From 5e6ca292fa827d4ebbedc1f14548e5b523d58f8a Mon Sep 17 00:00:00 2001 From: Andrew Neisch Date: Tue, 26 Mar 2024 22:34:53 -0500 Subject: [PATCH] Traefik local https --- README.md | 4 +- .../homeassistant/docker-compose.yml | 34 +++- .../docker-compose/other/docker-compose.yml | 125 ++++++++++---- .../docker-compose/unified/docker-compose.yml | 159 +++++++++++++----- extras/traefik/dynamic.yaml | 2 + extras/traefik/traefik.yaml | 19 ++- 6 files changed, 259 insertions(+), 84 deletions(-) diff --git a/README.md b/README.md index 7cbaa818..c4011716 100644 --- a/README.md +++ b/README.md @@ -94,14 +94,14 @@ Entities in the [`select`](https://www.home-assistant.io/components/select) doma Entities in the [`sensor`](https://www.home-assistant.io/components/sensor) domain | 442 Entities in the [`siren`](https://www.home-assistant.io/components/siren) domain | 1 Entities in the [`sun`](https://www.home-assistant.io/components/sun) domain | 1 -Entities in the [`switch`](https://www.home-assistant.io/components/switch) domain | 165 +Entities in the [`switch`](https://www.home-assistant.io/components/switch) domain | 164 Entities in the [`timer`](https://www.home-assistant.io/components/timer) domain | 6 Entities in the [`tts`](https://www.home-assistant.io/components/tts) domain | 1 Entities in the [`update`](https://www.home-assistant.io/components/update) domain | 35 Entities in the [`vacuum`](https://www.home-assistant.io/components/vacuum) domain | 1 Entities in the [`weather`](https://www.home-assistant.io/components/weather) domain | 2 Entities in the [`zone`](https://www.home-assistant.io/components/zone) domain | 6 -**Total state objects** | **1288** +**Total state objects** | **1287** ## The HACS integrations/plugins that I use: **Appdaemon**:
[aneisch/follow_me_appdaemon](https://github.com/aneisch/follow_me_appdaemon)
diff --git a/extras/docker-compose/homeassistant/docker-compose.yml b/extras/docker-compose/homeassistant/docker-compose.yml index 329b5cb8..518fd2eb 100644 --- a/extras/docker-compose/homeassistant/docker-compose.yml +++ b/extras/docker-compose/homeassistant/docker-compose.yml @@ -13,7 +13,13 @@ services: - traefik.http.services.assist.loadbalancer.server.port=8123 - traefik.http.routers.assist.service=assist # HTTP Local Only - - traefik.http.routers.assist_local.entrypoints=web + # - traefik.http.routers.assist_local.entrypoints=web + # - traefik.http.routers.assist_local.rule=Host(`assist.home.domain.com`) + # - traefik.http.routers.assist_local.service=assist + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.assist_local.tls=true + - traefik.http.routers.assist_local.tls.certResolver=le-home + - traefik.http.routers.assist_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.assist_local.rule=Host(`assist.home.domain.com`) - traefik.http.routers.assist_local.service=assist volumes: @@ -108,7 +114,13 @@ services: - traefik.http.services.nodered.loadbalancer.server.port=1880 - traefik.http.routers.nodered.service=nodered # HTTP Local Only - - traefik.http.routers.nodered_local.entrypoints=web + # - traefik.http.routers.nodered_local.entrypoints=web + # - traefik.http.routers.nodered_local.rule=Host(`nodered.home.domain.com`) + # - traefik.http.routers.nodered_local.service=nodered + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.nodered_local.tls=true + - traefik.http.routers.nodered_local.tls.certResolver=le-home + - traefik.http.routers.nodered_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.nodered_local.rule=Host(`nodered.home.domain.com`) - traefik.http.routers.nodered_local.service=nodered @@ -139,7 +151,13 @@ services: - traefik.http.services.appdaemon.loadbalancer.server.port=8888 - traefik.http.routers.appdaemon.service=appdaemon # HTTP Local Only - - traefik.http.routers.appdaemon_local.entrypoints=web + # - traefik.http.routers.appdaemon_local.entrypoints=web + # - traefik.http.routers.appdaemon_local.rule=Host(`appdaemon.home.domain.com`) + # - traefik.http.routers.appdaemon_local.service=appdaemon + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.appdaemon_local.tls=true + - traefik.http.routers.appdaemon_local.tls.certResolver=le-home + - traefik.http.routers.appdaemon_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.appdaemon_local.rule=Host(`appdaemon.home.domain.com`) - traefik.http.routers.appdaemon_local.service=appdaemon @@ -183,9 +201,15 @@ services: - traefik.http.services.zwavejs.loadbalancer.server.port=8091 - traefik.http.routers.zwavejs.service=zwavejs # HTTP Local Only - - traefik.http.routers.zwavejs_local.entrypoints=web + # - traefik.http.routers.zwavejs_local.entrypoints=web + # - traefik.http.routers.zwavejs_local.rule=Host(`zwavejs.home.domain.com`) + # - traefik.http.routers.zwavejs_local.service=zwavejs + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.zwavejs_local.tls=true + - traefik.http.routers.zwavejs_local.tls.certResolver=le-home + - traefik.http.routers.zwavejs_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.zwavejs_local.rule=Host(`zwavejs.home.domain.com`) - - traefik.http.routers.zwavejs_local.service=zwavejs + - traefik.http.routers.zwavejs_local.service=zwavejs cellular_message_relay_sim7080g: container_name: cellular_message_relay_sim7080g diff --git a/extras/docker-compose/other/docker-compose.yml b/extras/docker-compose/other/docker-compose.yml index 2ed12716..93b0655f 100644 --- a/extras/docker-compose/other/docker-compose.yml +++ b/extras/docker-compose/other/docker-compose.yml @@ -21,10 +21,15 @@ services: labels: # HTTP Local Only - traefik.enable=true - - traefik.http.routers.plex_local.entrypoints=web + - traefik.http.services.plex.loadbalancer.server.port=32400 + # - traefik.http.routers.plex_local.entrypoints=web + # - traefik.http.routers.plex_local.rule=Host(`plex.home.domain.com`) + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.plex_local.tls=true + - traefik.http.routers.plex_local.tls.certResolver=le-home + - traefik.http.routers.plex_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.plex_local.rule=Host(`plex.home.domain.com`) - - traefik.http.services.plex_local.loadbalancer.server.port=32400 - - traefik.http.routers.plex_local.service=plex_local + - traefik.http.routers.plex_local.service=plex portainer: container_name: portainer @@ -48,7 +53,13 @@ services: - traefik.http.services.portainer.loadbalancer.server.port=9000 - traefik.http.routers.portainer.service=portainer # HTTP Local Only - - traefik.http.routers.portainer_local.entrypoints=web + # - traefik.http.routers.portainer_local.entrypoints=web + # - traefik.http.routers.portainer_local.rule=Host(`portainer.home.domain.com`) + # - traefik.http.routers.portainer_local.service=portainer + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.portainer_local.tls=true + - traefik.http.routers.portainer_local.tls.certResolver=le-home + - traefik.http.routers.portainer_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.portainer_local.rule=Host(`portainer.home.domain.com`) - traefik.http.routers.portainer_local.service=portainer @@ -98,7 +109,13 @@ services: - traefik.http.services.esphome.loadbalancer.server.port=6052 - traefik.http.routers.esphome.service=esphome # HTTP Local Only - - traefik.http.routers.esphome_local.entrypoints=web + # - traefik.http.routers.esphome_local.entrypoints=web + # - traefik.http.routers.esphome_local.rule=Host(`esphome.home.domain.com`) + # - traefik.http.routers.esphome_local.service=esphome + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.esphome_local.tls=true + - traefik.http.routers.esphome_local.tls.certResolver=le-home + - traefik.http.routers.esphome_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.esphome_local.rule=Host(`esphome.home.domain.com`) - traefik.http.routers.esphome_local.service=esphome @@ -202,7 +219,13 @@ services: - traefik.http.routers.vscode.rule=Host(`vscode.domain.com`) - traefik.http.services.vscode.loadbalancer.server.port=1337 # HTTP Local Only - - traefik.http.routers.vscode_local.entrypoints=web + # - traefik.http.routers.vscode_local.entrypoints=web + # - traefik.http.routers.vscode_local.rule=Host(`vscode.home.domain.com`) + # - traefik.http.routers.vscode_local.service=vscode + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.vscode_local.tls=true + - traefik.http.routers.vscode_local.tls.certResolver=le-home + - traefik.http.routers.vscode_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.vscode_local.rule=Host(`vscode.home.domain.com`) - traefik.http.routers.vscode_local.service=vscode @@ -257,10 +280,17 @@ services: - traefik.http.services.adguard.loadbalancer.server.port=8080 - traefik.http.routers.adguard.service=adguard # HTTP Local Only - - traefik.http.routers.adguard_local.entrypoints=web + # - traefik.http.routers.adguard_local.entrypoints=web + # - traefik.http.routers.adguard_local.rule=Host(`adguard.home.domain.com`) + # - traefik.http.routers.adguard_local.service=adguard + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.adguard_local.tls=true + - traefik.http.routers.adguard_local.tls.certResolver=le-home + - traefik.http.routers.adguard_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.adguard_local.rule=Host(`adguard.home.domain.com`) - traefik.http.routers.adguard_local.service=adguard + # recipes: # # Public consumption at VPS, duplicated locally for home use though # container_name: recipes @@ -357,9 +387,17 @@ services: - traefik.http.routers.traefik_https.tls=true - traefik.http.routers.traefik_https.service=api@internal # HTTP Local Only - - traefik.http.routers.traefik_local.entrypoints=web + # - traefik.http.routers.traefik_local.entrypoints=web + # - traefik.http.routers.traefik_local.rule=Host(`traefik.home.domain.com`) + # - traefik.http.routers.traefik_local.service=api@internal + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.traefik_local.tls=true + - traefik.http.routers.traefik_local.tls.certResolver=le-home + - traefik.http.routers.traefik_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.traefik_local.rule=Host(`traefik.home.domain.com`) - traefik.http.routers.traefik_local.service=api@internal + environment: + - CF_DNS_API_TOKEN=SECRET cloudflared: container_name: cloudflared @@ -528,12 +566,19 @@ services: - traefik.http.services.frigate.loadbalancer.server.port=5000 - traefik.http.routers.frigate.service=frigate # HTTP Local Only - - traefik.http.routers.frigate_local.entrypoints=web - - traefik.http.routers.frigate_local.rule=Host(`frigate.home.domain.com`) - - traefik.http.routers.frigate_local.service=frigate + # - traefik.http.routers.frigate_local.entrypoints=web + # - traefik.http.routers.frigate_local.rule=Host(`frigate.home.domain.com`) + # - traefik.http.routers.frigate_local.service=frigate - traefik.http.routers.frigatelocal.entrypoints=web - traefik.http.routers.frigatelocal.rule=Host(`frigatelocal`) - traefik.http.routers.frigatelocal.service=frigate + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.frigate_local.tls=true + - traefik.http.routers.frigate_local.tls.certResolver=le-home + - traefik.http.routers.frigate_local.tls.domains[0].main=*.home.domain.com + - traefik.http.routers.frigate_local.rule=Host(`frigate.home.domain.com`) + - traefik.http.routers.frigate_local.service=frigate + environment: - PLUS_API_KEY=secret - TZ=America/Chicago @@ -551,10 +596,16 @@ services: labels: # HTTP Local Only - traefik.enable=true - - traefik.http.routers.codeproject_local.entrypoints=web - - traefik.http.services.codeproject_local.loadbalancer.server.port=32168 + - traefik.http.services.codeproject.loadbalancer.server.port=32168 + # - traefik.http.routers.codeproject_local.entrypoints=web + # - traefik.http.routers.codeproject_local.rule=Host(`codeproject.home.domain.com`) + # - traefik.http.routers.codeproject_local.service=codeproject_local + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.codeproject_local.tls=true + - traefik.http.routers.codeproject_local.tls.certResolver=le-home + - traefik.http.routers.codeproject_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.codeproject_local.rule=Host(`codeproject.home.domain.com`) - - traefik.http.routers.codeproject_local.service=codeproject_local + - traefik.http.routers.codeproject_local.service=codeproject auto-southwest: image: jdholtz/auto-southwest-check-in:develop @@ -570,25 +621,25 @@ services: - "southwest.py" - "--verbose" - ha-fusion: - container_name: ha-fusion - image: ghcr.io/matt8707/ha-fusion - volumes: - - /opt/ha-fusion/data:/app/data - #ports: - # - 5050:5050 - environment: - - TZ=America/Chicago - - HASS_URL=http://10.0.1.22:8123 - restart: always - labels: - # HTTPS for CF - - traefik.enable=true - - traefik.http.services.ha_fusion_local.loadbalancer.server.port=5050 - # HTTP Local Only - - traefik.http.routers.ha_fusion_local.entrypoints=web - - traefik.http.routers.ha_fusion_local.rule=Host(`ha-fusion.home.domain.com`) - - traefik.http.routers.ha_fusion_local.service=ha_fusion_local + # ha-fusion: + # container_name: ha-fusion + # image: ghcr.io/matt8707/ha-fusion + # volumes: + # - /opt/ha-fusion/data:/app/data + # #ports: + # # - 5050:5050 + # environment: + # - TZ=America/Chicago + # - HASS_URL=http://10.0.1.22:8123 + # restart: always + # labels: + # # HTTPS for CF + # - traefik.enable=true + # - traefik.http.services.ha_fusion_local.loadbalancer.server.port=5050 + # # HTTP Local Only + # - traefik.http.routers.ha_fusion_local.entrypoints=web + # - traefik.http.routers.ha_fusion_local.rule=Host(`ha-fusion.home.domain.com`) + # - traefik.http.routers.ha_fusion_local.service=ha_fusion_local mealie: image: ghcr.io/mealie-recipes/mealie:latest @@ -615,7 +666,13 @@ services: - traefik.http.services.recipes.loadbalancer.server.port=9000 - traefik.http.routers.recipes.service=recipes # HTTP Local Only - - traefik.http.routers.recipes_local.entrypoints=web + # - traefik.http.routers.recipes_local.entrypoints=web + # - traefik.http.routers.recipes_local.rule=Host(`recipes.home.domain.com`) + # - traefik.http.routers.recipes_local.service=recipes + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.recipes_local.tls=true + - traefik.http.routers.recipes_local.tls.certResolver=le-home + - traefik.http.routers.recipes_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.recipes_local.rule=Host(`recipes.home.domain.com`) - traefik.http.routers.recipes_local.service=recipes diff --git a/extras/docker-compose/unified/docker-compose.yml b/extras/docker-compose/unified/docker-compose.yml index 2c63a9fc..6637d323 100644 --- a/extras/docker-compose/unified/docker-compose.yml +++ b/extras/docker-compose/unified/docker-compose.yml @@ -14,7 +14,13 @@ services: - traefik.http.services.assist.loadbalancer.server.port=8123 - traefik.http.routers.assist.service=assist # HTTP Local Only - - traefik.http.routers.assist_local.entrypoints=web + # - traefik.http.routers.assist_local.entrypoints=web + # - traefik.http.routers.assist_local.rule=Host(`assist.home.domain.com`) + # - traefik.http.routers.assist_local.service=assist + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.assist_local.tls=true + - traefik.http.routers.assist_local.tls.certResolver=le-home + - traefik.http.routers.assist_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.assist_local.rule=Host(`assist.home.domain.com`) - traefik.http.routers.assist_local.service=assist volumes: @@ -109,7 +115,13 @@ services: - traefik.http.services.nodered.loadbalancer.server.port=1880 - traefik.http.routers.nodered.service=nodered # HTTP Local Only - - traefik.http.routers.nodered_local.entrypoints=web + # - traefik.http.routers.nodered_local.entrypoints=web + # - traefik.http.routers.nodered_local.rule=Host(`nodered.home.domain.com`) + # - traefik.http.routers.nodered_local.service=nodered + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.nodered_local.tls=true + - traefik.http.routers.nodered_local.tls.certResolver=le-home + - traefik.http.routers.nodered_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.nodered_local.rule=Host(`nodered.home.domain.com`) - traefik.http.routers.nodered_local.service=nodered @@ -140,7 +152,13 @@ services: - traefik.http.services.appdaemon.loadbalancer.server.port=8888 - traefik.http.routers.appdaemon.service=appdaemon # HTTP Local Only - - traefik.http.routers.appdaemon_local.entrypoints=web + # - traefik.http.routers.appdaemon_local.entrypoints=web + # - traefik.http.routers.appdaemon_local.rule=Host(`appdaemon.home.domain.com`) + # - traefik.http.routers.appdaemon_local.service=appdaemon + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.appdaemon_local.tls=true + - traefik.http.routers.appdaemon_local.tls.certResolver=le-home + - traefik.http.routers.appdaemon_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.appdaemon_local.rule=Host(`appdaemon.home.domain.com`) - traefik.http.routers.appdaemon_local.service=appdaemon @@ -184,9 +202,15 @@ services: - traefik.http.services.zwavejs.loadbalancer.server.port=8091 - traefik.http.routers.zwavejs.service=zwavejs # HTTP Local Only - - traefik.http.routers.zwavejs_local.entrypoints=web + # - traefik.http.routers.zwavejs_local.entrypoints=web + # - traefik.http.routers.zwavejs_local.rule=Host(`zwavejs.home.domain.com`) + # - traefik.http.routers.zwavejs_local.service=zwavejs + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.zwavejs_local.tls=true + - traefik.http.routers.zwavejs_local.tls.certResolver=le-home + - traefik.http.routers.zwavejs_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.zwavejs_local.rule=Host(`zwavejs.home.domain.com`) - - traefik.http.routers.zwavejs_local.service=zwavejs + - traefik.http.routers.zwavejs_local.service=zwavejs cellular_message_relay_sim7080g: container_name: cellular_message_relay_sim7080g @@ -227,10 +251,15 @@ services: labels: # HTTP Local Only - traefik.enable=true - - traefik.http.routers.plex_local.entrypoints=web + - traefik.http.services.plex.loadbalancer.server.port=32400 + # - traefik.http.routers.plex_local.entrypoints=web + # - traefik.http.routers.plex_local.rule=Host(`plex.home.domain.com`) + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.plex_local.tls=true + - traefik.http.routers.plex_local.tls.certResolver=le-home + - traefik.http.routers.plex_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.plex_local.rule=Host(`plex.home.domain.com`) - - traefik.http.services.plex_local.loadbalancer.server.port=32400 - - traefik.http.routers.plex_local.service=plex_local + - traefik.http.routers.plex_local.service=plex portainer: container_name: portainer @@ -254,7 +283,13 @@ services: - traefik.http.services.portainer.loadbalancer.server.port=9000 - traefik.http.routers.portainer.service=portainer # HTTP Local Only - - traefik.http.routers.portainer_local.entrypoints=web + # - traefik.http.routers.portainer_local.entrypoints=web + # - traefik.http.routers.portainer_local.rule=Host(`portainer.home.domain.com`) + # - traefik.http.routers.portainer_local.service=portainer + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.portainer_local.tls=true + - traefik.http.routers.portainer_local.tls.certResolver=le-home + - traefik.http.routers.portainer_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.portainer_local.rule=Host(`portainer.home.domain.com`) - traefik.http.routers.portainer_local.service=portainer @@ -304,7 +339,13 @@ services: - traefik.http.services.esphome.loadbalancer.server.port=6052 - traefik.http.routers.esphome.service=esphome # HTTP Local Only - - traefik.http.routers.esphome_local.entrypoints=web + # - traefik.http.routers.esphome_local.entrypoints=web + # - traefik.http.routers.esphome_local.rule=Host(`esphome.home.domain.com`) + # - traefik.http.routers.esphome_local.service=esphome + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.esphome_local.tls=true + - traefik.http.routers.esphome_local.tls.certResolver=le-home + - traefik.http.routers.esphome_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.esphome_local.rule=Host(`esphome.home.domain.com`) - traefik.http.routers.esphome_local.service=esphome @@ -408,7 +449,13 @@ services: - traefik.http.routers.vscode.rule=Host(`vscode.domain.com`) - traefik.http.services.vscode.loadbalancer.server.port=1337 # HTTP Local Only - - traefik.http.routers.vscode_local.entrypoints=web + # - traefik.http.routers.vscode_local.entrypoints=web + # - traefik.http.routers.vscode_local.rule=Host(`vscode.home.domain.com`) + # - traefik.http.routers.vscode_local.service=vscode + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.vscode_local.tls=true + - traefik.http.routers.vscode_local.tls.certResolver=le-home + - traefik.http.routers.vscode_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.vscode_local.rule=Host(`vscode.home.domain.com`) - traefik.http.routers.vscode_local.service=vscode @@ -463,10 +510,17 @@ services: - traefik.http.services.adguard.loadbalancer.server.port=8080 - traefik.http.routers.adguard.service=adguard # HTTP Local Only - - traefik.http.routers.adguard_local.entrypoints=web + # - traefik.http.routers.adguard_local.entrypoints=web + # - traefik.http.routers.adguard_local.rule=Host(`adguard.home.domain.com`) + # - traefik.http.routers.adguard_local.service=adguard + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.adguard_local.tls=true + - traefik.http.routers.adguard_local.tls.certResolver=le-home + - traefik.http.routers.adguard_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.adguard_local.rule=Host(`adguard.home.domain.com`) - traefik.http.routers.adguard_local.service=adguard + # recipes: # # Public consumption at VPS, duplicated locally for home use though # container_name: recipes @@ -563,9 +617,17 @@ services: - traefik.http.routers.traefik_https.tls=true - traefik.http.routers.traefik_https.service=api@internal # HTTP Local Only - - traefik.http.routers.traefik_local.entrypoints=web + # - traefik.http.routers.traefik_local.entrypoints=web + # - traefik.http.routers.traefik_local.rule=Host(`traefik.home.domain.com`) + # - traefik.http.routers.traefik_local.service=api@internal + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.traefik_local.tls=true + - traefik.http.routers.traefik_local.tls.certResolver=le-home + - traefik.http.routers.traefik_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.traefik_local.rule=Host(`traefik.home.domain.com`) - traefik.http.routers.traefik_local.service=api@internal + environment: + - CF_DNS_API_TOKEN=SECRET cloudflared: container_name: cloudflared @@ -734,12 +796,19 @@ services: - traefik.http.services.frigate.loadbalancer.server.port=5000 - traefik.http.routers.frigate.service=frigate # HTTP Local Only - - traefik.http.routers.frigate_local.entrypoints=web - - traefik.http.routers.frigate_local.rule=Host(`frigate.home.domain.com`) - - traefik.http.routers.frigate_local.service=frigate + # - traefik.http.routers.frigate_local.entrypoints=web + # - traefik.http.routers.frigate_local.rule=Host(`frigate.home.domain.com`) + # - traefik.http.routers.frigate_local.service=frigate - traefik.http.routers.frigatelocal.entrypoints=web - traefik.http.routers.frigatelocal.rule=Host(`frigatelocal`) - traefik.http.routers.frigatelocal.service=frigate + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.frigate_local.tls=true + - traefik.http.routers.frigate_local.tls.certResolver=le-home + - traefik.http.routers.frigate_local.tls.domains[0].main=*.home.domain.com + - traefik.http.routers.frigate_local.rule=Host(`frigate.home.domain.com`) + - traefik.http.routers.frigate_local.service=frigate + environment: - PLUS_API_KEY=secret - TZ=America/Chicago @@ -757,10 +826,16 @@ services: labels: # HTTP Local Only - traefik.enable=true - - traefik.http.routers.codeproject_local.entrypoints=web - - traefik.http.services.codeproject_local.loadbalancer.server.port=32168 + - traefik.http.services.codeproject.loadbalancer.server.port=32168 + # - traefik.http.routers.codeproject_local.entrypoints=web + # - traefik.http.routers.codeproject_local.rule=Host(`codeproject.home.domain.com`) + # - traefik.http.routers.codeproject_local.service=codeproject_local + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.codeproject_local.tls=true + - traefik.http.routers.codeproject_local.tls.certResolver=le-home + - traefik.http.routers.codeproject_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.codeproject_local.rule=Host(`codeproject.home.domain.com`) - - traefik.http.routers.codeproject_local.service=codeproject_local + - traefik.http.routers.codeproject_local.service=codeproject auto-southwest: image: jdholtz/auto-southwest-check-in:develop @@ -776,25 +851,25 @@ services: - "southwest.py" - "--verbose" - ha-fusion: - container_name: ha-fusion - image: ghcr.io/matt8707/ha-fusion - volumes: - - /opt/ha-fusion/data:/app/data - #ports: - # - 5050:5050 - environment: - - TZ=America/Chicago - - HASS_URL=http://10.0.1.22:8123 - restart: always - labels: - # HTTPS for CF - - traefik.enable=true - - traefik.http.services.ha_fusion_local.loadbalancer.server.port=5050 - # HTTP Local Only - - traefik.http.routers.ha_fusion_local.entrypoints=web - - traefik.http.routers.ha_fusion_local.rule=Host(`ha-fusion.home.domain.com`) - - traefik.http.routers.ha_fusion_local.service=ha_fusion_local + # ha-fusion: + # container_name: ha-fusion + # image: ghcr.io/matt8707/ha-fusion + # volumes: + # - /opt/ha-fusion/data:/app/data + # #ports: + # # - 5050:5050 + # environment: + # - TZ=America/Chicago + # - HASS_URL=http://10.0.1.22:8123 + # restart: always + # labels: + # # HTTPS for CF + # - traefik.enable=true + # - traefik.http.services.ha_fusion_local.loadbalancer.server.port=5050 + # # HTTP Local Only + # - traefik.http.routers.ha_fusion_local.entrypoints=web + # - traefik.http.routers.ha_fusion_local.rule=Host(`ha-fusion.home.domain.com`) + # - traefik.http.routers.ha_fusion_local.service=ha_fusion_local mealie: image: ghcr.io/mealie-recipes/mealie:latest @@ -821,7 +896,13 @@ services: - traefik.http.services.recipes.loadbalancer.server.port=9000 - traefik.http.routers.recipes.service=recipes # HTTP Local Only - - traefik.http.routers.recipes_local.entrypoints=web + # - traefik.http.routers.recipes_local.entrypoints=web + # - traefik.http.routers.recipes_local.rule=Host(`recipes.home.domain.com`) + # - traefik.http.routers.recipes_local.service=recipes + # HTTPS Local Only (with 80-->443 redirect) + - traefik.http.routers.recipes_local.tls=true + - traefik.http.routers.recipes_local.tls.certResolver=le-home + - traefik.http.routers.recipes_local.tls.domains[0].main=*.home.domain.com - traefik.http.routers.recipes_local.rule=Host(`recipes.home.domain.com`) - traefik.http.routers.recipes_local.service=recipes diff --git a/extras/traefik/dynamic.yaml b/extras/traefik/dynamic.yaml index ab85747e..844b44a4 100644 --- a/extras/traefik/dynamic.yaml +++ b/extras/traefik/dynamic.yaml @@ -10,6 +10,7 @@ http: serversTransports: skipVerify: insecureSkipVerify: true + routers: pfsense: entryPoints: @@ -29,6 +30,7 @@ http: service: plane rule: host(`plane.domain.com`) tls: true + services: plane: loadBalancer: diff --git a/extras/traefik/traefik.yaml b/extras/traefik/traefik.yaml index aac79d43..b939204c 100644 --- a/extras/traefik/traefik.yaml +++ b/extras/traefik/traefik.yaml @@ -6,9 +6,9 @@ entryPoints: web: address: ":80" http: - # redirections: - # entryPoint: - # to: websecure + redirections: + entryPoint: + to: websecure websecure: address: ":443" @@ -23,4 +23,15 @@ providers: exposedByDefault: false file: directory: "/etc/traefik" - watch: true \ No newline at end of file + watch: true + +certificatesResolvers: + le-home: + acme: + dnsChallenge: + provider: cloudflare + email: "EMAIL" + storage: "/etc/traefik/acme.json" + +log: + level: DEBUG \ No newline at end of file