73 lines
2.2 KiB
YAML
73 lines
2.2 KiB
YAML
#### NETWORKS
|
|
networks:
|
|
docker-traefik_front_network:
|
|
external: true
|
|
back_network:
|
|
driver: bridge
|
|
attachable: true
|
|
external: false
|
|
|
|
#### SERVICES
|
|
services:
|
|
### openvpn-tcp
|
|
openvpn-tcp:
|
|
container_name: openvpn-tcp
|
|
hostname: openvpn-tcp
|
|
image: kylemanna/openvpn:2.4
|
|
command: ovpn_run --proto tcp
|
|
volumes:
|
|
- ./data/openvpn:/etc/openvpn
|
|
networks:
|
|
- docker-traefik_front_network
|
|
cap_add:
|
|
- NET_ADMIN
|
|
restart: always
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=traefik_front_network"
|
|
- "traefik.tcp.services.openvpn-tcp.loadBalancer.server.port=1194"
|
|
# openvpn does not not support SNI, we provide wildcard
|
|
- "traefik.tcp.routers.openvpn-tcp.rule=HostSNI(`*`)"
|
|
- "traefik.tcp.routers.openvpn-tcp.entrypoints=websecure"
|
|
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=traefik_front_network"
|
|
# HTTP
|
|
- "traefik.http.routers.gitea-http.rule=Host(`gitea.traefik.me`)"
|
|
|
|
- "traefik.http.routers.gitea-http.entrypoints=http"
|
|
# HTTPS
|
|
- "traefik.http.routers.gitea-https.rule=Host(`gitea.traefik.me`)"
|
|
- "traefik.http.routers.gitea-https.entrypoints=https"
|
|
- "traefik.http.routers.gitea-https.tls=true"
|
|
- "traefik.http.routers.gitea.service=gitea-service"
|
|
# SSH
|
|
- "traefik.tcp.routers.gitea-ssh.rule=HostSNI(`*`)"
|
|
- "traefik.tcp.routers.gitea-ssh.entrypoints=ssh"
|
|
- "traefik.tcp.routers.gitea-ssh.service=gitea-ssh-service"
|
|
# Middleware
|
|
# Service
|
|
- "traefik.http.services.gitea-service.loadbalancer.server.port=3000"
|
|
- "traefik.tcp.services.gitea-ssh-service.loadbalancer.server.port=22"
|
|
|
|
### openvpn-udp
|
|
openvpn-udp:
|
|
container_name: openvpn-udp
|
|
hostname: openvpn-udp
|
|
image: kylemanna/openvpn:2.4
|
|
command: ovpn_run --proto udp
|
|
volumes:
|
|
- ./data/openvpn:/etc/openvpn
|
|
networks:
|
|
- docker-traefik_front_network
|
|
cap_add:
|
|
- NET_ADMIN
|
|
restart: always
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=traefik_front_network"
|
|
- "traefik.udp.services.openvpn-udp.loadBalancer.server.port=1194"
|
|
- "traefik.udp.routers.openvpn-udp.service=openvpn-udp"
|
|
- "traefik.udp.routers.openvpn-udp.entrypoints=openvpn"
|