Removing Bunkerweb and Netbird.
This commit is contained in:
+1
-187
@@ -1,11 +1,4 @@
|
|||||||
name: compose
|
name: compose
|
||||||
x-bw-ui-env: &bw-ui-env
|
|
||||||
# We anchor the environment variables to avoid duplication
|
|
||||||
AUTOCONF_MODE: yes
|
|
||||||
DATABASE_URI: "mariadb+pymysql://bunkerweb:${BUNKERWEB_DB_PASSWORD}@mariadb:3306/bunkerweb" # Remember to set a stronger password for the database
|
|
||||||
USE_REAL_IP: yes
|
|
||||||
REAL_IP_FROM: 172.18.0.0/16
|
|
||||||
REAL_IP_HEADER: 'X-Forwarded-For'
|
|
||||||
networks:
|
networks:
|
||||||
bitmagnet:
|
bitmagnet:
|
||||||
driver: bridge
|
driver: bridge
|
||||||
@@ -324,7 +317,6 @@ services:
|
|||||||
depends_on:
|
depends_on:
|
||||||
- beszel
|
- beszel
|
||||||
environment:
|
environment:
|
||||||
DOCKER_HOST: tcp://dockerproxy:2375
|
|
||||||
PORT: 45876
|
PORT: 45876
|
||||||
# Do not remove quotes around the key
|
# Do not remove quotes around the key
|
||||||
KEY: '${BESZEL_RINOA_AGENT_KEY}'
|
KEY: '${BESZEL_RINOA_AGENT_KEY}'
|
||||||
@@ -334,6 +326,7 @@ services:
|
|||||||
network_mode: host
|
network_mode: host
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
volumes:
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
- /rinoa-storage:/extra-filesystems/rinoa-storage:ro
|
- /rinoa-storage:/extra-filesystems/rinoa-storage:ro
|
||||||
- /dev/nvme0n1:/extra-filesystems/nvme0n1:ro
|
- /dev/nvme0n1:/extra-filesystems/nvme0n1:ro
|
||||||
bitmagnet:
|
bitmagnet:
|
||||||
@@ -517,67 +510,6 @@ services:
|
|||||||
networks:
|
networks:
|
||||||
default: null
|
default: null
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
bunkerweb:
|
|
||||||
container_name: bunkerweb
|
|
||||||
image: bunkerity/bunkerweb:1.6.0
|
|
||||||
environment:
|
|
||||||
AUTOCONF_MODE: yes
|
|
||||||
API_WHITELIST_IP: 127.0.0.0/8 172.18.0.0/16
|
|
||||||
labels:
|
|
||||||
bunkerweb.INSTANCE: yes
|
|
||||||
ports:
|
|
||||||
- 27002:8080
|
|
||||||
- 63824:8443
|
|
||||||
restart: unless-stopped
|
|
||||||
bunkerweb-scheduler:
|
|
||||||
container_name: bunkerweb-scheduler
|
|
||||||
environment:
|
|
||||||
<<: *bw-ui-env
|
|
||||||
BUNKERWEB_INSTANCES: bunkerweb
|
|
||||||
SERVER_NAME: bunker.trez.wtf
|
|
||||||
API_WHITELIST_IP: 127.0.0.0/8 172.18.0.0/16
|
|
||||||
MULTISITE: yes
|
|
||||||
UI_HOST: http://bunkerweb-ui:7000 # Change it if needed
|
|
||||||
SERVE_FILES: no
|
|
||||||
DISABLE_DEFAULT_SERVER: yes
|
|
||||||
USE_CLIENT_CACHE: yes
|
|
||||||
USE_GZIP: yes
|
|
||||||
USE_REVERSE_PROXY: yes
|
|
||||||
REVERSE_PROXY_URL: /
|
|
||||||
REVERSE_PROXY_HOST: http://swag:80
|
|
||||||
image: bunkerity/bunkerweb-scheduler:1.6.0
|
|
||||||
restart: unless-stopped
|
|
||||||
volumes:
|
|
||||||
- bunkerweb-storage:/data # This is used to persist the cache and other data like the backups
|
|
||||||
bunkerweb-autoconf:
|
|
||||||
container_name: bunkerweb-autoconf
|
|
||||||
depends_on:
|
|
||||||
- docker-socket-proxy
|
|
||||||
environment:
|
|
||||||
<<: *bw-ui-env
|
|
||||||
DOCKER_HOST: tcp://dockerproxy:2375
|
|
||||||
image: bunkerity/bunkerweb-autoconf:1.6.0
|
|
||||||
restart: unless-stopped
|
|
||||||
bunkerweb-ui:
|
|
||||||
container_name: bunkerweb-ui
|
|
||||||
environment:
|
|
||||||
<<: *bw-ui-env
|
|
||||||
TOTP_SECRETS: ${BUNKERWEB_TOTP_SECRETS}
|
|
||||||
expose:
|
|
||||||
- 7000
|
|
||||||
image: bunkerity/bunkerweb-ui:1.6.0
|
|
||||||
labels:
|
|
||||||
homepage.group: Privacy/Security
|
|
||||||
homepage.name: Bunker Web
|
|
||||||
homepage.href: https://bunker.${MY_TLD}
|
|
||||||
homepage.icon: bunkerweb.svg
|
|
||||||
homepage.description: Next-gen WAF
|
|
||||||
swag: enable
|
|
||||||
swag_port: 7000
|
|
||||||
swag_url: bunker.${MY_TLD}
|
|
||||||
swag.uptime-kuma.enabled: true
|
|
||||||
swag.uptime-kuma.monitor.url: https://bunker.${MY_TLD}
|
|
||||||
restart: unless-stopped
|
|
||||||
bytebase:
|
bytebase:
|
||||||
container_name: bytebase
|
container_name: bytebase
|
||||||
image: bytebase/bytebase:3.5.0
|
image: bytebase/bytebase:3.5.0
|
||||||
@@ -3336,124 +3268,6 @@ services:
|
|||||||
target: /app/api
|
target: /app/api
|
||||||
# (API: OPTION 2) use when debugging issues
|
# (API: OPTION 2) use when debugging issues
|
||||||
# - ${DOCKER_VOLUME_CONFIG}/netalertx/api:/app/api
|
# - ${DOCKER_VOLUME_CONFIG}/netalertx/api:/app/api
|
||||||
netbird-dashboard:
|
|
||||||
container_name: netbird-dashboard
|
|
||||||
environment:
|
|
||||||
# Endpoints
|
|
||||||
NETBIRD_MGMT_API_ENDPOINT: https://vpn.${MY_TLD}
|
|
||||||
NETBIRD_MGMT_GRPC_API_ENDPOINT: https://vpn.${MY_TLD}
|
|
||||||
# OIDC
|
|
||||||
AUTH_AUDIENCE: none
|
|
||||||
AUTH_CLIENT_ID: netbird
|
|
||||||
AUTH_CLIENT_SECRET: ${AUTHELIA_NETBIRD_CLIENT_SECRET}
|
|
||||||
AUTH_AUTHORITY: https://auth.${MY_TLD}
|
|
||||||
USE_AUTH0: false
|
|
||||||
AUTH_SUPPORTED_SCOPES: openid profile email offline_access api
|
|
||||||
AUTH_REDIRECT_URI: /peers
|
|
||||||
AUTH_SILENT_REDIRECT_URI: /add-peers
|
|
||||||
NETBIRD_TOKEN_SOURCE: idToken
|
|
||||||
# SSL
|
|
||||||
NGINX_SSL_PORT: 443
|
|
||||||
# Letsencrypt
|
|
||||||
LETSENCRYPT_DOMAIN:
|
|
||||||
LETSENCRYPT_EMAIL:
|
|
||||||
image: netbirdio/dashboard:latest
|
|
||||||
labels:
|
|
||||||
homepage.group: Privacy/Security
|
|
||||||
homepage.name: Netbird
|
|
||||||
homepage.href: https://vpn.${MY_TLD}
|
|
||||||
homepage.icon: netbird.svg
|
|
||||||
homepage.description: Peer-to-peer private network and centralized access control system
|
|
||||||
swag: enable
|
|
||||||
swag_proto: http
|
|
||||||
swag_port: 80
|
|
||||||
swag_auth: authelia
|
|
||||||
swag_url: vpn.${MY_TLD}
|
|
||||||
swag_server_custom_directive: |
|
|
||||||
location /signalexchange.SignalExchange/ {
|
|
||||||
grpc_pass grpc://netbird-signal:10000;
|
|
||||||
#grpc_ssl_verify off;
|
|
||||||
grpc_read_timeout 1d;
|
|
||||||
grpc_send_timeout 1d;
|
|
||||||
grpc_socket_keepalive on;
|
|
||||||
}
|
|
||||||
# Proxy Management http endpoint
|
|
||||||
location /api {
|
|
||||||
proxy_pass http://netbird-management;
|
|
||||||
}
|
|
||||||
# Proxy Management grpc endpoint
|
|
||||||
location /management.ManagementService/ {
|
|
||||||
grpc_pass grpc://netbird-management;
|
|
||||||
#grpc_ssl_verify off;
|
|
||||||
grpc_read_timeout 1d;
|
|
||||||
grpc_send_timeout 1d;
|
|
||||||
grpc_socket_keepalive on;
|
|
||||||
}
|
|
||||||
swag.uptime-kuma.enabled: true
|
|
||||||
swag.uptime-kuma.monitor.url: https://vpn.${MY_TLD}
|
|
||||||
ports:
|
|
||||||
- 32908:80
|
|
||||||
- 36610:443
|
|
||||||
restart: unless-stopped
|
|
||||||
volumes:
|
|
||||||
- netbird-letsencrypt:/etc/letsencrypt/
|
|
||||||
netbird-signal:
|
|
||||||
container_name: netbird-signal
|
|
||||||
expose:
|
|
||||||
- 10000
|
|
||||||
image: netbirdio/signal:latest
|
|
||||||
ports:
|
|
||||||
- 10001:80
|
|
||||||
restart: unless-stopped
|
|
||||||
volumes:
|
|
||||||
- netbird-signal:/var/lib/netbird
|
|
||||||
netbird-relay:
|
|
||||||
container_name: netbird-relay
|
|
||||||
image: netbirdio/relay:latest
|
|
||||||
restart: unless-stopped
|
|
||||||
environment:
|
|
||||||
NB_LOG_LEVEL: info
|
|
||||||
NB_LISTEN_ADDRESS: :33080
|
|
||||||
NB_EXPOSED_ADDRESS: vpn.${MY_TLD}:33080
|
|
||||||
# todo: change to a secure secret
|
|
||||||
NB_AUTH_SECRET: ${NETBIRD_RELAY_AUTH_SECRET}
|
|
||||||
ports:
|
|
||||||
- 33080:33080
|
|
||||||
netbird-management:
|
|
||||||
command: [
|
|
||||||
"--port", "443",
|
|
||||||
"--log-file", "console",
|
|
||||||
"--log-level", "info",
|
|
||||||
"--disable-anonymous-metrics=false",
|
|
||||||
"--single-account-mode-domain=vpn.${MY_TLD}",
|
|
||||||
"--dns-domain=vpn.trez.wtf"
|
|
||||||
]
|
|
||||||
container_name: netbird-management
|
|
||||||
depends_on:
|
|
||||||
netbird-dashboard:
|
|
||||||
condition: service_started
|
|
||||||
environment:
|
|
||||||
NETBIRD_STORE_ENGINE_POSTGRES_DSN:
|
|
||||||
NETBIRD_STORE_ENGINE_MYSQL_DSN:
|
|
||||||
image: netbirdio/management:latest
|
|
||||||
restart: unless-stopped
|
|
||||||
volumes:
|
|
||||||
- netbird-mgmt:/var/lib/netbird
|
|
||||||
- netbird-letsencrypt:/etc/letsencrypt:ro
|
|
||||||
- ${DOCKER_VOLUME_CONFIG}/netbird/management.json:/etc/netbird/management.json
|
|
||||||
ports:
|
|
||||||
- 33073:443 #API port
|
|
||||||
netbird-coturn:
|
|
||||||
command:
|
|
||||||
- -c /etc/turnserver.conf
|
|
||||||
container_name: netbird-coturn
|
|
||||||
image: coturn/coturn:latest
|
|
||||||
restart: unless-stopped
|
|
||||||
#domainname: vpn.${MY_TLD} # only needed when TLS is enabled
|
|
||||||
volumes:
|
|
||||||
- ${DOCKER_VOLUME_CONFIG}/netbird/turnserver.conf:/etc/turnserver.conf:ro
|
|
||||||
# - ${DOCKER_VOLUME_CONFIG}/netbird/privkey.pem:/etc/coturn/private/privkey.pem:ro
|
|
||||||
# - ${DOCKER_VOLUME_CONFIG}/netbird/cert.pem:/etc/coturn/certs/cert.pem:ro
|
|
||||||
nextcloud:
|
nextcloud:
|
||||||
container_name: nextcloud-aio-mastercontainer
|
container_name: nextcloud-aio-mastercontainer
|
||||||
environment:
|
environment:
|
||||||
|
|||||||
Reference in New Issue
Block a user