CICD relevant docker-containers
|
||||
|
||||
cd ./VPN/
|
||||
docker compose down
|
||||
cd ..
|
||||
|
||||
cd ./TraefikVPN/
|
||||
docker compose down
|
||||
cd ..
|
||||
|
||||
docker rmi $(docker images -q)
|
||||
docker system prune -f
|
||||
docker volume prune -f
|
9
vpn-spinup.sh
Normal file
9
vpn-spinup.sh
Normal file
@ -0,0 +1,9 @@
|
||||
#Script file for spinning up all docker-containers
|
||||
|
||||
cd ./TraefikRunner/
|
||||
docker compose pull && docker compose up -d
|
||||
cd ..
|
||||
|
||||
cd ./VPN/
|
||||
docker compose pull && docker compose up -d
|
||||
cd ..
|
Loading…
x
Reference in New Issue
Block a user