0
0

Modified ports

This commit is contained in:
Opnxng 2023-11-10 12:35:16 +08:00
parent 5a4e130b58
commit 335d5800b5
5 changed files with 54 additions and 47 deletions

View File

@ -11,7 +11,7 @@ services:
- PGID=1000
- TZ=Asia/Singapore
ports:
- 9091:9091
- 8888:9091
volumes:
- {{ docker_dir }}/authelia:/config
restart: unless-stopped

View File

@ -28,7 +28,7 @@ services:
depends_on:
- gitea-db
ports:
- "3000:3000"
- "8885:3000"
networks:
- gitea

View File

@ -23,7 +23,7 @@ services:
- {{ docker_dir }}/ntfy/user.db:/var/lib/ntfy/user.db
restart: unless-stopped
ports:
- '8911:80'
- '8894:80'
healthcheck: # optional: remember to adapt the host:port to your environment
test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:80/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
interval: 60s

View File

@ -196,29 +196,18 @@
}
}
@t host t.{$HOSTNAME}
handle @t {
encode zstd gzip
reverse_proxy {
to {{ oracle1_private_ip }}:8889
to {{ oracle2_private_ip }}:8889
to {{ oracle3_private_ip }}:8889
to {{ oracle4_private_ip }}:8889
lb_policy ip_hash
lb_try_duration 5s
lb_try_interval 1s
fail_duration 30s
max_fails 3
}
@b host b.{$HOSTNAME}
handle @b {
reverse_proxy {{ oracle1_private_ip }}:8884
header {
Content-Security-Policy "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
}
}
@b host b.{$HOSTNAME}
handle @b {
reverse_proxy {{ oracle1_private_ip }}:8884
@git host git.{$HOSTNAME}
handle @git {
encode zstd gzip
reverse_proxy {{ oracle3_private_ip }}:8885
header {
X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
}
@ -252,6 +241,31 @@
}
}
@auth host auth.{$HOSTNAME}
handle @auth {
reverse_proxy {{ oracle4_private_ip }}:8888
}
@t host t.{$HOSTNAME}
handle @t {
encode zstd gzip
reverse_proxy {
to {{ oracle1_private_ip }}:8889
to {{ oracle2_private_ip }}:8889
to {{ oracle3_private_ip }}:8889
to {{ oracle4_private_ip }}:8889
lb_policy ip_hash
lb_try_duration 5s
lb_try_interval 1s
fail_duration 30s
max_fails 3
}
header {
Content-Security-Policy "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
}
}
@m host m.{$HOSTNAME}
handle @m {
encode zstd gzip
@ -307,7 +321,7 @@
}
}
handle @f {
forward_auth {{ oracle4_private_ip }}:9091 {
forward_auth {{ oracle4_private_ip }}:8888 {
uri /api/verify?rd=https://auth.opnxng.com/
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
#import trusted_proxy_list
@ -320,9 +334,13 @@
}
}
@auth host auth.{$HOSTNAME}
handle @auth {
reverse_proxy {{ oracle4_private_ip }}:9091
@nt host nt.{$HOSTNAME}
handle @nt {
encode zstd gzip
reverse_proxy {{ oracle3_private_ip }}:8894
header {
X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
}
}
@v host v.{$HOSTNAME}
@ -597,24 +615,6 @@
}
}
@git host git.{$HOSTNAME}
handle @git {
encode zstd gzip
reverse_proxy {{ oracle3_private_ip }}:3000
header {
X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
}
}
@nt host nt.{$HOSTNAME}
handle @nt {
encode zstd gzip
reverse_proxy {{ oracle3_private_ip }}:8911
header {
X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
}
}
}
# ----------------------------------------------------------------------------------------------------
@ -663,6 +663,4 @@ i.r.{$HOSTNAME} {
handle {
abort
}
}
# ----------------------------------------------------------------------------------------------------
}

View File

@ -1,7 +1,16 @@
compose:
setup:
oracle4:
- caddy
compose:
oracle4:
- authelia
- caddy
oracle3:
- ntfy
- gitea
# ----------------------------------------------------------------------------------------------------
deployed-compose: