From ec4a6b6793f067c435b300b67cf4a6c7ae5bdb20 Mon Sep 17 00:00:00 2001 From: admin Date: Sat, 31 Jan 2026 12:57:50 -0700 Subject: [PATCH] p1 variables first pass --- lxc1/p1-ingress/homepage.yml | 30 +++++++++++++++--------------- lxc1/p1-ingress/keepalived.yml | 1 - lxc1/p1-ingress/rclone.yml | 10 +++++----- lxc1/p1-ingress/technitium.yml | 23 +++++++++++++---------- lxc1/p1-ingress/traefik.yml | 4 ++-- 5 files changed, 35 insertions(+), 33 deletions(-) diff --git a/lxc1/p1-ingress/homepage.yml b/lxc1/p1-ingress/homepage.yml index 4ac807a..2133a09 100644 --- a/lxc1/p1-ingress/homepage.yml +++ b/lxc1/p1-ingress/homepage.yml @@ -1,27 +1,27 @@ services: homepage: image: ghcr.io/gethomepage/homepage:latest - container_name: homepage + container_name: ${HOME_ROOT_NAME} restart: unless-stopped volumes: - /docker/homepage/config:/app/config - /var/run/docker.sock:/var/run/docker.sock:ro networks: - - homepage_internal # For local stack comms - - homepage_external # For Traefik Ingress - - dns_dns_internal # For talking to Technitium API (Cross-stack) + - ${DNS_INT_NETWORK} + - ${HOME_INT_NETWORK} + - ${HOME_EXT_NETWORK} labels: - - "traefik.enable=true" - - "traefik.docker.network=homepage_external" - - "traefik.http.routers.homepage.rule=Host(`home.mapletree.email`)" - - "traefik.http.routers.homepage.entrypoints=web,websecure" - - "traefik.http.routers.homepage.tls.certresolver=myresolver" - - "traefik.http.services.homepage.loadbalancer.server.port=3000" + - "traefik.enable=${HOME_TRAEFIK_ENABLED}" + - "traefik.docker.network=${HOME_EXT_NETWORK}" + - "traefik.http.routers.homepage.rule=Host(`${HOME_ROOT_NAME}.${HOME_DNS_SUFFIX}`)" + - "traefik.http.routers.homepage.entrypoints=${TRAEFIK_ENTRY_POINTS}" + - "traefik.http.routers.homepage.tls.certresolver=${TRAEFIK_RESOLVER}" + - "traefik.http.services.homepage.loadbalancer.server.port=${HOME_TRAEFIK_PORT}" networks: - homepage_internal: + ${HOME_INT_NETWORK}: driver: bridge - homepage_external: - external: true - dns_dns_internal: - external: true # Join the existing DNS backend network + ${HOME_EXT_NETWORK}: + driver: bridge + ${DNS_INT_NETWORK}: + external: true diff --git a/lxc1/p1-ingress/keepalived.yml b/lxc1/p1-ingress/keepalived.yml index a8dc04f..3aaadfa 100644 --- a/lxc1/p1-ingress/keepalived.yml +++ b/lxc1/p1-ingress/keepalived.yml @@ -8,7 +8,6 @@ services: - NET_ADMIN - NET_BROADCAST - NET_RAW - volumes: - /docker/keepalived/checks:/checks - /docker/keepalived/config:/usr/local/etc/keepalived diff --git a/lxc1/p1-ingress/rclone.yml b/lxc1/p1-ingress/rclone.yml index ea46391..a47d07a 100644 --- a/lxc1/p1-ingress/rclone.yml +++ b/lxc1/p1-ingress/rclone.yml @@ -10,11 +10,11 @@ services: sleep 300; done" environment: - - RCLONE_CONFIG_MINIO_TYPE=s3 - - RCLONE_CONFIG_MINIO_PROVIDER=s3 - - RCLONE_CONFIG_MINIO_ACCESS_KEY_ID=admin - - RCLONE_CONFIG_MINIO_SECRET_ACCESS_KEY=Pizzajam11 - - RCLONE_CONFIG_MINIO_ENDPOINT=http://172.16.201.208:9000 + - RCLONE_CONFIG_MINIO_TYPE=${MINIO_TYPE} + - RCLONE_CONFIG_MINIO_PROVIDER=${MINIO_PROVIDER} + - RCLONE_CONFIG_MINIO_ACCESS_KEY_ID=${MINIO_KEY} + - RCLONE_CONFIG_MINIO_SECRET_ACCESS_KEY=${MINIO_SECRET} + - RCLONE_CONFIG_MINIO_ENDPOINT=${MINIO_ENDPOINT} volumes: - /docker:/data:ro restart: always \ No newline at end of file diff --git a/lxc1/p1-ingress/technitium.yml b/lxc1/p1-ingress/technitium.yml index c0cfb91..2973ddf 100644 --- a/lxc1/p1-ingress/technitium.yml +++ b/lxc1/p1-ingress/technitium.yml @@ -1,7 +1,7 @@ services: dns: image: technitium/dns-server:latest - container_name: dns-${NODE_ID} # Becomes dns-1 or dns-2 + container_name: dns-${DNS_NODE_ID} # Becomes dns-1 or dns-2 restart: unless-stopped ports: - "53:53/udp" @@ -9,22 +9,25 @@ services: - "5381:5380/tcp" environment: - TZ=America/Edmonton - - DNS_SERVER_DOMAIN=dns${NODE_ID}.mapletree.email # dns1... or dns2... + - DNS_SERVER_DOMAIN=dns${$DNS_NODE_ID}.${TRAEFIK_DNS_SUFFIX} # dns1... or dns2... - DNS_SERVER_ADMIN_PASSWORD=${DNS_ADMIN_PASSWORD} volumes: # Updated path to match your new 'infrastructure' folder structure - /docker/core/dns/config:/etc/dns networks: - - dns_external + - ${DNS_EXT_NETWORK} + - ${DNS_INT_NETWORK} labels: - - "traefik.enable=true" - - "traefik.docker.network=dns_external" + - "traefik.enable=${DNS_TRAEFIK_ENABLED}" + - "traefik.docker.network=${DNS_EXT_NETWORK}" # Dynamic Router Name (dns1 vs dns2) - - "traefik.http.routers.dns${NODE_ID}.rule=Host(`dns${NODE_ID}.mapletree.email`)" - - "traefik.http.routers.dns${NODE_ID}.entrypoints=web,websecure" - - "traefik.http.routers.dns${NODE_ID}.tls.certresolver=myresolver" - - "traefik.http.services.dns${NODE_ID}.loadbalancer.server.port=5380" + - "traefik.http.routers.dns${DNS_NODE_ID}.rule=Host(`dns${DNS_NODE_ID}.${TRAEFIK_DNS_SUFFIX}`)" + - "traefik.http.routers.dns${DNS_NODE_ID}.entrypoints=${TRAEFIK_ENTRY_POINTS}" + - "traefik.http.routers.dns${DNS_NODE_ID}.tls.certresolver=${TRAEFIK_RESOLVER}" + - "traefik.http.services.dns${DNS_NODE_ID}.loadbalancer.server.port=${DNS_TRAEFIK_PORT}" networks: - dns_external: + ${DNS_EXT_NETWORK}: + driver: bridge + ${DNS_INT_NETWORK}: external: true diff --git a/lxc1/p1-ingress/traefik.yml b/lxc1/p1-ingress/traefik.yml index d26487a..46e6a52 100644 --- a/lxc1/p1-ingress/traefik.yml +++ b/lxc1/p1-ingress/traefik.yml @@ -1,7 +1,7 @@ services: traefik: image: traefik:latest - container_name: traefik + container_name: traefik-node${TRAEFIK_NODE_ID} network_mode: host extra_hosts: - "host.docker.internal:host-gateway" @@ -18,7 +18,7 @@ services: - "--entrypoints.web.address=:80" - "--entrypoints.websecure.address=:443" # Variables for flexibility - - "--providers.docker.network=${DOCKER_NETWORKS}" + - "--providers.docker.network=${HOME_EXT_NETWORK},${DNS_EXT_NETWORK}" - "--providers.file.directory=/etc/traefik/dynamic" - "--providers.file.watch=true" ## DNS resolver