Removing Bunkerweb and Netbird.

docker-compose.yml

@@ -1,11 +1,4 @@
 name: compose
-x-bw-ui-env: &bw-ui-env
-  # We anchor the environment variables to avoid duplication
-  AUTOCONF_MODE: yes
-  DATABASE_URI: "mariadb+pymysql://bunkerweb:${BUNKERWEB_DB_PASSWORD}@mariadb:3306/bunkerweb" # Remember to set a stronger password for the database
-  USE_REAL_IP: yes
-  REAL_IP_FROM: 172.18.0.0/16
-  REAL_IP_HEADER: 'X-Forwarded-For'
 networks:
   bitmagnet:
     driver: bridge
@@ -324,7 +317,6 @@ services:
     depends_on:
       - beszel
     environment:
-      DOCKER_HOST: tcp://dockerproxy:2375
       PORT: 45876
       # Do not remove quotes around the key
       KEY: '${BESZEL_RINOA_AGENT_KEY}'
@@ -334,6 +326,7 @@ services:
     network_mode: host
     restart: unless-stopped
     volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
       - /rinoa-storage:/extra-filesystems/rinoa-storage:ro
       - /dev/nvme0n1:/extra-filesystems/nvme0n1:ro
   bitmagnet:
@@ -517,67 +510,6 @@ services:
     networks:
       default: null
     restart: unless-stopped
-  bunkerweb:
-    container_name: bunkerweb
-    image: bunkerity/bunkerweb:1.6.0
-    environment:
-      AUTOCONF_MODE: yes
-      API_WHITELIST_IP: 127.0.0.0/8 172.18.0.0/16
-    labels:
-      bunkerweb.INSTANCE: yes
-    ports:
-      - 27002:8080
-      - 63824:8443
-    restart: unless-stopped
-  bunkerweb-scheduler:
-    container_name: bunkerweb-scheduler
-    environment:
-      <<: *bw-ui-env
-      BUNKERWEB_INSTANCES: bunkerweb
-      SERVER_NAME: bunker.trez.wtf
-      API_WHITELIST_IP: 127.0.0.0/8 172.18.0.0/16
-      MULTISITE: yes
-      UI_HOST: http://bunkerweb-ui:7000 # Change it if needed
-      SERVE_FILES: no
-      DISABLE_DEFAULT_SERVER: yes
-      USE_CLIENT_CACHE: yes
-      USE_GZIP: yes
-      USE_REVERSE_PROXY: yes
-      REVERSE_PROXY_URL: /
-      REVERSE_PROXY_HOST: http://swag:80
-    image: bunkerity/bunkerweb-scheduler:1.6.0
-    restart: unless-stopped
-    volumes:
-      - bunkerweb-storage:/data # This is used to persist the cache and other data like the backups
-  bunkerweb-autoconf:
-    container_name: bunkerweb-autoconf
-    depends_on:
-      - docker-socket-proxy
-    environment:
-      <<: *bw-ui-env
-      DOCKER_HOST: tcp://dockerproxy:2375
-    image: bunkerity/bunkerweb-autoconf:1.6.0
-    restart: unless-stopped
-  bunkerweb-ui:
-    container_name: bunkerweb-ui
-    environment:
-      <<: *bw-ui-env
-      TOTP_SECRETS: ${BUNKERWEB_TOTP_SECRETS}
-    expose:
-      - 7000
-    image: bunkerity/bunkerweb-ui:1.6.0
-    labels:
-      homepage.group: Privacy/Security
-      homepage.name: Bunker Web
-      homepage.href: https://bunker.${MY_TLD}
-      homepage.icon: bunkerweb.svg
-      homepage.description: Next-gen WAF
-      swag: enable
-      swag_port: 7000
-      swag_url: bunker.${MY_TLD}
-      swag.uptime-kuma.enabled: true
-      swag.uptime-kuma.monitor.url: https://bunker.${MY_TLD}
-    restart: unless-stopped
   bytebase:
     container_name: bytebase
     image: bytebase/bytebase:3.5.0
@@ -3336,124 +3268,6 @@ services:
         target: /app/api
       # (API: OPTION 2) use when debugging issues
       # - ${DOCKER_VOLUME_CONFIG}/netalertx/api:/app/api
-  netbird-dashboard:
-    container_name: netbird-dashboard
-    environment:
-      # Endpoints
-      NETBIRD_MGMT_API_ENDPOINT: https://vpn.${MY_TLD}
-      NETBIRD_MGMT_GRPC_API_ENDPOINT: https://vpn.${MY_TLD}
-      # OIDC
-      AUTH_AUDIENCE: none
-      AUTH_CLIENT_ID: netbird
-      AUTH_CLIENT_SECRET: ${AUTHELIA_NETBIRD_CLIENT_SECRET}
-      AUTH_AUTHORITY: https://auth.${MY_TLD}
-      USE_AUTH0: false
-      AUTH_SUPPORTED_SCOPES: openid profile email offline_access api
-      AUTH_REDIRECT_URI: /peers
-      AUTH_SILENT_REDIRECT_URI: /add-peers
-      NETBIRD_TOKEN_SOURCE: idToken
-      # SSL
-      NGINX_SSL_PORT: 443
-      # Letsencrypt
-      LETSENCRYPT_DOMAIN:
-      LETSENCRYPT_EMAIL:
-    image: netbirdio/dashboard:latest
-    labels:
-      homepage.group: Privacy/Security
-      homepage.name: Netbird
-      homepage.href: https://vpn.${MY_TLD}
-      homepage.icon: netbird.svg
-      homepage.description: Peer-to-peer private network and centralized access control system
-      swag: enable
-      swag_proto: http
-      swag_port: 80
-      swag_auth: authelia
-      swag_url: vpn.${MY_TLD}
-      swag_server_custom_directive: |
-        location /signalexchange.SignalExchange/ {
-            grpc_pass grpc://netbird-signal:10000;
-            #grpc_ssl_verify off;
-            grpc_read_timeout 1d;
-            grpc_send_timeout 1d;
-            grpc_socket_keepalive on;
-        }
-        # Proxy Management http endpoint
-        location /api {
-            proxy_pass http://netbird-management;
-        }
-        # Proxy Management grpc endpoint
-        location /management.ManagementService/ {
-            grpc_pass grpc://netbird-management;
-            #grpc_ssl_verify off;
-            grpc_read_timeout 1d;
-            grpc_send_timeout 1d;
-            grpc_socket_keepalive on;
-        }
-      swag.uptime-kuma.enabled: true
-      swag.uptime-kuma.monitor.url: https://vpn.${MY_TLD}
-    ports:
-      - 32908:80
-      - 36610:443
-    restart: unless-stopped
-    volumes:
-      - netbird-letsencrypt:/etc/letsencrypt/
-  netbird-signal:
-    container_name: netbird-signal
-    expose:
-      - 10000
-    image: netbirdio/signal:latest
-    ports:
-      - 10001:80
-    restart: unless-stopped
-    volumes:
-      - netbird-signal:/var/lib/netbird
-  netbird-relay:
-    container_name: netbird-relay
-    image: netbirdio/relay:latest
-    restart: unless-stopped
-    environment:
-      NB_LOG_LEVEL: info
-      NB_LISTEN_ADDRESS: :33080
-      NB_EXPOSED_ADDRESS: vpn.${MY_TLD}:33080
-      # todo: change to a secure secret
-      NB_AUTH_SECRET: ${NETBIRD_RELAY_AUTH_SECRET}
-    ports:
-      - 33080:33080
-  netbird-management:
-    command: [
-      "--port", "443",
-      "--log-file", "console",
-      "--log-level", "info",
-      "--disable-anonymous-metrics=false",
-      "--single-account-mode-domain=vpn.${MY_TLD}",
-      "--dns-domain=vpn.trez.wtf"
-    ]
-    container_name: netbird-management
-    depends_on:
-      netbird-dashboard:
-        condition: service_started
-    environment:
-      NETBIRD_STORE_ENGINE_POSTGRES_DSN:
-      NETBIRD_STORE_ENGINE_MYSQL_DSN:
-    image: netbirdio/management:latest
-    restart: unless-stopped
-    volumes:
-      - netbird-mgmt:/var/lib/netbird
-      - netbird-letsencrypt:/etc/letsencrypt:ro
-      - ${DOCKER_VOLUME_CONFIG}/netbird/management.json:/etc/netbird/management.json
-    ports:
-      - 33073:443 #API port
-  netbird-coturn:
-    command:
-      - -c /etc/turnserver.conf
-    container_name: netbird-coturn
-    image: coturn/coturn:latest
-    restart: unless-stopped
-    #domainname: vpn.${MY_TLD} # only needed when TLS is enabled
-    volumes:
-      - ${DOCKER_VOLUME_CONFIG}/netbird/turnserver.conf:/etc/turnserver.conf:ro
-    #      - ${DOCKER_VOLUME_CONFIG}/netbird/privkey.pem:/etc/coturn/private/privkey.pem:ro
-    #      - ${DOCKER_VOLUME_CONFIG}/netbird/cert.pem:/etc/coturn/certs/cert.pem:ro
   nextcloud:
     container_name: nextcloud-aio-mastercontainer
     environment: