From 1a2da73a7a0ea42bbabd7c4d43ac87976cfd38c9 Mon Sep 17 00:00:00 2001 From: Lucas Date: Wed, 4 Jun 2025 12:50:37 +0000 Subject: [PATCH] Initial commit --- .gitignore | 0 Caddyfile | 73 ++++++++++++++++++++++++++++++++++++++++++++++ README.md | 45 ++++++++++++++++++++++++++++ docker-compose.yml | 23 +++++++++++++++ refresh-caddyfile | 6 ++++ 5 files changed, 147 insertions(+) create mode 100644 .gitignore create mode 100644 Caddyfile create mode 100644 README.md create mode 100644 docker-compose.yml create mode 100755 refresh-caddyfile diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/Caddyfile b/Caddyfile new file mode 100644 index 0000000..605090f --- /dev/null +++ b/Caddyfile @@ -0,0 +1,73 @@ +lucasroyer.fr { + reverse_proxy site-perso:80 + tls litvak@outlook.fr +} +pro.lucasroyer.fr { + reverse_proxy site-pro:80 + tls litvak@outlook.fr +} +lechantdutombereau.fr { + reverse_proxy site-tombereau:80 + tls litvak@outlook.fr +} +nextcloud.lucasroyer.fr { + reverse_proxy nextcloud-web:80 + tls litvak@outlook.fr +} +onlyoffice.lucasroyer.fr { + reverse_proxy onlyoffice-document-server:80 + tls litvak@outlook.fr +} +vaultwarden.lucasroyer.fr { + reverse_proxy vaultwarden:80 + tls litvak@outlook.fr +} +joplin.lucasroyer.fr { + reverse_proxy joplin-app:22300 + tls litvak@outlook.fr +} +gitea.lucasroyer.fr { + reverse_proxy gitea-app:3000 + tls litvak@outlook.fr +} +kuma.lucasroyer.fr { + reverse_proxy uptime-kuma:3001 { + transport http { + versions h1 h2 + } + header_up Host {host} + } + tls litvak@outlook.fr +} +uptime-cyrus.lucasroyer.fr { + reverse_proxy uptime-kuma-cyrus:3001 { + transport http { + versions h1 h2 + } + header_up Host {host} + } + tls litvak@outlook.fr +} +ntfy.lucasroyer.fr { + reverse_proxy ntfy:80 + tls litvak@outlook.fr +} +syncthing.lucasroyer.fr { + reverse_proxy syncthing:8384 + reverse_proxy syncthing:22000 + tls litvak@outlook.fr +} +# test.lucasroyer.fr { +# reverse_proxy linkstack:443 { +# transport http { +# tls_insecure_skip_verify +# } +# } +# } +test.lucasroyer.fr { + reverse_proxy drupal:443 +} +veloboomboom.internantes.ovh { + reverse_proxy site-veloboomboom:80 + tls litvak@outlook.fr +} diff --git a/README.md b/README.md new file mode 100644 index 0000000..16a30c9 --- /dev/null +++ b/README.md @@ -0,0 +1,45 @@ +## Reverse-proxy Caddy avec Docker Compose + +Un reverse proxy est un serveur qui se situe entre les utilisateurs et les serveurs internes, et qui redirige le trafic en fonction des demandes (par exemple, vers différents services web). Il peut améliorer la sécurité, la gestion du trafic et l'optimisation des performances. https://caddyserver.com/ + +## Prérequis + +- Git, Docker & Docker Compose installés + +- Cette installation est faite pour fonctionner derrière un reverse-proxy. Exemple ici : https://gitea.lucasroyer.fr/server/reverse-proxy + +## Installation + +1. Clonez ce dépôt : +```bash +git clone https://gitea.lucasroyer.fr/server/gitea.git +cd gitea +``` +2. Modifiez app.env pour ajouter un mot de passe en remplaçant `mypassword` : +```bash +cp app.public.env app.env +nano app.env +``` + +```ini +GITEA__database__DB_TYPE=postgres +GITEA__database__HOST=db:5432 +GITEA__database__NAME=gitea +GITEA__database__USER=gitea +GITEA__database__PASSWD=mypassword #replace +``` +2. Modifiez db.env avec le même mot de passe : +```bash +cp db.public.env db.env +nano db.env +``` +```ini +POSTGRES_USER=gitea +POSTGRES_PASSWORD=mypassword #replace +POSTGRES_DB=gitea +``` +4. Lancez et surveillez les conteneurs : +```bash +sudo docker compose up -d +sudo docker compose logs -f +``` diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..4aa7abe --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,23 @@ +services: + caddy: + image: caddy:latest + container_name: caddy-reverse-proxy + restart: always + volumes: + - ./Caddyfile:/etc/caddy/Caddyfile + - caddy_data:/data + - caddy_config:/config + networks: + - reverse-proxy + ports: + - "80:80" + - "443:443" + - "443:443/udp" + +volumes: + caddy_data: + caddy_config: + +networks: + reverse-proxy: + external: true diff --git a/refresh-caddyfile b/refresh-caddyfile new file mode 100755 index 0000000..504f297 --- /dev/null +++ b/refresh-caddyfile @@ -0,0 +1,6 @@ +#!/bin/bash + +sudo docker exec caddy-reverse-proxy caddy fmt --overwrite /etc/caddy/Caddyfile +sudo docker exec caddy-reverse-proxy caddy reload --config /etc/caddy/Caddyfile + +echo 'Caddyfile reloaded'