Update Docker & Kubernetes/Docker/Docker Compose/Traefik.md

2024-07-11 05:28:26 -06:00
parent fd668ab5e6
commit 893e352888
1 changed files with 26 additions and 54 deletions
--- a/Kubernetes/Docker/Docker
+++ b/Kubernetes/Docker/Docker
@ -6,7 +6,7 @@ services:
  traefik:
    image: "traefik:latest"
    restart: always
-    container_name: "traefik"
+    container_name: "traefik-bunny-lab-io"
    ulimits:
      nofile:
        soft: 65536
@ -24,11 +24,12 @@ services:
      - "--api.insecure=true"
      - "--global.sendAnonymousUsage=false"
      # Docker
-#     - "--providers.docker=true"
-#     - "--providers.docker.exposedbydefault=false"
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
      # File Provider
      - "--providers.file.directory=/etc/traefik/dynamic"
      - "--providers.file.watch=true"
+
      # Entrypoints
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
@ -36,19 +37,16 @@ services:
      - "--entrypoints.web.http.redirections.entrypoint.scheme=https" # Redirect HTTP to HTTPS
      - "--entrypoints.web.http.redirections.entrypoint.permanent=true" # Redirect HTTP to HTTPS
      # LetsEncrypt
-#     - "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
-      - "--certificatesresolvers.letsencrypt.acme.dnschallenge=true" #TEMPORARY CHANGE
-      - "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare" #TEMPORARY CHANGE
-      - "--certificatesresolvers.letsencrypt.acme.email=cyberstrawberry101@gmail.com"
+###      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
+      - "--certificatesresolvers.letsencrypt.acme.dnschallenge=true"
+      - "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare"
+      - "--certificatesresolvers.letsencrypt.acme.email=nicole.rappe@bunny-lab.io"
      - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
-#    labels:
-#      # API
-#      - "traefik.enable=true"
-#      # Global http --> https
-#      - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:[a-z-.]+}`)"
-#      - "traefik.http.routers.http-catchall.entrypoints=web"
-#      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
-#      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
+
+      # Keycloak plugin configuration
+      - "--experimental.plugins.keycloakopenid.moduleName=github.com/Gwojda/keycloakopenid"
+      - "--experimental.plugins.keycloakopenid.version=v0.1.34"
+      
    ports:
      - "80:80"
      - "443:443"
@ -62,50 +60,24 @@ services:
        docker_network:
          ipv4_address: 192.168.5.29
    environment:
-      - CF_API_EMAIL=cyberstrawberry101@gmail.com
-      - CF_API_KEY=REDACTED
+      - CF_API_EMAIL=${CF_API_EMAIL}
+      - CF_API_KEY=${CF_API_KEY}
    extra_hosts:
-      - "flask.cyberstrawberry.local:192.168.3.21"
-      - "searx.cyberstrawberry.local:192.168.3.21"
-      - "heimdall.cyberstrawberry.local:192.168.3.21"
-      - "status.cyberstrawberry.local:192.168.3.21"
-      - "rancher.cyberstrawberry.local:192.168.3.21"
-      - "trilium.blockaderunners.local:192.168.3.21"
-      - "pw.cyberstrawberry.local:192.168.3.22"
-      - "remote.cyberstrawberry.local:192.168.5.43"
-      - "cluster-cloud.cyberstrawberry.local:192.168.3.22"
-      - "searx.blockaderunners.local:192.168.3.22"
-      - "searx.deeptree-labs.local:192.168.3.22"
-      - "cyberstrawberry.local:192.168.3.22"
-      - "storage.cyberstrawberry.local:192.168.3.22"
-      - "cloud.cyberstrawberry.local:192.168.5.146"
-      - "cloud.blockaderunners.local:192.168.5.90"
-      - "docs.blockaderunners.local:192.168.5.212"
-      - "status.blockaderunners.local:192.168.5.13"
-      - "blockaderunners.local:192.168.5.219"
-      - "office.cyberstrawberry.local:192.168.5.143"
-      - "git.deeptree.local:192.168.5.166"
-      - "pw.deeptree.local:192.168.5.170"
-      - "status.deeptree.local:192.168.5.211"
-      - "temp.cyberstrawberry.local:192.168.5.197"
-      - "drop.cyberstrawberry.local:192.168.5.14"
-      - "vault.cyberstrawberry.local:192.168.3.22"
-      - "bitwarden.cyberstrawberry.local:192.168.5.141"
-      - "chat.cyberstrawberry.local:192.168.3.22"
-      - "trilium.cyberstrawberry.local:192.168.3.22"
-      - "node-red.cyberstrawberry.local:192.168.3.21"
-      - "homelab.cyberstrawberry.local:192.168.3.22"
-      - "awx.cyberstrawberry.local:192.168.3.21"
-      - "git.cyberstrawberry.local:192.168.3.21"
-      - "lab.cyberstrawberry.local:192.168.5.44"
+      - "mail.bunny-lab.io:192.168.3.13"
+      - "rmm.bunny-lab.io:192.168.3.22" # Tactical RMM
+      - "api.bunny-lab.io:192.168.3.22" # Tactical RMM
+      - "mesh.bunny-lab.io:192.168.3.22" # Tactical RMM
+
 networks:
  default:
    external:
      name: docker_network
  docker_network:
    external: true
+
 ```

 ```jsx title=".env"
-Not Applicable
+CF_API_EMAIL=nicole.rappe@bunny-lab.io
+CF_API_KEY=REDACTED-CLOUDFLARE-DOMAIN-API-KEY
 ```