sterl/Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit: homelab configuration and documentation

Browse Source
This commit is contained in:
sterlenjohnson
2025-11-29 19:03:14 +00:00
commit 0769ca6888
72 changed files with 7806 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
services/swarm/traefik/stack.yml Normal file
View File

@@ -0,0 +1,29 @@
version: '3.8'
services:
traefik:
image: traefik:v2.10
command:
- --api.insecure=false
- --providers.docker=true
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --certificatesresolvers.leresolver.acme.email=sterlenjohnson6@gmail.com
- --certificatesresolvers.leresolver.acme.storage=/letsencrypt/acme.json
- --certificatesresolvers.leresolver.acme.dnschallenge=true
- --certificatesresolvers.leresolver.acme.dnschallenge.provider=duckdns
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- /letsencrypt:/letsencrypt
deploy:
mode: replicated
replicas: 2
placement:
constraints: [node.role == manager]
networks:
- webnet
networks:
webnet:
driver: overlay

54
services/swarm/traefik/traefik.yml Normal file
View File

@@ -0,0 +1,54 @@
# traefik.yml - static configuration (file provider)
checkNewVersion: true
sendAnonymousUsage: false
log:
level: INFO
api:
dashboard: true
insecure: false # set to true only for quick local testing (not recommended for public)
# single entryPoints section (merged)
entryPoints:
web:
address: ":80"
http:
redirections:
entryPoint:
to: websecure
scheme: https
# optional timeouts can live under transport as well (kept only on websecure below)
websecure:
address: ":443"
http:
tls:
certResolver: leresolver
transport:
respondingTimeouts:
# keep these large if you expect long uploads/downloads or long-lived requests
readTimeout: 600s
writeTimeout: 600s
idleTimeout: 600s
providers:
swarm:
endpoint: "unix:///var/run/docker.sock"
certificatesResolvers:
leresolver:
acme:
email: "sterlenjohnson6@gmail.com"
storage: "/letsencrypt/acme.json"
# DNS-01, using DuckDNS provider
dnsChallenge:
provider: duckdns
delayBeforeCheck: 60s
# Usually unnecessary to specify "resolvers" unless you have special internal resolvers.
# If you DO need Traefik to use specific DNS servers for the challenge, make sure
# the container has network access to them and that they will answer public DNS queries.
resolvers:
- "192.168.1.196:53"
- "192.168.1.245:53"
- "192.168.1.62:53"