From 354b39523f28288f64436f70dc33166b87270e42 Mon Sep 17 00:00:00 2001 From: Colin Hebert Date: Fri, 20 Jan 2023 11:52:51 +0100 Subject: [PATCH] Remove traefik from the bootstrap --- bootstrap.docker-compose.local.yml | 5 +- bootstrap.docker-compose.macvlan.yml | 4 +- bootstrap.docker-compose.yml | 62 -------------------- docker/configs/traefik/dynamic/portainer.yml | 10 ++++ nas-compose.env | 1 + traefik.docker-compose.local.yml | 5 ++ traefik.docker-compose.macvlan.yml | 23 ++++++++ traefik.docker-compose.yaml | 57 ++++++++++++++++++ 8 files changed, 100 insertions(+), 67 deletions(-) create mode 100644 docker/configs/traefik/dynamic/portainer.yml create mode 100644 traefik.docker-compose.local.yml create mode 100644 traefik.docker-compose.macvlan.yml create mode 100644 traefik.docker-compose.yaml diff --git a/bootstrap.docker-compose.local.yml b/bootstrap.docker-compose.local.yml index 900e93c..e1de048 100644 --- a/bootstrap.docker-compose.local.yml +++ b/bootstrap.docker-compose.local.yml @@ -1,5 +1,4 @@ services: - traefik: + portainer: ports: - - 80:80 - - 443:443 + - 9443:9443 diff --git a/bootstrap.docker-compose.macvlan.yml b/bootstrap.docker-compose.macvlan.yml index ace2b64..cfe8e3e 100644 --- a/bootstrap.docker-compose.macvlan.yml +++ b/bootstrap.docker-compose.macvlan.yml @@ -1,8 +1,8 @@ services: - traefik: + portainer: networks: macvlan: - ipv4_address: ${NASCOMPOSE_MACVLAN_TRAEFIK_IP} + ipv4_address: ${NASCOMPOSE_MACVLAN_PORTAINER_IP?} networks: macvlan: diff --git a/bootstrap.docker-compose.yml b/bootstrap.docker-compose.yml index 0c5ce85..e3fce39 100644 --- a/bootstrap.docker-compose.yml +++ b/bootstrap.docker-compose.yml @@ -13,40 +13,6 @@ services: labels: nas-compose.boostrap: true - # TODO: Sort out authentication method for all services (SSO). Authelia? - traefik: - image: traefik - environment: - NASCOMPOSE_TRAEFIK_DOMAINS: ${NASCOMPOSE_TRAEFIK_DOMAINS?} - NASCOMPOSE_MACVLAN_HOST_IP: ${NASCOMPOSE_MACVLAN_HOST_IP} - networks: - - macvlan - - traefik - - docker - configs: - - source: traefik_static - target: /etc/traefik/traefik.yml - - source: traefik_dynamic - target: /etc/traefik/dynamic/traefik.yml - - source: traefik_synology - target: /etc/traefik/dynamic/synology.yml - - source: traefik_tls - target: /etc/traefik/dynamic/tls.yml - - source: traefik_hsts - target: /etc/traefik/dynamic/hsts.yml - - source: traefik_transmission-api - target: /etc/traefik/dynamic/transmission-api.yml - - source: traefik_authelia - target: /etc/traefik/dynamic/authelia.yml - secrets: - - traefik_tls_cert - - traefik_tls_key - depends_on: - - docker - restart: unless-stopped - labels: - nas-compose.boostrap: true - portainer: image: portainer/portainer-ce command: > @@ -56,7 +22,6 @@ services: user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?} networks: - docker - - traefik volumes: - portainer_data:/data/ secrets: @@ -66,9 +31,6 @@ services: restart: unless-stopped labels: nas-compose.boostrap: true - traefik.enable: true - traefik.http.services.portainer.loadbalancer.server.port: 9443 - traefik.http.services.portainer.loadbalancer.server.scheme: https networks: macvlan: @@ -79,10 +41,6 @@ networks: name: docker labels: nas-compose.boostrap: true - traefik: - name: traefik - labels: - nas-compose.boostrap: true volumes: portainer_data: @@ -93,26 +51,6 @@ volumes: labels: nas-compose.boostrap: true -configs: - traefik_static: - file: ${NASCOMPOSE_SERVICES?}/configs/traefik/traefik.yml - traefik_dynamic: - file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/traefik.yml - traefik_synology: - file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/synology.yml - traefik_tls: - file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/tls.yml - traefik_hsts: - file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/hsts.yml - traefik_authelia: - file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/authelia.yml - traefik_transmission-api: - file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/transmission-api.yml - secrets: - traefik_tls_cert: - file: ${NASCOMPOSE_SERVICES?}/secrets/traefik/traefik.cert - traefik_tls_key: - file: ${NASCOMPOSE_SERVICES?}/secrets/traefik/traefik.key portainer_password: file: ${NASCOMPOSE_SERVICES?}/secrets/portainer/portainer_password diff --git a/docker/configs/traefik/dynamic/portainer.yml b/docker/configs/traefik/dynamic/portainer.yml new file mode 100644 index 0000000..f945558 --- /dev/null +++ b/docker/configs/traefik/dynamic/portainer.yml @@ -0,0 +1,10 @@ +http: + routers: + synology: + rule: '{{ $s := "portainer" }}{{ range $i, $d := splitList "," (env `NASCOMPOSE_TRAEFIK_DOMAINS`) }}{{ if $i }} || {{end}}Host(`{{ $s }}.{{ $d }}`){{ end }}' + service: portainer@file + services: + synology: + loadBalancer: + servers: + - url: https://{{ env `NASCOMPOSE_MACVLAN_PORTAINER_IP` }}:9443/ diff --git a/nas-compose.env b/nas-compose.env index 2dd7bce..1c3ed1c 100644 --- a/nas-compose.env +++ b/nas-compose.env @@ -13,6 +13,7 @@ NASCOMPOSE_MACVLAN_RANGE= NASCOMPOSE_MACVLAN_HOST_IP= NASCOMPOSE_MACVLAN_TRAEFIK_IP= NASCOMPOSE_MACVLAN_PLEX_IP= +NASCOMPOSE_MACVLAN_PORTAINER_IP= NASCOMPOSE_TRAEFIK_DOMAINS= diff --git a/traefik.docker-compose.local.yml b/traefik.docker-compose.local.yml new file mode 100644 index 0000000..900e93c --- /dev/null +++ b/traefik.docker-compose.local.yml @@ -0,0 +1,5 @@ +services: + traefik: + ports: + - 80:80 + - 443:443 diff --git a/traefik.docker-compose.macvlan.yml b/traefik.docker-compose.macvlan.yml new file mode 100644 index 0000000..2ad2429 --- /dev/null +++ b/traefik.docker-compose.macvlan.yml @@ -0,0 +1,23 @@ +services: + traefik: + environment: + NASCOMPOSE_MACVLAN_SYNOLOGY_IP: ${NASCOMPOSE_MACVLAN_HOST_IP?} + NASCOMPOSE_MACVLAN_PORTAINER_IP: ${NASCOMPOSE_MACVLAN_PORTAINER_IP?} + networks: + macvlan: + ipv4_address: ${NASCOMPOSE_MACVLAN_TRAEFIK_IP?} + configs: + - source: traefik_synology + target: /etc/traefik/dynamic/synology.yml + - source: traefik_portainer + target: /etc/traefik/dynamic/portainer.yml + +networks: + macvlan: + external: true + +configs: + traefik_synology: + file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/synology.yml + traefik_portainer: + file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/portainer.yml diff --git a/traefik.docker-compose.yaml b/traefik.docker-compose.yaml new file mode 100644 index 0000000..b3b7ec5 --- /dev/null +++ b/traefik.docker-compose.yaml @@ -0,0 +1,57 @@ +name: Traefik + +services: + traefik: + image: traefik + environment: + NASCOMPOSE_TRAEFIK_DOMAINS: ${NASCOMPOSE_TRAEFIK_DOMAINS?} + networks: + - traefik + - docker + configs: + - source: traefik_static + target: /etc/traefik/traefik.yml + + - source: traefik_dynamic + target: /etc/traefik/dynamic/traefik.yml + - source: traefik_tls + target: /etc/traefik/dynamic/tls.yml + - source: traefik_hsts + target: /etc/traefik/dynamic/hsts.yml + + - source: traefik_authelia + target: /etc/traefik/dynamic/authelia.yml + - source: traefik_transmission-api + target: /etc/traefik/dynamic/transmission-api.yml + secrets: + - traefik_tls_cert + - traefik_tls_key + depends_on: + - docker + restart: unless-stopped + +networks: + docker: + external: true + traefik: + name: traefik + +configs: + traefik_static: + file: ${NASCOMPOSE_SERVICES?}/configs/traefik/traefik.yml + traefik_dynamic: + file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/traefik.yml + traefik_tls: + file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/tls.yml + traefik_hsts: + file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/hsts.yml + traefik_authelia: + file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/authelia.yml + traefik_transmission-api: + file: ${NASCOMPOSE_SERVICES?}/configs/traefik/dynamic/transmission-api.yml + +secrets: + traefik_tls_cert: + file: ${NASCOMPOSE_SERVICES?}/secrets/traefik/traefik.cert + traefik_tls_key: + file: ${NASCOMPOSE_SERVICES?}/secrets/traefik/traefik.key