vonProteus/docker-rpi
vonProteus/docker-rpi
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

traefik locally and pihole

Browse Source 
master
This commit is contained in:
Maciej Krok 2021-01-23 10:55:13 +01:00
parent 7a14570601
commit 1770a57860
3 changed files with 90 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
pihole/pihole.yaml Normal file
View File

@ -0,0 +1,59 @@
version: "3.4"
services:
pihole:
image: pihole/pihole:latest
ports:
- target: 53
published: 53
protocol: tcp
mode: host
- target: 53
published: 53
protocol: udp
mode: host
- target: 67
published: 67
protocol: udp
mode: host
environment:
TZ: 'Europe/Warsaw'
DNS1: "8.8.8.8"
DNS2: "1.1.1.1"
cap_add:
- CAP_NET_BIND_SERVICE
- NET_ADMIN
networks:
- external
- traefik-net
volumes:
- pihole_etc:/etc/pihole/
- pihole_dnsmasq:/etc/dnsmasq.d/
- "/etc/resolv.conf:/etc/resolv.conf:ro"
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: any
delay: 5s
labels:
traefik.enable: "true"
traefik.frontend.rule: "Host:${HOST}"
traefik.port: 80
traefik.frontend.entryPoints: localhttp,localhttps
traefik.docker.network: traefik-net
traefik.frontend.headers.STSSeconds: 63072000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
volumes:
pihole_dnsmasq:
pihole_etc:
networks:
external:
traefik-net:
external: true
### Environment variables
# HOST

32
traefik/traefik.yaml
View File

@ -10,9 +10,10 @@ services:
- --api.entryPoint=traefik
- --api.dashboard=true
- --debug=false
- --entryPoints=Name:http Address::80 Compress:true Redirect.EntryPoint:https
- --entryPoints=Name:https Address::443 TLS Compress:true TLS.MinVersion:VersionTLS12 TLS.CipherSuites:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- --logLevel=INFO
- --entryPoints=Name:http Address::1380 Compress:true Redirect.EntryPoint:https
- --entryPoints=Name:https Address::13443 TLS Compress:true TLS.MinVersion:VersionTLS12 TLS.CipherSuites:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- --entryPoints=Name:localhttp Address::80 Compress:true Redirect.EntryPoint:localhttps
- --entryPoints=Name:localhttps Address::443 TLS Compress:true TLS.MinVersion:VersionTLS12 TLS.CipherSuites:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - --logLevel=INFO
- --accessLog.format=json
- --docker
- --docker.endpoint=unix:///var/run/docker.sock
@ -34,6 +35,14 @@ services:
published: 443
protocol: tcp
mode: host
- target: 1380
published: ${PUBLICHTTPPORT}
protocol: tcp
mode: host
- target: 13443
published: ${PUBLICHTTPSPORT}
protocol: tcp
mode: host
- target: 8080
published: ${ADMINPORT}
protocol: tcp
@ -42,6 +51,7 @@ services:
- /var/run/docker.sock:/var/run/docker.sock
- acmeData:/acme
- tmp:/tmp
- tlsData:/tls
networks:
- traefik-net
- external
@ -50,6 +60,19 @@ services:
placement:
constraints:
- node.role == manager
restart_policy:
condition: any
delay: 5s
labels:
traefik.enable: "true"
traefik.frontend.rule: "Host:traefik.lan"
traefik.port: 8080
traefik.frontend.entryPoints: localhttp,localhttps
traefik.docker.network: traefik-net
traefik.frontend.headers.STSSeconds: 63072000
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
networks:
external:
traefik-net:
@ -58,10 +81,13 @@ networks:
volumes:
acmeData:
tlsData:
tmp:
### Environment variables
# ADMINPORT 8080
# PUBLICHTTPPORT 1380
# PUBLICHTTPSPORT 13443
# DOCKER_DOMAIN
# ACME_EMAIL

2
wordpress/wordpress.yaml
View File

@ -1,4 +1,4 @@
version: '3'
version: '3.4'
services:
db: