serguzim/services
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add caddy default snippet

Browse source
This commit is contained in:
Tobias Reisinger 2022-11-10 19:00:32 +01:00
parent de10e8b030
commit 9edc21c59d
Signed by: serguzim
GPG key ID: 13AD60C237A28DFE
23 changed files with 87 additions and 55 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
authentik/docker-compose.yml
View file

@ -2,7 +2,7 @@ version: '3.2'
services: services:
server: server:
image: goauthentik.io/server:2022.8.2 image: goauthentik.io/server:2022.10.1
restart: unless-stopped restart: unless-stopped
command: server command: server
volumes: volumes:
@ -21,7 +21,7 @@ services:
- authentik - authentik
worker: worker:
image: goauthentik.io/server:2022.8.2 image: goauthentik.io/server:2022.10.1
restart: unless-stopped restart: unless-stopped
command: worker command: worker
user: root user: root

3
caddy/config/conf.d/analytics.serguzim.me.conf
View file

@ -1,3 +1,4 @@
analytics.serguzim.me { analytics.serguzim.me {
reverse_proxy umami:3000 import default
reverse_proxy umami:3000
} }

3
caddy/config/conf.d/auth.serguzim.me.conf
View file

@ -1,3 +1,4 @@
auth.serguzim.me { auth.serguzim.me {
reverse_proxy authentik:9000 import default
reverse_proxy authentik:9000
} }

3
caddy/config/conf.d/ci.serguzim.me.conf
View file

@ -1,3 +1,4 @@
ci.serguzim.me { ci.serguzim.me {
reverse_proxy woodpecker:8000 import default
reverse_proxy woodpecker:8000
} }

16
caddy/config/conf.d/cloud.serguzim.me.conf
View file

@ -1,11 +1,13 @@
cloud.serguzim.me { cloud.serguzim.me {
reverse_proxy host.docker.internal:3015 import default
redir /.well-known/host-meta /public.php?service=host-meta 301 reverse_proxy host.docker.internal:3015
redir /.well-known/host-meta.json /public.php?service=host-meta-json 301
redir /.well-known/webfinger /public.php?service=webfinger 301
redir /.well-known/carddav /remote.php/dav/ 301
redir /.well-known/caldav /remote.php/dav/ 301
header Strict-Transport-Security "max-age=15552000; includeSubdomains;" redir /.well-known/host-meta /public.php?service=host-meta 301
redir /.well-known/host-meta.json /public.php?service=host-meta-json 301
redir /.well-known/webfinger /public.php?service=webfinger 301
redir /.well-known/carddav /remote.php/dav/ 301
redir /.well-known/caldav /remote.php/dav/ 301
header Strict-Transport-Security "max-age=15552000; includeSubdomains;"
} }

3
caddy/config/conf.d/faas.serguzim.me.conf
View file

@ -1,3 +1,4 @@
faas.serguzim.me { faas.serguzim.me {
reverse_proxy host.docker.internal:8080 import default
reverse_proxy host.docker.internal:8080
} }

5
caddy/config/conf.d/git.serguzim.me.conf
View file

@ -1,5 +1,6 @@
git.serguzim.me { git.serguzim.me {
header /attachments/* Access-Control-Allow-Origin * import default
header /attachments/* Access-Control-Allow-Origin *
reverse_proxy gitea:3000 reverse_proxy gitea:3000
} }

3
caddy/config/conf.d/graph.serguzim.me.conf
View file

@ -1,3 +1,4 @@
graph.serguzim.me { graph.serguzim.me {
reverse_proxy grafana:3000 import default
reverse_proxy grafana:3000
} }

3
caddy/config/conf.d/hook.serguzim.me.conf
View file

@ -1,3 +1,4 @@
hook.serguzim.me { hook.serguzim.me {
reverse_proxy host.docker.internal:3002 import default
reverse_proxy host.docker.internal:3002
} }

17
caddy/config/conf.d/matrix.msrg.cc.conf
View file

@ -1,16 +1,19 @@
matrix.msrg.cc { matrix.msrg.cc {
reverse_proxy /_matrix/* synapse:8008 import default
reverse_proxy /_synapse/* synapse:8008
handle_path /admin/* { reverse_proxy /_matrix/* synapse:8008
rewrite * {path} reverse_proxy /_synapse/* synapse:8008
reverse_proxy synapse-admin:80
} handle_path /admin/* {
rewrite * {path}
reverse_proxy synapse-admin:80
}
} }
msrg.cc:8008, msrg.cc:8008,
msrg.cc:8448, msrg.cc:8448,
matrix.msrg.cc:8008, matrix.msrg.cc:8008,
matrix.msrg.cc:8448 { matrix.msrg.cc:8448 {
reverse_proxy synapse:8008 import default
reverse_proxy synapse:8008
} }

3
caddy/config/conf.d/media.serguzim.me.conf
View file

@ -1,3 +1,4 @@
media.serguzim.me { media.serguzim.me {
reverse_proxy host.docker.internal:3014 import default
reverse_proxy host.docker.internal:3014
} }

11
caddy/config/conf.d/msrg.cc.conf
View file

@ -1,8 +1,9 @@
msrg.cc { msrg.cc {
header /.well-known/openpgpkey/* Access-Control-Allow-Origin * import default
header /.well-known/openpgpkey/* Access-Control-Allow-Origin *
rewrite * /function/webpage-msrg-cc{uri} rewrite * /function/webpage-msrg-cc{uri}
reverse_proxy https://faas.serguzim.me { reverse_proxy https://faas.serguzim.me {
header_up Host {http.reverse_proxy.upstream.hostport} header_up Host {http.reverse_proxy.upstream.hostport}
} }
} }

8
caddy/config/conf.d/prometheus.serguzim.me.conf
View file

@ -1,9 +1,11 @@
prometheus.serguzim.me { prometheus.serguzim.me {
import auth_serguzim_me import default
import auth_serguzim_me
reverse_proxy host.docker.internal:9090 reverse_proxy host.docker.internal:9090
} }
prometheus.internal.serguzim.net:80 { prometheus.internal.serguzim.net:80 {
reverse_proxy host.docker.internal:9090 import default
reverse_proxy host.docker.internal:9090
} }

3
caddy/config/conf.d/recipies.serguzim.me.conf
View file

@ -1,3 +1,4 @@
recipies.serguzim.me { recipies.serguzim.me {
reverse_proxy tandoor:80 import default
reverse_proxy tandoor:80
} }

5
caddy/config/conf.d/registry.serguzim.me.conf
View file

@ -1,4 +1,5 @@
registry.serguzim.me { registry.serguzim.me {
reverse_proxy /metrics host.docker.internal:3029 import default
reverse_proxy host.docker.internal:3021 reverse_proxy /metrics host.docker.internal:3029
reverse_proxy host.docker.internal:3021
} }

3
caddy/config/conf.d/rss.serguzim.me.conf
View file

@ -1,3 +1,4 @@
rss.serguzim.me { rss.serguzim.me {
reverse_proxy tt-rss:80 import default
reverse_proxy tt-rss:80
} }

13
caddy/config/conf.d/serguzim.me.conf
View file

@ -1,11 +1,12 @@
serguzim.me { serguzim.me {
header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"
redir https://www.serguzim.me{uri} redir https://www.serguzim.me{uri}
} }
www.serguzim.me { www.serguzim.me {
rewrite * /function/webpage-serguzim-me{uri} import default
reverse_proxy https://faas.serguzim.me { rewrite * /function/webpage-serguzim-me{uri}
header_up Host {http.reverse_proxy.upstream.hostport} reverse_proxy https://faas.serguzim.me {
} header_up Host {http.reverse_proxy.upstream.hostport}
}
} }

9
caddy/config/conf.d/soeder.stream.conf
View file

@ -1,6 +1,7 @@
xn--sder-5qa.stream { xn--sder-5qa.stream {
rewrite * /function/webpage-soeder-stream{uri} import default
reverse_proxy https://faas.serguzim.me { rewrite * /function/webpage-soeder-stream{uri}
header_up Host {http.reverse_proxy.upstream.hostport} reverse_proxy https://faas.serguzim.me {
} header_up Host {http.reverse_proxy.upstream.hostport}
}
} }

5
caddy/config/conf.d/stream.serguzim.me.conf
View file

@ -1,5 +1,6 @@
stream.serguzim.me { stream.serguzim.me {
import auth_serguzim_me import default
import auth_serguzim_me
reverse_proxy host.docker.internal:8888 reverse_proxy host.docker.internal:8888
} }

3
caddy/config/conf.d/tick.serguzim.me.conf
View file

@ -1,3 +1,4 @@
tick.serguzim.me { tick.serguzim.me {
reverse_proxy host.docker.internal:8086 import default
reverse_proxy influxdb:8086
} }

3
caddy/config/conf.d/wiki.serguzim.me.conf
View file

@ -1,3 +1,4 @@
wiki.serguzim.me { wiki.serguzim.me {
reverse_proxy wiki-js:3000 import default
reverse_proxy wiki-js:3000
} }

4
caddy/config/snippets
View file

@ -13,3 +13,7 @@
trusted_proxies private_ranges trusted_proxies private_ranges
} }
} }
(default) {
encode zstd gzip
}

12
diagram.py
View file

@ -49,8 +49,8 @@ def get_custom_icon(name, url):
with Diagram("serguzim.net", show=False): with Diagram("serguzim.net", show=False):
node001 = Cluster("node001.serguzim.net")
node002 = Cluster("node002.serguzim.net") node002 = Cluster("node002.serguzim.net")
node004 = Cluster("node004.serguzim.net")
exoscale_objectstore = ObjectStorage("Exoscale Object Storage") exoscale_objectstore = ObjectStorage("Exoscale Object Storage")
@ -77,11 +77,15 @@ with Diagram("serguzim.net", show=False):
graph = Grafana("graph.serguzim.me") graph = Grafana("graph.serguzim.me")
add_to_groups(graph, services, db_users) add_to_groups(graph, services, db_users)
ICON_URL = "https://avatars.githubusercontent.com/u/40275816"
harbor = Custom("registry.serguzim.me", get_custom_icon("harbor", ICON_URL))
add_to_groups(harbor, services, db_users, objectstore_users)
ICON_URL = "https://avatars.githubusercontent.com/u/23747925" ICON_URL = "https://avatars.githubusercontent.com/u/23747925"
mail = Custom("mail.serguzim.me", get_custom_icon("mailcow", ICON_URL)) mail = Custom("mail.serguzim.me", get_custom_icon("mailcow", ICON_URL))
add_to_groups(mail, services) add_to_groups(mail, services)
ICON_URL = "https://avatars.githubusercontent.com/u/8418310?s=200&v=4" ICON_URL = "https://avatars.githubusercontent.com/u/8418310"
matrix = Custom("matrix.serguzim.me", get_custom_icon("matrix", ICON_URL)) matrix = Custom("matrix.serguzim.me", get_custom_icon("matrix", ICON_URL))
add_to_groups(matrix, services, db_users, objectstore_users) add_to_groups(matrix, services, db_users, objectstore_users)
@ -102,12 +106,12 @@ with Diagram("serguzim.net", show=False):
proxy >> services proxy >> services
objectstore_users >> exoscale_objectstore objectstore_users >> exoscale_objectstore
with node004: with node001:
services = [] services = []
proxy = Caddy() proxy = Caddy()
ICON_URL = "https://www.pikpng.com/pngl/m/11-111495_minecraft-block-png-minecraft-logo-clipart.png" ICON_URL = "https://icon-icons.com/downloadimage.php?id=168974&root=2699/PNG/256/&file=minecraft_logo_icon_168974.png"
minecraft = Custom("minecraft.serguzim.me", get_custom_icon("minecraft", ICON_URL)) minecraft = Custom("minecraft.serguzim.me", get_custom_icon("minecraft", ICON_URL))
add_to_groups(minecraft, services) add_to_groups(minecraft, services)