Reenable wg0-fix

Attempt to use native wireguard
Disable user for traefik
2024-09-06 19:45:16 +10:00 · 2024-09-06 19:42:06 +10:00 · 2024-09-05 14:43:16 +10:00 · 2024-09-05 14:37:21 +10:00 · 2024-09-05 14:35:15 +10:00 · 2024-09-05 14:24:37 +10:00
3 changed files with 21 additions and 6 deletions
--- a/photo-collector/docker-compose.yml
+++ b/photo-collector/docker-compose.yml
@@ -20,8 +20,7 @@ services:
    restart: unless-stopped
    labels:
      traefik.enable: true
-      # Authentication in Immich directly
-      # traefik.http.routers.immich.middlewares: authelia@file
+      traefik.http.routers.immich.middlewares: authelia@file

  immich-machine-learning:
    hostname: immich-machine-learning
--- a/reverse-proxy/docker-compose.yml
+++ b/reverse-proxy/docker-compose.yml
@@ -4,7 +4,8 @@ services:
  traefik:
    hostname: traefik
    image: traefik
-    user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?}
+    # TODO: Run as non root user
+    #user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?}
    environment:
      NASCOMPOSE_DOMAIN: ${NASCOMPOSE_DOMAIN?}
      CF_DNS_API_TOKEN_FILE: /run/secrets/cf_dns_token
@@ -27,6 +28,23 @@ services:
      traefik.enable: true
      traefik.http.routers.traefik.service: api@internal
      traefik.http.routers.traefik.middlewares: authelia@file
+#  crowdsec:
+#    hostname: crowdsec
+#    image: crowdsecurity/crowdsec
+#    environment:
+#      COLLECTIONS: "crowdsecurity/traefik"
+#      GID: ${NASCOMPOSE_GID?}
+#    networks:
+#      - reverse-proxy
+#    volumes:
+#      - ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/crowdsec_acquis.yml:/etc/crowdsec/acquis.yaml
+#      - ${NASCOMPOSE_SERVICES?}/reverse-proxy/volumes/crowdsec_config/:/etc/crowdsec/
+#      - ${NASCOMPOSE_SERVICES?}/reverse-proxy/volumes/crowdsec_data/:/var/lib/crowdsec/data/
+#      - ${NASCOMPOSE_SERVICES?}/reverse-proxy/volumes/traefik_logs/:/var/log/traefik/:ro
+#    restart: unless-stopped
+#    labels:
+#      traefik.enable: true
+#      traefik.http.routers.crowdsec.middlewares: authelia@file

 networks:
  reverse-proxy:
--- a/torrents/docker-compose.yml
+++ b/torrents/docker-compose.yml
@@ -25,8 +25,6 @@ services:
    dns:
      - 1.1.1.1
      - 1.0.0.1
-    devices:
-      - /dev/net/tun:/dev/net/tun
    volumes:
      - ${NASCOMPOSE_SERVICES?}/torrents${TORRENT_SUFFIX?}/volumes/qbittorrent_config/:/config/
      - ${NASCOMPOSE_DATA?}/torrents${TORRENT_SUFFIX?}/:/data/torrents/
@@ -35,7 +33,7 @@ services:
      - ${NASCOMPOSE_SERVICES?}/torrents${TORRENT_SUFFIX?}/config/99-cron-start:/etc/cont-init.d/99-cron-start:ro
      - ${NASCOMPOSE_SERVICES?}/torrents${TORRENT_SUFFIX?}/config/updateMaMIP:/etc/periodic/hourly/updateMaMIP:ro
      # Secrets
-      - ${NASCOMPOSE_SERVICES?}/torrents${TORRENT_SUFFIX?}/secrets/wg0-fix.conf:/config/wireguard/wg0-fix.conf:ro
+      - ${NASCOMPOSE_SERVICES?}/torrents${TORRENT_SUFFIX?}/secrets/wg0.conf:/config/wireguard/wg0-fix.conf:ro
    restart: unless-stopped
    labels:
      - traefik.enable=true
Author	SHA1	Message	Date
Colin Hebert	61020cae89	Reenable wg0-fix	2024-09-06 19:45:16 +10:00
Colin Hebert	3b4c5192de	Attempt to use native wireguard	2024-09-06 19:42:06 +10:00
Colin Hebert	0cc36de415	Disable user for traefik	2024-09-05 14:43:16 +10:00
Colin Hebert	b1466137f9	Disable crowdsec	2024-09-05 14:37:21 +10:00
Colin Hebert	9950853d86	Update docker-compose.yml	2024-09-05 14:35:15 +10:00
Colin Hebert	eddc156d6f	Disable DNS entries from ENV variables in portainer	2024-09-05 14:24:37 +10:00
Colin Hebert	699198d057	Add crowdsec to the traefik network	2024-09-05 14:14:09 +10:00
Colin Hebert	854c046698	Fix indentation	2024-09-05 14:13:45 +10:00
Colin Hebert	bcda415e27	Introduce CrowdSec	2024-09-05 14:09:54 +10:00
Colin Hebert	03363e6994	Force Authelia authentication	2024-09-04 20:55:00 +10:00