traefik: feat: Add custom error pages

uptime-kuma: feat: Add docker support
pihole: feat: Add traefik reverse proxy
2022-09-26 02:06:46 +01:00 · 2022-09-26 01:58:43 +01:00 · 2022-09-26 01:58:20 +01:00 · 2022-09-26 01:53:01 +01:00 · 2022-09-26 01:52:11 +01:00 · 2022-09-24 12:58:46 +01:00
10 changed files with 131 additions and 3 deletions
--- a/freshrss/.env.example
+++ b/freshrss/.env.example
@@ -0,0 +1,11 @@
+# set IS_ARM to :arm for ARM version
+IS_ARM=
+
+FRESHRSS_DOMAIN=freshrss.ykz.app
+CRON_MIN=2,32
+
+# Variables below are only used at the very first run
+ADMIN_USERNAME=admin_username_goes_here
+ADMIN_EMAIL=admin_email_goes_here
+ADMIN_PASSWORD=admin_password_goes_here
+ADMIN_API_PASSWORD=admin_api_password_goes_here
--- a/freshrss/docker-compose.yml
+++ b/freshrss/docker-compose.yml
@@ -0,0 +1,48 @@
+version: "3.9"
+
+networks:
+  public:
+    external: true
+
+services:
+  freshrss:
+    image: freshrss/freshrss${IS_ARM}
+    container_name: freshrss
+    restart: always
+    logging:
+      options:
+        max-size: 10m
+    volumes:
+      - "./freshrss-data:/var/www/FreshRSS/data"
+      - "./freshrss-extensions-data:/var/www/FreshRSS/extensions"
+    environment:
+      TZ: Asia/Singapore
+      CRON_MIN: '${CRON_MIN}'
+      FRESHRSS_INSTALL: |-
+        --api_enabled
+        --default_user ${ADMIN_USERNAME}
+        --language en
+      FRESHRSS_USER: |-
+        --api_password ${ADMIN_API_PASSWORD}
+        --email ${ADMIN_EMAIL}
+        --language en
+        --password ${ADMIN_PASSWORD}
+        --user ${ADMIN_USERNAME}
+    # ports:
+    #   - "80:80"
+    networks:
+      - public
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.freshrss.rule=Host(`${FRESHRSS_DOMAIN}`)"
+      - "traefik.http.routers.freshrss.service=freshrss-service"
+      - "traefik.http.services.freshrss-service.loadbalancer.server.port=80"
+      - "traefik.http.routers.freshrss.tls=true"
+      - "traefik.http.routers.freshrss.tls.certresolver=le"
+      - traefik.http.middlewares.freshrssM1.compress=true
+      - traefik.http.middlewares.freshrssM2.headers.browserXssFilter=true
+      - traefik.http.middlewares.freshrssM2.headers.forceSTSHeader=true
+      - traefik.http.middlewares.freshrssM2.headers.frameDeny=true
+      - traefik.http.middlewares.freshrssM2.headers.referrerPolicy=no-referrer-when-downgrade
+      - traefik.http.middlewares.freshrssM2.headers.stsSeconds=31536000
+      - traefik.http.routers.freshrss.middlewares=freshrssM1,freshrssM2
--- a/homeassistant/.env.example
+++ b/homeassistant/.env.example
@@ -0,0 +1 @@
+HOMEASSISTANT_DOMAIN=domain_goes_here
--- a/homeassistant/docker-compose.yml
+++ b/homeassistant/docker-compose.yml
@@ -0,0 +1,11 @@
+version: "3.9"
+
+services:
+  homeassistant:
+    image: "ghcr.io/home-assistant/home-assistant:stable"
+    container_name: homeassistant
+    restart: always
+    volumes:
+      - "./homeassistant-config-data:/config"
+      - "/etc/localtime:/etc/localtime:ro"
+    network_mode: host
--- a/nextcloud/docker-compose.yml
+++ b/nextcloud/docker-compose.yml
@@ -56,7 +56,6 @@ services:
    networks:
      - public

-services:
  collabora:
    image: collabora/code
    container_name: collabora
--- a/pihole/docker-compose.yml
+++ b/pihole/docker-compose.yml
@@ -1,6 +1,8 @@
 version: "3.9"

 networks:
+  public:
+    external: true
  dns_net:
    name: dns_net
    driver: bridge
@@ -16,9 +18,10 @@ services:
    ports:
      - "53:53/tcp"
      - "53:53/udp"
-      - "8180:80/tcp"
+      # - "8180:80/tcp"
    hostname: pihole
    networks:
+      public: {}
      dns_net:
        ipv4_address: 172.20.0.10
    environment:
@@ -30,6 +33,18 @@ services:
    volumes:
      - "./pihole-data/:/etc/pihole/"
      - "./dnsmasq.d-data/:/etc/dnsmasq.d/"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.pihole.rule=Host(`${PIHOLE_DOMAIN}`)"
+      - "traefik.http.routers.pihole.service=pihole-service"
+      - "traefik.http.services.pihole-service.loadbalancer.server.port=80"
+      - "traefik.http.routers.pihole.tls=true"
+      - "traefik.http.routers.pihole.tls.certresolver=le"
+      # - "traefik.http.middlewares.pihole-admin.addprefix.prefix=/admin"
+      - "traefik.http.middlewares.pihole-redirect.redirectregex.regex=^https://pihole.ykz.app/$$"
+      - "traefik.http.middlewares.pihole-redirect.redirectregex.replacement=https://pihole.ykz.app/admin"
+      - "traefik.http.middlewares.pihole-redirect.redirectregex.permanent=true"
+      - "traefik.http.routers.pihole.middlewares=pihole-redirect"

  unbound:
    image: mvance/unbound${IS_RPI}:latest
--- a/traefik/.gitignore
+++ b/traefik/.gitignore
@@ -1 +1,2 @@
 acme.json
+certs/
--- a/traefik/docker-compose.yml
+++ b/traefik/docker-compose.yml
@@ -54,4 +54,32 @@ services:
      - "traefik.http.routers.dashboard.tls=true"
      - "traefik.http.routers.dashboard.tls.certresolver=le"
      - "traefik.http.middlewares.dashboard-basicauth.basicauth.users=${BASIC_AUTH_CREDENTIALS}"
-      - "traefik.http.routers.dashboard.middlewares=dashboard-basicauth@docker"
+      - "traefik.http.routers.dashboard.middlewares=dashboard-basicauth,error-pages-middleware"
+
+  error-pages:
+    image: tarampampam/error-pages
+    container_name: error-pages
+    restart: always
+    environment:
+      TEMPLATE_NAME: lost-in-space
+      SHOW_DETAILS: true
+    labels:
+      traefik.enable: true
+      # use as "fallback" for any NON-registered services (with priority below normal)
+      traefik.http.routers.error-pages.rule: HostRegexp(`{host:.+}`) || Host(`error.ykz.app`)
+      traefik.http.routers.error-pages.priority: 10
+      # "errors" middleware settings
+      traefik.http.routers.error-pages.middlewares: error-pages-middleware
+      traefik.http.middlewares.error-pages-middleware.errors.status: 400-599
+      traefik.http.middlewares.error-pages-middleware.errors.service: error-pages-service
+      traefik.http.middlewares.error-pages-middleware.errors.query: /{status}.html
+      # define service properties
+      traefik.http.services.error-pages-service.loadbalancer.server.port: 8080
+      traefik.http.routers.error-pages.service: error-pages-service
+      traefik.http.routers.error-pages.tls: true
+      traefik.http.routers.error-pages.tls.certresolver: le
+      traefik.http.routers.traefik.middlewares: error-pages-middleware
+    networks:
+      - public
+    depends_on:
+      - traefik
--- a/traefik/dynamic/homeassistant.yml
+++ b/traefik/dynamic/homeassistant.yml
@@ -0,0 +1,13 @@
+http:
+  routers:
+    homeassistant:
+      rule: "Host(`ha.ykz.app`)"
+      tls:
+        certResolver: le
+      service: homeassistant
+  services:
+    homeassistant:
+      loadBalancer:
+        servers:
+          - url: "http://192.168.2.200:8123"
+
--- a/uptime-kuma/docker-compose.yml
+++ b/uptime-kuma/docker-compose.yml
@@ -11,6 +11,7 @@ services:
    restart: always
    volumes:
      - "./uptime-kuma-data:/app/data"
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    # ports:
    #   - "3001:3001"
    networks:
Author	SHA1	Message	Date
PorridgePi	c3c6826fc8	traefik: feat: Add custom error pages	2022-09-26 02:06:46 +01:00
PorridgePi	aa44a7edf2	uptime-kuma: feat: Add docker support	2022-09-26 01:58:43 +01:00
PorridgePi	28df96cac8	pihole: feat: Add traefik reverse proxy	2022-09-26 01:58:20 +01:00
PorridgePi	d683f2a17b	traefik: feat: Reverse proxy for homeassistant in host mode	2022-09-26 01:53:01 +01:00
PorridgePi	757a5e4f0c	homeassistant: feat: Use host mode networking	2022-09-26 01:52:11 +01:00
PorridgePi	ef3e441b15	freshrss: Initial commit	2022-09-24 12:58:46 +01:00
PorridgePi	b637789816	homeassistant: Initial commit	2022-09-24 12:37:52 +01:00
PorridgePi	7b366ef150	nextcloud: !fix: Remove extraneous services definition line	2022-09-24 12:16:55 +01:00
PorridgePi	2bf7928579	traefik: gitignore: feat: Add certs directory	2022-09-24 12:06:41 +01:00