heri410/container
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

added meshcentral

Browse source 
added treafik
This commit is contained in:
Henrik 2023-05-06 20:21:09 +00:00
parent 3838016d91
commit 9fa6b16bed
3 changed files with 160 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

79
Composer/basic/docker-compose.yml
View file

@ -1,26 +1,78 @@
version: "3.7" version: "3.7"
services: services:
# Ingress traefik:
caddy: image: "traefik"
image: lucaslorentz/caddy-docker-proxy command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker
- --providers.docker.exposedByDefault=false
- --log.level=DEBUG
- --providers.docker.network=proxy
- --serversTransport.insecureSkipVerify=true
- --api
#Lets Encrypt
- --certificatesresolvers.letsencrypt.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL}
- --certificatesresolvers.letsencrypt.acme.storage=/acme.json
- --certificatesresolvers.letsencrypt.acme.tlschallenge=true
#Logging
- "--accesslog=true"
- "--accesslog.filePath=/logs/access.log"
ports: ports:
- 80:80 - "80:80"
- 443:443 - "443:443"
environment:
- CADDY_INGRESS_NETWORKS=caddy
networks: networks:
- caddy - proxy
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /etc/timezone:/etc/timezone:ro
- caddy_data:/data - /etc/localtime:/etc/localtime:ro
restart: unless-stopped - "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./data/letsencrypt/acme.json:/acme.json"
- ./data/logs/:/logs/
labels:
# Dashboard
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`treafik.dev.mertens.digital`)"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
- "traefik.http.routers.traefik.entrypoints=websecure"
#- "traefik.http.routers.traefik.middlewares=authtraefik"
#- "traefik.http.middlewares.authtraefik.basicauth.users=user:$2a$12$zeG4z6/dM28JONNH54/jo.pZD0BUuzw0mbD0GFMQqe00lFYCPzKm." # user/password
# global redirect to https
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
restart: unless-stopped
# Automatic Container Updates # Automatic Container Updates
watchtower: watchtower:
image: containrrr/watchtower image: containrrr/watchtower
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
whoami:
image: traefik/whoami
command:
- --port=2001
- --name=test
ports:
- "2001:2001"
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.whoami.entrypoints=websecure"
- "traefik.http.routers.whoami.rule=Host(`whoami.dev.mertens.digital`)"
- "traefik.http.routers.whoami.tls=true"
- "traefik.http.routers.whoami.tls.certresolver=letsencrypt"
- "traefik.http.services.whoami.loadbalancer.server.port=2001"
# Cleanup unused Docker Container # Cleanup unused Docker Container
janitor: janitor:
image: flaviostutz/docker-janitor image: flaviostutz/docker-janitor
@ -33,8 +85,5 @@ services:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
networks: networks:
caddy: proxy:
external: true external: true
volumes:
caddy_data: {}

41
Composer/meshcentral/README.MD Normal file
View file

@ -0,0 +1,41 @@
Only working with this modified config File
```
{
"$schema": "https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json",
"settings": {
"plugins":{"enabled": false},
"mongoDb": "mongodb://mongodbadmin:mongodbpasswd@mongodb:27017",
"cert": "mesh.dev.mertens.digital",
"_WANonly": true,
"_LANonly": true,
"_sessionKey": "MyReallySecretPassword1",
"port": 80,
"_aliasPort": 443,
"redirPort": 81,
"_redirAliasPort": 80,
"AgentPong": 300,
"TLSOffload": true,
"SelfUpdate": false,
"AllowFraming": false,
"WebRTC": false
},
"domains": {
"": {
"_title": "MyServer",
"_title2": "Servername",
"minify": true,
"NewAccounts": true,
"localSessionRecording": false,
"_userNameIsEmail": true,
"certUrl": "https://mesh.dev.mertens.digital:443"
}
},
"_letsencrypt": {
"__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>",
"_email": "myemail@mydomain.com",
"_names": "myserver.mydomain.com",
"production": false
}
}
```

54
Composer/meshcentral/docker-compose.yml Normal file
View file

@ -0,0 +1,54 @@
version: '3'
networks:
meshcentral-tier:
driver: bridge
proxy:
external: true
services:
mongodb:
restart: always
container_name: mongodb
image: mongo:latest
env_file:
- .env
volumes:
# mongodb data-directory - A must for data persistence
- ./data/mongodb_data:/data/db
networks:
- meshcentral-tier
meshcentral:
restart: always
container_name: meshcentral
# use the official meshcentral container
image: ghcr.io/ylianst/meshcentral:latest
depends_on:
- mongodb
#ports:
# MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
#- 443:443
#- 80:80
env_file:
- .env
volumes:
# config.json and other important files live here. A must for data persistence
- ./data/meshcentral/data:/opt/meshcentral/meshcentral-data
# where file uploads for users live
- ./data/meshcentral/user_files:/opt/meshcentral/meshcentral-files
# location for the meshcentral-backups - this should be mounted to an external storage
- ./data/meshcentral/backup:/opt/meshcentral/meshcentral-backups
# location for site customization files
- ./data/meshcentral/web:/opt/meshcentral/meshcentral-web
labels:
- 'traefik.enable=true'
- "traefik.http.routers.mesh.entrypoints=websecure"
- "traefik.http.routers.mesh.rule=Host(`mesh.dev.mertens.digital`)"
- "traefik.http.routers.mesh.tls=true"
- "traefik.http.routers.mesh.tls.certresolver=letsencrypt"
- "traefik.http.services.mesh.loadbalancer.server.port=80"
#- "traefik.http.services.mesh.loadbalancer.server.scheme=https"
networks:
- meshcentral-tier
- proxy