Compare commits
12 Commits
c308c5a8d2
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
6c69fb0ace | ||
|
|
0b0ea9b288 | ||
|
|
687fb17038 | ||
|
|
f16acb6aea | ||
| ac3712b722 | |||
|
|
e4f623ffa7 | ||
|
|
d00f4f65c4 | ||
|
|
3d1f6375e3 | ||
|
|
211c19ff41 | ||
| 59091880e4 | |||
|
|
f5205fc5d1 | ||
|
|
7106df52f1 |
@@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
admin off
|
admin localhost:2019
|
||||||
email admin@catmedved.com
|
email admin@catmedved.com
|
||||||
auto_https disable_redirects
|
auto_https disable_redirects
|
||||||
|
|
||||||
@@ -8,8 +8,26 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
(tls_catmedved) {
|
||||||
|
tls /etc/caddy/certs/catmedved.com.crt /etc/caddy/certs/catmedved.com.key
|
||||||
|
}
|
||||||
|
|
||||||
|
(tls_kladovka52) {
|
||||||
|
tls /etc/caddy/certs/kladovka52.com.crt /etc/caddy/certs/kladovka52.com.key
|
||||||
|
}
|
||||||
|
|
||||||
|
(tls_ulakar) {
|
||||||
|
tls /etc/caddy/certs/ulakar.com.crt /etc/caddy/certs/ulakar.com.key
|
||||||
|
}
|
||||||
|
|
||||||
(apps) {
|
(apps) {
|
||||||
|
|
||||||
|
# A
|
||||||
|
@auth host auth.catmedved.com
|
||||||
|
handle @auth {
|
||||||
|
reverse_proxy http://authentik_server:9000
|
||||||
|
}
|
||||||
|
# B
|
||||||
@backrest host backrest.catmedved.com
|
@backrest host backrest.catmedved.com
|
||||||
handle @backrest {
|
handle @backrest {
|
||||||
reverse_proxy http://host.docker.internal:9898
|
reverse_proxy http://host.docker.internal:9898
|
||||||
@@ -19,7 +37,7 @@
|
|||||||
handle @beszel {
|
handle @beszel {
|
||||||
reverse_proxy http://beszel:8090
|
reverse_proxy http://beszel:8090
|
||||||
}
|
}
|
||||||
|
# C
|
||||||
# @copypaste host copypaste.catmedved.com
|
# @copypaste host copypaste.catmedved.com
|
||||||
# handle @copypaste {
|
# handle @copypaste {
|
||||||
# reverse_proxy http://microbin:8080
|
# reverse_proxy http://microbin:8080
|
||||||
@@ -29,7 +47,22 @@
|
|||||||
handle @copypaste {
|
handle @copypaste {
|
||||||
reverse_proxy http://microbin:8080
|
reverse_proxy http://microbin:8080
|
||||||
}
|
}
|
||||||
|
# D
|
||||||
|
@databasus host databasus.catmedved.com
|
||||||
|
handle @databasus {
|
||||||
|
reverse_proxy http://databasus:4005
|
||||||
|
}
|
||||||
|
# F
|
||||||
|
@filebrowser host filebrowser.catmedved.com
|
||||||
|
handle @filebrowser {
|
||||||
|
reverse_proxy http://filebrowser:80
|
||||||
|
}
|
||||||
|
|
||||||
|
@films host films.catmedved.com
|
||||||
|
handle @films {
|
||||||
|
reverse_proxy http://jellyfin:8096
|
||||||
|
}
|
||||||
|
# G
|
||||||
@gameyfin host gameyfin.catmedved.com
|
@gameyfin host gameyfin.catmedved.com
|
||||||
handle @gameyfin {
|
handle @gameyfin {
|
||||||
reverse_proxy http://gameyfin:8080
|
reverse_proxy http://gameyfin:8080
|
||||||
@@ -40,10 +73,25 @@
|
|||||||
reverse_proxy http://gitea:3000
|
reverse_proxy http://gitea:3000
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@glancesminipc host glances-minipc.catmedved.com
|
||||||
|
handle @glancesminipc {
|
||||||
|
reverse_proxy http://glances:61208
|
||||||
|
}
|
||||||
|
# H
|
||||||
|
@homepage host home.catmedved.com
|
||||||
|
handle @homepage {
|
||||||
|
reverse_proxy http://homepage:3000
|
||||||
|
}
|
||||||
|
# M
|
||||||
@music host music.catmedved.com
|
@music host music.catmedved.com
|
||||||
handle @music {
|
handle @music {
|
||||||
reverse_proxy http://navidrome:4533
|
reverse_proxy http://navidrome:4533
|
||||||
}
|
}
|
||||||
|
# P
|
||||||
|
@passwords host passwords.catmedved.com
|
||||||
|
handle @passwords {
|
||||||
|
reverse_proxy http://vaultwarden:80
|
||||||
|
}
|
||||||
|
|
||||||
@pdftools host pdf-tools.catmedved.com
|
@pdftools host pdf-tools.catmedved.com
|
||||||
handle @pdftools {
|
handle @pdftools {
|
||||||
@@ -55,15 +103,28 @@
|
|||||||
reverse_proxy http://stirling_pdf:8080
|
reverse_proxy http://stirling_pdf:8080
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@pihole host pihole.catmedved.com
|
||||||
|
handle @pihole {
|
||||||
|
reverse_proxy http://pihole:80
|
||||||
|
}
|
||||||
|
|
||||||
@photo host photo.catmedved.com
|
@photo host photo.catmedved.com
|
||||||
handle @photo {
|
handle @photo {
|
||||||
reverse_proxy immich_server:2283
|
reverse_proxy immich_server:2283
|
||||||
}
|
}
|
||||||
|
# R
|
||||||
@recepies host recepies.catmedved.com
|
@recepies host recepies.catmedved.com
|
||||||
handle @recepies {
|
handle @recepies {
|
||||||
reverse_proxy http://mealie:9000
|
reverse_proxy http://mealie:9000
|
||||||
}
|
}
|
||||||
|
# S
|
||||||
|
@syncminipc host sync-minipc.catmedved.com
|
||||||
|
handle @syncminipc {
|
||||||
|
reverse_proxy http://host.docker.internal:8384 {
|
||||||
|
header_up Host {upstream_hostport}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
http://*.kladovka52.com {
|
http://*.kladovka52.com {
|
||||||
@@ -83,65 +144,16 @@ http://*.catmedved.com {
|
|||||||
}
|
}
|
||||||
|
|
||||||
https://*.catmedved.com {
|
https://*.catmedved.com {
|
||||||
tls /etc/caddy/certs/fullchain.pem /etc/caddy/certs/privkey.pem
|
import tls_catmedved
|
||||||
|
|
||||||
import apps
|
import apps
|
||||||
}
|
}
|
||||||
|
|
||||||
|
https://*.kladovka52.com {
|
||||||
auth.catmedved.com {
|
import tls_kladovka52
|
||||||
reverse_proxy http://authentik_server:9000
|
import apps
|
||||||
tls /etc/caddy/certs/fullchain.pem /etc/caddy/certs/privkey.pem
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# D
|
https://*.ulakar.com {
|
||||||
databasus.catmedved.com {
|
import tls_ulakar
|
||||||
reverse_proxy http://databasus:4005
|
import apps
|
||||||
tls /etc/caddy/certs/fullchain.pem /etc/caddy/certs/privkey.pem
|
|
||||||
}
|
|
||||||
|
|
||||||
drone.catmedved.com {
|
|
||||||
reverse_proxy http://drone:80
|
|
||||||
tls /etc/caddy/certs/fullchain.pem /etc/caddy/certs/privkey.pem
|
|
||||||
}
|
|
||||||
|
|
||||||
# F
|
|
||||||
filebrowser.catmedved.com {
|
|
||||||
reverse_proxy http://filebrowser:80
|
|
||||||
tls /etc/caddy/certs/fullchain.pem /etc/caddy/certs/privkey.pem
|
|
||||||
}
|
|
||||||
|
|
||||||
films.catmedved.com {
|
|
||||||
reverse_proxy http://jellyfin:8096
|
|
||||||
tls /etc/caddy/certs/fullchain.pem /etc/caddy/certs/privkey.pem
|
|
||||||
}
|
|
||||||
|
|
||||||
glances-minipc.catmedved.com {
|
|
||||||
reverse_proxy http://glances:61208
|
|
||||||
tls /etc/caddy/certs/fullchain.pem /etc/caddy/certs/privkey.pem
|
|
||||||
}
|
|
||||||
|
|
||||||
# H
|
|
||||||
home.catmedved.com {
|
|
||||||
reverse_proxy http://homepage:3000
|
|
||||||
tls /etc/caddy/certs/fullchain.pem /etc/caddy/certs/privkey.pem
|
|
||||||
}
|
|
||||||
|
|
||||||
# P
|
|
||||||
passwords.catmedved.com {
|
|
||||||
reverse_proxy http://vaultwarden:80
|
|
||||||
tls /etc/caddy/certs/fullchain.pem /etc/caddy/certs/privkey.pem
|
|
||||||
}
|
|
||||||
|
|
||||||
pihole.catmedved.com {
|
|
||||||
reverse_proxy http://pihole:80
|
|
||||||
tls /etc/caddy/certs/fullchain.pem /etc/caddy/certs/privkey.pem
|
|
||||||
}
|
|
||||||
|
|
||||||
# S
|
|
||||||
sync-minipc.catmedved.com {
|
|
||||||
reverse_proxy http://host.docker.internal:8384 {
|
|
||||||
header_up Host {upstream_hostport}
|
|
||||||
}
|
|
||||||
tls /etc/caddy/certs/fullchain.pem /etc/caddy/certs/privkey.pem
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -10,9 +10,10 @@ services:
|
|||||||
ports:
|
ports:
|
||||||
- "80:80"
|
- "80:80"
|
||||||
- "443:443"
|
- "443:443"
|
||||||
|
- "443:443/udp" # HTTP/3 (QUIC)
|
||||||
volumes:
|
volumes:
|
||||||
- ./Caddyfile:/etc/caddy/Caddyfile
|
- ./Caddyfile:/etc/caddy/Caddyfile
|
||||||
- /srv/ssl/catmedved.com:/etc/caddy/certs:ro
|
- /srv/tls/certificates:/etc/caddy/certs:ro
|
||||||
- caddy_data:/data
|
- caddy_data:/data
|
||||||
- caddy_config:/config
|
- caddy_config:/config
|
||||||
environment:
|
environment:
|
||||||
|
|||||||
@@ -48,7 +48,7 @@
|
|||||||
siteMonitor: http://host.docker.internal:8384/rest/noauth/health
|
siteMonitor: http://host.docker.internal:8384/rest/noauth/health
|
||||||
statusStyle: 'dot'
|
statusStyle: 'dot'
|
||||||
- Filebrowser:
|
- Filebrowser:
|
||||||
href: https://files-minipc.catmedved.com/
|
href: https://filebrowser.catmedved.com/
|
||||||
description: Files on minipc
|
description: Files on minipc
|
||||||
icon: filebrowser.png
|
icon: filebrowser.png
|
||||||
siteMonitor: http://filebrowser:80
|
siteMonitor: http://filebrowser:80
|
||||||
@@ -70,11 +70,11 @@
|
|||||||
- Keenetic:
|
- Keenetic:
|
||||||
href: http://192.168.1.1/
|
href: http://192.168.1.1/
|
||||||
description: Keenetic Giga Admin
|
description: Keenetic Giga Admin
|
||||||
icon: keenetic-alt.png
|
icon: /icons/keenetic-k.png
|
||||||
- HydraRoute Neo:
|
- HydraRoute Neo:
|
||||||
href: http://192.168.1.1:2000/
|
href: http://192.168.1.1:2000/
|
||||||
descryption: HydarRoute Neo - VPN Routing on Keenetic
|
description: VPN Routing on Keenetic
|
||||||
icon: hydra-route-neo.png
|
icon: /icons/hydra-route-neo.png
|
||||||
- Pi-Hole:
|
- Pi-Hole:
|
||||||
href: https://pihole.catmedved.com/admin/login
|
href: https://pihole.catmedved.com/admin/login
|
||||||
description: Pi Hole DNS
|
description: Pi Hole DNS
|
||||||
|
|||||||
BIN
hosts/home-morefine/docker/homepage/icons/hydra-route-neo.png
Normal file
BIN
hosts/home-morefine/docker/homepage/icons/hydra-route-neo.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 9.8 KiB |
BIN
hosts/home-morefine/docker/homepage/icons/keenetic-k.png
Normal file
BIN
hosts/home-morefine/docker/homepage/icons/keenetic-k.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 1.9 KiB |
@@ -50,7 +50,7 @@ services:
|
|||||||
# file: hwaccel.ml.yml
|
# file: hwaccel.ml.yml
|
||||||
# service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
|
# service: cpu # set to one of [armnn, cuda, openvino, openvino-wsl] for accelerated inference - use the `-wsl` version for WSL2 where applicable
|
||||||
volumes:
|
volumes:
|
||||||
- ./model-cache:/cache
|
- /srv/rundata/immich/model-cache:/cache
|
||||||
env_file:
|
env_file:
|
||||||
- .env
|
- .env
|
||||||
restart: always
|
restart: always
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ WorkingDirectory=/srv/gitops
|
|||||||
Environment=SOPS_AGE_KEY_FILE=/root/.config/sops/age/keys.txt
|
Environment=SOPS_AGE_KEY_FILE=/root/.config/sops/age/keys.txt
|
||||||
|
|
||||||
# твой скрипт расшифровки (держи в репо или в /usr/local/bin)
|
# твой скрипт расшифровки (держи в репо или в /usr/local/bin)
|
||||||
ExecStart=/srv/gitops/homelab-infra/lab-home/sops-decrypt.sh
|
ExecStart=/srv/gitops/shared/sops-decrypt.sh
|
||||||
|
|
||||||
TimeoutStartSec=300
|
TimeoutStartSec=300
|
||||||
|
|
||||||
|
|||||||
18
hosts/home-morefine/usr/local/bin/caddy-reload
Normal file
18
hosts/home-morefine/usr/local/bin/caddy-reload
Normal file
@@ -0,0 +1,18 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# check if caddy is up and running
|
||||||
|
if [ "$(docker ps -q -f name=caddy)" ]; then
|
||||||
|
echo "🔍 Validating configuration inside 'caddy' container..."
|
||||||
|
if docker exec -w /etc/caddy caddy caddy validate; then
|
||||||
|
echo "✅ Validation successful. Reloading..."
|
||||||
|
docker exec -w /etc/caddy caddy caddy reload
|
||||||
|
echo "🚀 Done!"
|
||||||
|
else
|
||||||
|
echo "❌ Validation failed! Reload aborted."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "⚠️ Error: Container 'caddy' is not running."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# sudo chmod +x /usr/local/bin/caddy-reload
|
||||||
@@ -3,6 +3,14 @@
|
|||||||
admin off
|
admin off
|
||||||
}
|
}
|
||||||
|
|
||||||
|
(tls_catmedved) {
|
||||||
|
tls /etc/caddy/certs/catmedved.com.crt /etc/caddy/certs/catmedved.com.key
|
||||||
|
}
|
||||||
|
|
||||||
|
(tls_kladovka52) {
|
||||||
|
tls /etc/caddy/certs/kladovka52.com.crt /etc/caddy/certs/kladovka52.com.key
|
||||||
|
}
|
||||||
|
|
||||||
(forward_to_home) {
|
(forward_to_home) {
|
||||||
reverse_proxy 10.8.0.3:80 {
|
reverse_proxy 10.8.0.3:80 {
|
||||||
header_up Host {host}
|
header_up Host {host}
|
||||||
@@ -17,28 +25,26 @@
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# HTTP -> HTTPS
|
||||||
|
http://*.catmedved.com, http://*.kladovka52.com {
|
||||||
|
redir https://{host}{uri} permanent
|
||||||
|
}
|
||||||
|
|
||||||
# catmedved.com
|
*.catmedved.com {
|
||||||
|
import tls_catmedved
|
||||||
beszel.catmedved.com,
|
|
||||||
copypaste.kladovka52.com,
|
|
||||||
gameyfin.catmedved.com,
|
|
||||||
gitea.catmedved.com,
|
|
||||||
music.catmedved.com,
|
|
||||||
pdf-tools.catmedved.com,
|
|
||||||
pdf-tools.kladovka52.com,
|
|
||||||
photo.catmedved.com,
|
|
||||||
recepies.catmedved.com {
|
|
||||||
import forward_to_home
|
import forward_to_home
|
||||||
}
|
}
|
||||||
|
|
||||||
# kladovka52.com
|
copypaste.kladovka52.com,
|
||||||
|
pdf-tools.kladovka52.com {
|
||||||
media.kladovka52.com,
|
import tls_kladovka52
|
||||||
photo.kladovka52.com {
|
import forward_to_home
|
||||||
import forward_to_kladovka
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
*.kladovka52.com {
|
||||||
|
import tls_kladovka52
|
||||||
|
import forward_to_kladovka
|
||||||
|
}
|
||||||
|
|
||||||
# wg-easy
|
# wg-easy
|
||||||
vpnwg.ulakar.com {
|
vpnwg.ulakar.com {
|
||||||
|
|||||||
@@ -11,6 +11,7 @@ services:
|
|||||||
# - "443:443"
|
# - "443:443"
|
||||||
volumes:
|
volumes:
|
||||||
- ./Caddyfile:/etc/caddy/Caddyfile
|
- ./Caddyfile:/etc/caddy/Caddyfile
|
||||||
|
- /home/vk/docker/lego/certs/certificates:/etc/caddy/certs:ro
|
||||||
- caddy_data:/data
|
- caddy_data:/data
|
||||||
- caddy_config:/config
|
- caddy_config:/config
|
||||||
environment:
|
environment:
|
||||||
|
|||||||
18
hosts/lab-by-02/docker/lego/catmedved-compose.yaml
Normal file
18
hosts/lab-by-02/docker/lego/catmedved-compose.yaml
Normal file
@@ -0,0 +1,18 @@
|
|||||||
|
services:
|
||||||
|
lego:
|
||||||
|
image: goacme/lego:latest
|
||||||
|
container_name: lego
|
||||||
|
restart: "no"
|
||||||
|
env_file: .env
|
||||||
|
volumes:
|
||||||
|
- ./certs:/.lego
|
||||||
|
command:
|
||||||
|
- --email=admin@catmedved.com
|
||||||
|
- --accept-tos
|
||||||
|
- --dns=namecheap
|
||||||
|
- --domains=catmedved.com
|
||||||
|
- --domains=*.catmedved.com
|
||||||
|
- run
|
||||||
|
# use renew to update existing certificate(s)
|
||||||
|
# - renew u
|
||||||
|
# - --days=60
|
||||||
18
hosts/lab-by-02/docker/lego/kladovka52-compose.yaml
Normal file
18
hosts/lab-by-02/docker/lego/kladovka52-compose.yaml
Normal file
@@ -0,0 +1,18 @@
|
|||||||
|
services:
|
||||||
|
lego:
|
||||||
|
image: goacme/lego:latest
|
||||||
|
container_name: lego
|
||||||
|
restart: "no"
|
||||||
|
env_file: .env
|
||||||
|
volumes:
|
||||||
|
- ./certs:/.lego
|
||||||
|
command:
|
||||||
|
- --email=admin@kladovka52.com
|
||||||
|
- --accept-tos
|
||||||
|
- --dns=porkbun
|
||||||
|
- --domains=kladovka52.com
|
||||||
|
- --domains=*.kladovka52.com
|
||||||
|
- run
|
||||||
|
# use renew to update existing certificate(s)
|
||||||
|
# - renew u
|
||||||
|
# - --days=60
|
||||||
5
hosts/lab-by-02/docker/lego/run.sh
Normal file
5
hosts/lab-by-02/docker/lego/run.sh
Normal file
@@ -0,0 +1,5 @@
|
|||||||
|
docker compose -f catmedved-compose.yaml up
|
||||||
|
|
||||||
|
docker compose -f kladovka42-compose.yaml up
|
||||||
|
|
||||||
|
docker compose -f ulakar-compose.yaml up
|
||||||
12
hosts/lab-by-02/docker/lego/secrets.sops.env
Normal file
12
hosts/lab-by-02/docker/lego/secrets.sops.env
Normal file
@@ -0,0 +1,12 @@
|
|||||||
|
NAMECHEAP_API_USER=ENC[AES256_GCM,data:rg+INH0JJNcb,iv:RkdTvt2EZ8zovoReX7BPJkgXR0BC8cF5R1XuR2BoKEk=,tag:kHdkhUK/wLedphhblDQCJQ==,type:str]
|
||||||
|
NAMECHEAP_API_KEY=ENC[AES256_GCM,data:4FNq87vNxlg6Xbzj4EaTKNv5j76FbDqjR40F0E8kkD0=,iv:EqjjK7AY479hc03dEVmYer0uI2j5+jDSwka9VF2BuBk=,tag:tSZE8p6QlVUWjcnvN+J92g==,type:str]
|
||||||
|
PORKBUN_API_KEY=ENC[AES256_GCM,data:iQ2MBXQ3NWzNaKp0TQ052pi+ZsRqNSomCYLbORIo3oXQW2AmKwZIDotqo6ypD4p/SB9KS5ArshJRBW6wV+qHt6Sdt+c=,iv:SKzXkFI3krehAsrz6TJn8uy/EMY8zi/VMmAm3kumu5o=,tag:rZMqPIOCdqwp9sy1MqEWUw==,type:str]
|
||||||
|
PORKBUN_SECRET_API_KEY=ENC[AES256_GCM,data:MohqAorMfVURpymTqJAPzF7FEWiNh2f75L4XwJjFNwaE3EKlXN/1WASFezoESv5/4/fw1S1XeuXPCdzAWWDlJeo0bpI=,iv:4PROOEMb0SDFaF760vDSyjNQPZQmUw20qsBFjb1lSBo=,tag:yAh/fbdF4ADP4tLX5fwTCA==,type:str]
|
||||||
|
sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2SU05WXNFMWNrejMrVVFD\nMFUreitrNWhnbnlOUWtadkUyWjFHMG5MaFNnCitpZHNyRTBKdWZaNEJFd1JGaUl5\nWWVNS3djSmpxd2h5OEwrM2lQZ29LMkEKLS0tIHpRKzc1WWxDYlEvemROUDlubkhj\naFlZa2ExV2ZDekwwaW5xaWsyMlFXN1kK9NAxY5WcnIzpjJB4WyRoH37qx/grHdZX\nintmS85J4qzbKM5SqrQm5PCjie+LTdKkKhZAvSk9Xr/9Le/HxT14Ug==\n-----END AGE ENCRYPTED FILE-----\n
|
||||||
|
sops_age__list_0__map_recipient=age1ua9qahphsqf2x8ew2n4umapp23a66t0eccccc0d5etp82n8tsqgsfc8qjk
|
||||||
|
sops_age__list_1__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWR0xjQ3FkSTI4Zm00djJX\ndlJqZ2F5UjgzM29wUEhGbmhudGtzcFhrR0M0Ckwybk9xcytKZnRPeTBITk1mK1RV\nTkhmandrYkZSNHhoMGd6S1h5N1lYZ28KLS0tIDVEdnp0TmgyTExNY05uL3kvalpO\ndG0ydlBHNWNXVG1aTHIwcFBFa2JNQnMKg3eqZbaZlgPMBydDI7NaLJh57+JT4EOY\nYCPZqcsFXfnogm2sJ7a7/fZcFy2vb0piz9QpTtBfDCYwNK0FJAK8Vw==\n-----END AGE ENCRYPTED FILE-----\n
|
||||||
|
sops_age__list_1__map_recipient=age1nw388umnlxfj3cg9lqjyltghfx6w709nam8s2x826c3nxla9famq3uya73
|
||||||
|
sops_lastmodified=2026-02-23T17:22:43Z
|
||||||
|
sops_mac=ENC[AES256_GCM,data:lSsi/0ebF6z+jNNyULF1G0ZYcGGf6A/3jm0JeBbmPZOkFNJVeUC47hg+AB/itOUUYFT8kXT3+1HwWnZQfSjOzEDO7lPZH25D5IM1YhMU//TBN/7se81zjgvV2tA8kofeD03BxYWAbZeAG0J+MHkV1SAN4arL6NnRPV0F0iFAyQ0=,iv:ey7jo/P2SnIVuRyaEL+x9UfETjCMerniakDA4YWIwfo=,tag:NWUl2sFHLCnU5CfhAkrNMw==,type:str]
|
||||||
|
sops_unencrypted_suffix=_unencrypted
|
||||||
|
sops_version=3.11.0
|
||||||
18
hosts/lab-by-02/docker/lego/ulakar-compose.yaml
Normal file
18
hosts/lab-by-02/docker/lego/ulakar-compose.yaml
Normal file
@@ -0,0 +1,18 @@
|
|||||||
|
services:
|
||||||
|
lego:
|
||||||
|
image: goacme/lego:latest
|
||||||
|
container_name: lego
|
||||||
|
restart: "no"
|
||||||
|
env_file: .env
|
||||||
|
volumes:
|
||||||
|
- ./certs:/.lego
|
||||||
|
command:
|
||||||
|
- --email=ulakar@fastmail.com
|
||||||
|
- --accept-tos
|
||||||
|
- --dns=porkbun
|
||||||
|
- --domains=ulakar.com
|
||||||
|
- --domains=*.ulakar.com
|
||||||
|
- run
|
||||||
|
# use renew to update existing certificate(s)
|
||||||
|
# - renew u
|
||||||
|
# - --days=60
|
||||||
Reference in New Issue
Block a user