Removed gitea (on Bigbox now) + added Caddyfile

.gitattributes

@@ -0,0 +1,3 @@
+*.yml linguist-language=YAML
+*.yaml linguist-language=YAML
+Caddyfile linguist-language=Caddyfile

Caddyfile

@@ -0,0 +1,293 @@
+# The Caddyfile is an easy way to configure your Caddy web server.
+#
+# Unless the file starts with a global options block, the first
+# uncommented line is always the address of your site.
+#
+# To use your own domain name (with automatic HTTPS), first make
+# sure your domain's A/AAAA DNS records are properly pointed to
+# this machine's public IP, then replace ":80" below with your
+# domain name.
+{
+    metrics {
+      per_host
+    }
+  crowdsec {
+    api_url http://localhost:8080
+    api_key qa2/ilnhpYrrisOIvUSYpViTgDNyT7IkHHgDgweAeBY
+    ticker_interval 15s
+  }
+  log {
+    output file /var/log/caddy/access.log
+    format json
+  }
+}
+
+speed.mycloudhaus.xyz {
+  route {
+    crowdsec
+    reverse_proxy 10.0.0.2:8765 {
+            header_up Host {upstream_hostport}
+    }
+  }
+}
+
+docker.mycloudhaus.xyz {
+  route {
+    crowdsec
+    reverse_proxy 127.0.0.1:9100
+  }
+}
+
+sync.mycloudhaus.xyz {
+  route {
+    crowdsec
+    reverse_proxy 127.0.0.1:8384 {
+      header_up Host localhost:8384
+    }
+  }
+}
+
+notes.mycloudhaus.xyz {
+  route {
+    crowdsec
+    basic_auth {
+                theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS
+      }
+    reverse_proxy 127.0.0.1:3050 {
+        header_up Host {host}
+        header_up X-Real-IP {remote_host}
+        header_up X-Forwarded-For {remote_host}
+        header_up X-Forwarded-Proto {scheme}
+    }
+  }
+}
+
+keybr.mycloudhaus.xyz {
+  route {
+    crowdsec
+        basic_auth {
+                theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS
+                # Username "Bob", password "hiccup"
+        }
+  reverse_proxy 10.0.0.2:3000
+  }
+}
+
+torrents.mycloudhaus.xyz {
+  route {
+    crowdsec
+        basic_auth {
+                theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS
+                # Username "Bob", password "hiccup"
+        }
+  reverse_proxy 10.0.0.2:9091
+  }
+}
+
+searxng.mycloudhaus.xyz {
+  route {
+    crowdsec
+#       basic_auth {
+#               # Username "Bob", password "hiccup"
+#               theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS
+#       }
+  reverse_proxy 127.0.0.1:7001
+  }
+}
+
+boards.mycloudhaus.xyz {
+  route {
+    crowdsec
+    reverse_proxy 127.0.0.1:8765
+  }
+}
+
+dns.mycloudhaus.xyz {
+  route {
+    crowdsec
+    reverse_proxy 10.0.0.1:8053
+  }
+}
+
+#twitch.mycloudhaus.xyz {
+#  route {
+#    crowdsec
+#    reverse_proxy 127.0.0.1:8280
+#  }
+#}
+
+inv.mycloudhaus.xyz {
+  route {
+    crowdsec
+        basic_auth {
+                # Username "Bob", password "hiccup"
+                theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS
+        }
+  reverse_proxy 10.0.0.2:4000
+  }
+    log {
+          output discard
+      }
+}
+
+radicale.mycloudhaus.xyz {
+  route {
+  crowdsec
+  reverse_proxy 127.0.0.1:5232
+  }
+}
+
+rss.mycloudhaus.xyz {
+  route {
+  crowdsec
+  reverse_proxy 127.0.0.1:8011
+  }
+}
+
+vw.mycloudhaus.xyz {
+  route {
+  crowdsec
+  reverse_proxy 127.0.0.1:9000 {
+    header_up X-Real-IP {remote_host}
+  }
+  }
+}
+
+bookmarks.mycloudhaus.xyz {
+  route {
+  crowdsec
+  reverse_proxy 10.0.0.2:5000
+  }
+}
+
+home.mycloudhaus.xyz {
+  route {
+    crowdsec
+        basic_auth {
+                # Username "Bob", password "hiccup"
+                theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS
+        }
+  reverse_proxy 127.0.0.1:8099
+  }
+}
+
+
+logs.mycloudhaus.xyz {
+  route {
+  crowdsec
+        basic_auth {
+                # Username "Bob", password "hiccup"
+                theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS
+        }
+  reverse_proxy 127.0.0.1:3030
+  }
+}
+
+health.mycloudhaus.xyz {
+  route {
+  crowdsec
+  reverse_proxy 127.0.0.1:3001
+}
+}
+
+git.mycloudhaus.xyz {
+  route {
+  crowdsec
+  reverse_proxy 10.0.0.2:3002
+  }
+}
+
+playlists.mycloudhaus.xyz {
+  route {
+    crowdsec
+    basic_auth {
+      theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS
+      paul $2y$05$N1Gr6khpOaZc5YDQp8quGuQk6phsE69GoLSB3d.w7RnRc8zyQn./6
+      # "mot de passe super technique"
+    }
+    reverse_proxy 10.0.0.2:4444
+  }
+}
+
+media.mycloudhaus.xyz {
+  route {
+  crowdsec
+  reverse_proxy 10.0.0.2:8096
+    header {
+        X-Forwarded-Proto {scheme}
+        X-Forwarded-For {remote_host}
+        X-Real-IP {remote_host}
+    }
+  }
+}
+
+radio.mycloudhaus.xyz {
+    route {
+        crowdsec
+       # @allowed path / /profile* /admin* /docs* /logout* /login* /dashboard* /station* /public*
+       # reverse_proxy @allowed 10.0.0.2:6000
+        reverse_proxy 10.0.0.2:6000
+       # respond "Not found" 404
+    }
+}
+
+convert.mycloudhaus.xyz {
+        basic_auth {
+                # Username "Bob", password "hiccup"
+                theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS
+        }
+  reverse_proxy 127.0.0.1:6000
+}
+
+#prom.mycloudhaus.xyz {
+#       basic_auth {
+#               # Username "Bob", password "hiccup"
+#               theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS
+#       }
+#  reverse_proxy prometheus:9090
+#}
+#
+
+#sec.mycloudhaus.xyz {
+##  basic_auth {
+##    Sneak9662 $2a$14$EDiuxXPPj6sXuVsr68MwjOvwcSwnVHa2Q3A.BVyuxBN1odc5FK7pG
+##  }
+#  reverse_proxy https://10.0.0.2:443 {
+#    transport http {
+#      tls_insecure_skip_verify
+#    }
+#  }
+#}
+
+mycloudhaus.xyz {
+
+        basic_auth {
+                # Username "Bob", password "hiccup"
+                theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS
+        }
+
+  metrics /metrics
+
+        root * /var/www/html
+        encode gzip
+        log {
+                output file /var/log/caddy/my-static-site.log
+        }
+
+        header {
+                ?Cache-Control "max-age=1800"
+        }
+
+
+        # Enable the static file server.
+         file_server
+
+        # Another common task is to set up a reverse proxy:
+        # reverse_proxy localhost:8080
+
+        # Or serve a PHP site through php-fpm:
+        # php_fastcgi localhost:9000
+}
+
+# Refer to the Caddy docs for more information:
+# https://caddyserver.com/docs/caddyfile

README.md

@@ -0,0 +1,6 @@
+# Cloudhaus docker config
+
+Just use
+```
+git clone https://git.mycloudhaus.xyz/kenny/cloudhaus-docker.git && ./start-all-docker.sh
+```

adguard-prometheus-exporter/docker-compose.yml

@@ -0,0 +1,10 @@
+name: prometheus-adguard-exporter
+services:
+    prometheus-adguard-exporter:
+        environment:
+          - ADGUARD_SERVERS=http://10.0.0.1:8053
+          - ADGUARD_USERNAMES=${USERNAME}
+          - ADGUARD_PASSWORDS=${PASSWORD}
+        image: ghcr.io/henrywhitaker3/adguard-exporter:latest
+        ports:
+          - 10.0.0.1:9618:9618

adguard/docker-compose.yml

@@ -0,0 +1,25 @@
+name: adguard
+services:
+    adguardhome:
+        container_name: adguardhome
+        restart: unless-stopped
+        volumes:
+            - ./workdir:/opt/adguardhome/work
+            - ./confdir:/opt/adguardhome/conf
+            - /var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/dns.mycloudhaus.xyz:/certs/
+        ports:
+          - 10.0.0.1:53:53/tcp # Clean DNS
+          - 10.0.0.1:53:53/udp # Clean DNS
+          #- 67:67/udp # DHCP
+          #- 68:68/udp # DHCP
+          - 8053:80/tcp # Admin panel + DoH
+          #- 8443:443/tcp # DoH
+          #- 8443:443/udp # DoH
+          # - 8300:3000/tcp # DoH
+          - 853:853/tcp # DoT
+          #- 784:784/udp # DoQ
+          #- 853:853/udp # DoQ
+          #- 8853:8853/udp # DoQ
+          #- 5443:5443/tcp # DNSCrypt
+          #- 5443:5443/udp # DNSCrypt
+        image: adguard/adguardhome

gitea/docker-compose.yml

@@ -1,24 +0,0 @@
-networks:
-  gitea:
-    external: false
-  proxy-network:
-    external: true
-
-services:
-  gitea:
-    image: docker.gitea.com/gitea:nightly
-    container_name: gitea
-    environment:
-      - USER_UID=1000
-      - USER_GID=1000
-    restart: always
-    networks:
-      - gitea
-      - proxy-network
-    volumes:
-      - ./gitea:/data
-      - /etc/timezone:/etc/timezone:ro
-      - /etc/localtime:/etc/localtime:ro
-    ports:
-      - "127.0.0.1:3002:3000"
-      - "127.0.0.1:222:22"

prometheus-grafana/docker-compose.yml

@@ -5,8 +5,8 @@ services:
     volumes:
       - ./prometheus.yml:/etc/prometheus/prometheus.yml:ro
       - prometheus-data:/prometheus
-    #ports:
-    #  - "9090:9090"
+    ports:
+      - "127.0.0.1:9090:9090"
     networks:
       - proxy-network
 

prometheus-grafana/prometheus.yml

@@ -2,6 +2,11 @@ global:
   scrape_interval: 15s
 
 scrape_configs:
+  - job_name: 'adguard'
+    static_configs:
+      - targets: ['10.0.0.1:9618']
+    metrics_path: /metrics
+    scheme: http
   - job_name: 'caddy'
     static_configs:
       - targets: ['mycloudhaus.xyz']
@@ -14,6 +19,11 @@ scrape_configs:
       - targets: ['10.0.0.3:9100']
     metrics_path: /metrics
     scheme: http
+  - job_name: 'cloudhaus'
+    static_configs:
+      - targets: ['10.0.0.1:9600']
+    metrics_path: /metrics
+    scheme: http
   - job_name: 'box'
     static_configs:
       - targets: ['10.0.0.4:9100']