docker

2025-08-08 18:22:58 -03:00
parent 3b2d644a1b
commit 73d9587e1d
5 changed files with 172 additions and 2 deletions
--- a/app/templates/docker-compose.yml
+++ b/app/templates/docker-compose.yml
@@ -0,0 +1,41 @@
+services:
+
+  beedb:
+    image: postgres:16
+    restart: always
+    environment:
+      - POSTGRES_DB=postgres
+      - POSTGRES_PASSWORD=deradmin
+      - POSTGRES_USER=deradmin1
+    volumes:
+      - /OD8N/data/postgres:/var/lib/postgresql/data/
+      - /OD8N/data/pg_backup/:/BACKUP/
+    networks:
+      4projects:
+        ipv4_address: 10.5.0.200
+
+  traefik:
+    image: docker.io/library/traefik:3.1
+    container_name: traefik
+    ports:
+      - 80:80
+      - 443:443
+        #- 8080:8080
+    volumes:
+      - /run/docker.sock:/run/docker.sock:ro
+      - /OD8N/config/traefik/etc:/etc/traefik
+      - /OD8N/data/traefik/certs:/certs
+      - /OD8N/data/traefik/traefik-logs:/var/log/traefik
+    networks:
+      - 4projects
+    restart: unless-stopped
+
+networks:
+  4projects:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 10.5.0.0/16
+          gateway: 10.5.0.1
+          ip_range: 10.5.0.0/26
+
--- a/app/templates/traefik.yaml
+++ b/app/templates/traefik.yaml
@@ -0,0 +1,101 @@
+global:
+  checkNewVersion: false
+  sendAnonymousUsage: false
+
+# -- (Optional) Change Log Level and Format here...
+#     - loglevels [DEBUG, INFO, WARNING, ERROR, CRITICAL]
+#     - format [common, json, logfmt]
+# log:
+#  level: ERROR
+#  format: common
+#  filePath: /var/log/traefik/traefik.log
+
+# -- (Optional) Enable Accesslog and change Format here...
+#     - format [common, json, logfmt]
+accesslog:
+#   format: common
+  filePath: /var/log/traefik/access.log
+
+# -- (Optional) Enable API and Dashboard here, don't do in production
+api:
+  dashboard: true
+  disableDashboardAd: true
+  insecure: true
+
+# -- Change EntryPoints here...
+entryPoints:
+  web:
+    address: :80
+    # -- (Optional) Redirect all HTTP to HTTPS
+    http:
+      redirections:
+        entryPoint:
+          to: websecure
+          scheme: https
+  websecure:
+    #    http:
+    #  middlewares:
+    #    - crowdsec-bouncer@file
+    address: :443
+    transport:
+      respondingTimeouts:
+        readTimeout: 0
+        writeTimeout: 0
+        idleTimeout: 42
+  # -- (Optional) Add custom Entrypoint
+  # custom:
+  #   address: :8080
+
+# -- Configure your CertificateResolver here...
+certificatesResolvers:
+#   staging:
+#     acme:
+#       email: your-email@example.com
+#       storage: /etc/traefik/certs/acme.json
+#       caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
+#       httpChallenge:
+#         entryPoint: web
+
+  production:
+    acme:
+      email: oliver@odoo4projects.com
+      storage: /certs/acme.json
+      caServer: "https://acme-v02.api.letsencrypt.org/directory"
+      httpChallenge:
+        entryPoint: web
+
+# -- (Optional) Disable TLS Cert verification check
+# serversTransport:
+#   insecureSkipVerify: true
+
+# -- (Optional) Overwrite Default Certificates
+# tls:
+#   stores:
+#     default:
+#       defaultCertificate:
+#         certFile: /etc/traefik/certs/cert.pem
+#         keyFile: /etc/traefik/certs/cert-key.pem
+# -- (Optional) Disable TLS version 1.0 and 1.1
+#   options:
+#     default:
+#       minVersion: VersionTLS12
+
+providers:
+  docker:
+    # -- (Optional) Enable this, if you want to expose all containers automatically
+    exposedByDefault: true
+  file:
+    directory: /etc/traefik
+    watch: true
+
+
+http:
+  middlewares:
+    crowdsec-bouncer:
+      forwardauth:
+        address: http://bouncer-traefik:8080/api/v1/forwardAuth
+        trustForwardHeader: true
+
+
+
+