venus/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

working on secure readme

Browse Source
This commit is contained in:
venus
2026-03-31 00:36:36 -05:00
parent 63c3e85680
commit 1fbd44f1df
4 changed files with 62 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
compose.yml
View File

@@ -4,13 +4,13 @@
services: services:
traefik: traefik:
image: traefik:v3.6 image: traefik:v3.6
command: container_name: traefik
- "--api.insecure=true" restart: unless-stopped
- "--providers.docker=true"
- "--entrypoints.web.address=:80"
ports: ports:
- "80:80" - "80:80"
- "8080:8080" - "8080:8080"
- "443:443"
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - "/var/run/docker.sock:/var/run/docker.sock"
- "./letsencrypt:/letsencrypt"
- "./traefik.yml:/etc/traefik/traefik.yml:ro"

16
letsencrypt/acme.json Normal file
View File

@@ -0,0 +1,16 @@
{
"myresolver": {
"Account": {
"Email": "web-admin@riverrooks.art",
"Registration": {
"body": {
"status": "valid"
},
"uri": "https://acme-v02.api.letsencrypt.org/acme/acct/3195224921"
},
"PrivateKey": "MIIJJwIBAAKCAgEArvYlx4hYlj3HmzzzOaICsfd80xbYndVxDPfvFryf80rCzTe3WTf7Ij4IMhrcqSWLjjaH13l1OnytLkqjgpwuHKGrqdmrAq3jrAXW/h2yuQfLrGf+v26+7mkqpHcTgJQeCAOpVQfM7tg906BWnGegEmb2jDP5en+GG9fu2x+e9qJojnP0rajymQSyyHTAIAC59UcolOvbgtbwBriivAGw+t3hRVURCSWb32p53+RqMMv2bBXVIjioTkCtDpOX5e8leLjR8aTi7NJ+bz0fFR4+14boGvhIbwr0bltvuHsx4zzLc3Fxzxetfa9dahm6bVoaQ2O5tDN6YyYWtBlDwOgtp48HVOTNtP3jLYNWEDgVFKbeJCDM4WinBXxipkC9rUGkSz4KEis/62Bc0tlNIb+lOCXfTrC3kTlcU670pko9D3LsUnq45OoojLhK2GC18Sw5rNfrrBo+jXrhPZ1CMbGiAEcMKcpyqFs+HF1zvKm3qNJHosgfH1vEln91wPEEx8Z2+XrcRI6TKBBDS/BWnvRPR3gVMR9dfy9znXJMh8ojjl0KJBEhzUApQ983jaCeIM/LiKF4n5CKVFLhjUU8RWlS5XNqkjphxxiyLYe7EPz1ZB5pj1O0wDt0F3R7JNoCn04dwZoHpXB8tFOoBM9Gk8RoiQ1b8uPmRKu4m3GHf9GAK8UCAwEAAQKCAgAKhWjOL+fL2Rk4v5iMva5Vz2ElPHl4PE6ZDgvFnUAtHDDMsG4JInGqpHpPsQfV8BkNS0At9/LRuo+begeNIiEvvZUaGKnM9nH7dTpxe420zMA1tOc/0cQPiCl1TGfS0pVfvAChyV9MeZp2MG0k6KJamPB4i+OTtzl0US7e5G7lu+x3rIdpLgCwrPSnU0X+ZqzIEChjlC9WFeDHNrEqhxuCandSeQQWPbm63KdJjG3KU2mVJFb1wNx2IDOH7d4ziIcDVHHjixvOS/YocE9/MJts0IMCpC2O5+S9AiicumPMm2pMneTPJEhdh38hkzx/uOxdYxDWwkW40qCI4gAOCKg+EshwT0HYemXalAItMKDE328gvCmE0+1JjQvxfpjDSBLE3QcyWJeQ/ROsrEeyfDHTZp95LpowiczznmP2URTHTTNCzOgQH2S91zI5+xCs8115mVhlGkZyNIpp9WAZkKv8QXIjlmWbsCF01rKyKiRryysWZNJ8U38dYGHk2AMGwiA77/l0AKKiHMDAsYkbOGBep0vAdiDaHeyfHDM2rnxbLpPdDPb5/z9P6ZpB9/wSUmKAAWw3jySNQJ45WXrsq82U2r6o2KcvE8kPujG+jl44JuNnFBGQ1slmfemKwwCQKVCSXNwYZC6Bg8BsINEI19/7avXrlTlLwY4+tmYxgi6i3QKCAQEAziaxReRePZ9/rW2Of9uhwCoNP32woF4EOH4jGasB8J4/WcztsrxzWsqdQAb25W9WvrICEDJ5JIaolio+MTtjfxAFdfWSHdQ0PxYWe9FQTRyI6r3fi7DP5S9YTdKycQNDY+fl5Hj955uF2PUQJq30uMIc/pKUOm+1z9U/6xKsx26UPX7ArykgZsBTS5ot6DHQXMc9fi2MT+tWZstFqm/RhFDzQlRjtVCpT9ED864OrN9TuiUfnP6CdOinbjAb4wV2kKRLHFycRZuzZl7sIqfkdIcQRjfLAaGLHh2HuBiA2ZUwsXxXSB2ETHBVyNvD4lDgDaC/f0TCOK5pENYW/UUKtwKCAQEA2US7zg+dzKZaHQ2mXmPVfpNW6PU5ZJEkc2jtQlawMvHZPMXa4wzyjlRzT9jsTgK4QWEmCXfVXrmk51HdBP5E3YsaZ8Se5kGv+eI/w5eFpsR5jY+YzoB1OOT8QRN0jJXX4cB8xFBxwp1kr0R69ZYEaiRwSsIwcyZw3F2VGfYVNH5rl5EX6BPILEf11OIRdmnKA9QKgLAYXlj8Wsw6SI7tkclCbDG1yeZ+kZkaYvKmNhjOusAcaYDAUT3zTjpWbaq8OtMJQb7FKsWzaCI3ruzfRmXYA8R7mfHnpe/rskucSXvKTad7FzrEDRFdvzZptbzDw/KjwuSc1P8i8NdZ3UAxYwKCAQBylwVhEVDlNhyVfVmBbsdZdsaIbUhZzAjSkiLWqLzaUExskUHrYV9Jr2h7Z6Oj4yC3vWDyOewmxoc9eVu6qAVlYrV2XTuMQyGLk66Jws69HkhpG4QANRdKkOen0p+HvEWgag3a0vpn3IYpFAeXSIjIjnXpd/bXCLNqRGJUO7w42xmhmSxn8Rdmpi9mzdwIvm/QsptW4OCmp+0OFJ2z4JX407p0O051QdHrYQauVCkqJLV4uhv5e2tuqsgusqU9qxK90eVCbaQb+TFejRL7LJILx+ve7DJ2xKH86nM/fLdautgnQDOQDYA1sReuH6Kh0UzJpnnrt3+yXBhg2HBM9iy/AoIBAEqimuU5Zhq0FoaedsU8BE377UIPY0zRszTWGZLNVq/Zdqeyy/NtMjGEfywxt1NBCeyjo75i5PAqU6SG8abSdfOo4kQ9PdyZOgtcFk1pUqcsHRls97AQXrRRrPnp5gKZQtSxG+sQO1QAX2L54kdU5mVT6SM1PBGCZgi9OQf3CefDedBSLmUxznSvr5oWoqsLwjK4d3cnhud6KA5E08yzFJcdDO0/0lPuExKPBopxEnnI4dMzRU9UxDvkTR1VWvVHTmvirO5hyzdbPLsL7hbwFe8H80GwEEmc2Nee6FeSM7jmhmNQoi8jp89ZZNvXpE6i7pj0VB8SC3H7xxP21k7zy0MCggEAAIJh//zP5aE9pIXnMbca7WNXgqRL5sBkKFtCyvPSmEQ7zi9AFeCczEm/hQS30XQCzF0eUVKANFEjMVyxoDmbSRp8Cr33PvuGIFju7/3vr6ie36e9Fv/mq9M3lbOGipYDmvPONb85ka8RqcqkyQqnZbemWDmGq1qIRQ1Co8aUtlPPi2ztdASNDeLQssOMnTnbuRO6tii19Dkpl7A4AxnWoepM55ZNoqloxC8jOdHv2TMCxz3c2jS/P86bdjWOjvgFI8hp8SLJzWjKm7LsRBObJ4iW8r1kuTUyKyee23bq+UcpRqdSi3uWnImWAqkOSl/Q7RuN0Ckwq7oKnH8g16eOaw==",
"KeyType": "4096"
},
"Certificates": null
}
}

31
traefik.yml Normal file
View File

@@ -0,0 +1,31 @@
# traefik.yml
# yml file to define traefik global settings. Individual containers get lables to define their own settings
api:
# dashboard: true
insecure: true
providers:
docker:
# Do not expose every container automatically
exposedByDefault: false
entryPoints:
web:
address: ":80"
# Global HTTP -> HTTPS Redirection
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: ":443"
certificatesResolvers:
myresolver:
acme:
email: web-admin@riverrooks.art
storage: /letsencrypt/acme.json
# Use the TLS challenge for domain verification
tlsChallenge: {}

9
whoami.yml Normal file
View File

@@ -0,0 +1,9 @@
services:
whoami:
image: traefik/whoami
labels:
# - "traefik.http.routers.whoami.rule=Host(`whoami.localhost`)"
- "traefik.enable=true"
- "traefik.http.routers.whoami.rule=Host(`whoami.dev`) || Host(`whoami.art`)"
- "traefik.http.routers.whoami.entrypoints=websecure"
- "traefik.http.routers.whoami.tls.certresolver=myresolver"