jasper/infra-traefik-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update van structuur

Browse Source 
Signed-off-by: jasper <jappiekoopt@gmail.com>
This commit is contained in:
jasper
2025-11-18 10:01:13 +01:00
parent 566b5f5d01
commit 911791d1d7
5 changed files with 21 additions and 224 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
traefik/docker-compose.yml
View File

@@ -34,24 +34,6 @@ services:
logging:
options: { max-size: "10m", max-file: "3" }
git-sync:
image: registry.k8s.io/git-sync/git-sync:v4.3.0
restart: unless-stopped
user: "0:0"
env_file: [./.env]
environment:
- GITSYNC_REPO=https://git.japnet.nl/infra/traefik-dynamic.git
- GITSYNC_BRANCH=main
- GITSYNC_ROOT=/git
- GITSYNC_DEST=dynamic
- GITSYNC_WAIT=10
- GITSYNC_ONE_TIME=false
volumes:
- /srv/traefik/git:/git:rw
security_opt: [ "no-new-privileges:true" ]
read_only: true
tmpfs: [ "/tmp" ]
# cloudflared:
# image: cloudflare/cloudflared:latest
# command: ["tunnel","--no-autoupdate","run","--token","${CLOUDFLARE_TUNNEL_TOKEN}"]

9
traefik/dynamic/_all.yml
View File

@@ -35,3 +35,12 @@ http:
service: authentik
tls:
certResolver: cf
portainer-https:
rule: Host("portainer.japnet.nl")
entryPoints: [websecure]
middlewares: [security@file]
service: portainer
tls:
certResolver: cf

103
traefik/dynamic/_kees.yml
View File

@@ -1,103 +0,0 @@
http:
routers:
# --- Gitea ---
gitea-http:
rule: Host("git.japnet.nl")
entryPoints: [web]
middlewares: [https-redirect@file]
service: gitea
gitea-https:
rule: Host("git.japnet.nl")
entryPoints: [websecure]
middlewares: [security@file]
service: gitea
tls:
certresolver: cf
domains:
- main: "japnet.nl"
sans: ["*.japnet.nl"]
# --- Home Assistant ---
hass-http:
rule: Host("hass.japnet.nl")
entryPoints: [web]
middlewares: [https-redirect@file]
service: hass
hass-https:
rule: Host("hass.japnet.nl")
entryPoints: [websecure]
middlewares: [security@file]
service: hass
tls:
certResolver: cf
domains:
- main: "japnet.nl"
sans: ["*.japnet.nl"]
# --- SearXNG ---
searxng-http:
rule: Host("searxng.japnet.nl")
entryPoints: [web]
middlewares: [https-redirect@file]
service: searxng
tls:
certresolver: cf
domains:
- main: "japnet.nl"
sans: ["*.japnet.nl"]
searxng-https:
rule: Host("searxng.japnet.nl")
entryPoints: [websecure]
middlewares: [security@file, searxng-ratelimit@file]
service: searxng
tls:
certResolver: cf
domains:
- main: "japnet.nl"
sans: ["*.japnet.nl"]
# --- Authentik ---
authentik-http:
rule: Host("auth.japnet.nl")
entryPoints: [web]
middlewares: [https-redirect@file]
service: authentik
authentik-https:
rule: Host("auth.japnet.nl")
entryPoints: [websecure]
middlewares: [security@file]
service: authentik
tls:
certResolver: cf
domains:
- main: "japnet.nl"
sans: ["*.japnet.nl"]
services:
gitea:
loadBalancer:
servers:
- url: http://192.168.2.45:3000
hass:
loadBalancer:
servers:
- url: http://192.168.2.54:8123
searxng:
loadBalancer:
servers:
- url: http://192.168.2.45:4001
authentik:
loadBalancer:
servers:
- url: http://192.168.2.22:9000

103
traefik/dynamic/_old.yml
View File

@@ -1,103 +0,0 @@
http:
routers:
# --- Gitea ---
gitea-http:
rule: Host("git.japnet.nl")
entryPoints: [web]
middlewares: [https-redirect@file]
service: gitea
gitea-https:
rule: Host("git.japnet.nl")
entryPoints: [websecure]
middlewares: [security@file]
service: gitea
tls:
certresolver: cf
domains:
- main: "japnet.nl"
sans: ["*.japnet.nl"]
# --- Home Assistant ---
hass-http:
rule: Host("hass.japnet.nl")
entryPoints: [web]
middlewares: [https-redirect@file]
service: hass
hass-https:
rule: Host("hass.japnet.nl")
entryPoints: [websecure]
middlewares: [security@file]
service: hass
tls:
certResolver: cf
domains:
- main: "japnet.nl"
sans: ["*.japnet.nl"]
# --- SearXNG ---
searxng-http:
rule: Host("searxng.japnet.nl")
entryPoints: [web]
middlewares: [https-redirect@file]
service: searxng
tls:
certresolver: cf
domains:
- main: "japnet.nl"
sans: ["*.japnet.nl"]
searxng-https:
rule: Host("searxng.japnet.nl")
entryPoints: [websecure]
middlewares: [security@file, searxng-ratelimit@file]
service: searxng
tls:
certResolver: cf
domains:
- main: "japnet.nl"
sans: ["*.japnet.nl"]
# --- Authentik ---
authentik-http:
rule: Host("auth.japnet.nl")
entryPoints: [web]
middlewares: [https-redirect@file]
service: authentik
authentik-https:
rule: Host("auth.japnet.nl")
entryPoints: [websecure]
middlewares: [security@file]
service: authentik
tls:
certResolver: cf
domains:
- main: "japnet.nl"
sans: ["*.japnet.nl"]
services:
gitea:
loadBalancer:
servers:
- url: http://192.168.2.45:3000
hass:
loadBalancer:
servers:
- url: http://192.168.2.54:8123
searxng:
loadBalancer:
servers:
- url: http://192.168.2.45:4001
authentik:
loadBalancer:
servers:
- url: http://192.168.2.22:9000

12
traefik/dynamic/routers/_all.yml
View File

@@ -19,3 +19,15 @@ http:
loadBalancer:
servers:
- url: http://192.168.2.22:9000
portainer:
loadBalancer:
servers:
- url: https://192.168.2.45:9443
passHostHeader: true
serversTransport: portainer-transport
serversTransports:
portainer-transport:
insecureSkipVerify: true