mirror of
https://github.com/cupcakearmy/cryptgeon.git
synced 2025-03-10 21:47:32 +00:00
81 lines
2.1 KiB
Markdown
81 lines
2.1 KiB
Markdown
# Install Cryptgeon with Traefik
|
|
|
|
Assumptions:
|
|
|
|
- Traefik 2/3 installed.
|
|
- External proxy docker network `proxy`.
|
|
- A certificate resolver `le`.
|
|
- A https entrypoint `secure`.
|
|
- Domain name `example.org`.
|
|
|
|
```yaml
|
|
version: '3.8'
|
|
|
|
networks:
|
|
proxy:
|
|
external: true
|
|
|
|
services:
|
|
redis:
|
|
image: redis:7-alpine
|
|
# This is required to stay in RAM only.
|
|
command: redis-server --save "" --appendonly no
|
|
# Additionally, you can set a size limit. See link below on how to customise.
|
|
# https://redis.io/docs/manual/eviction/
|
|
# --maxmemory 1gb --maxmemory-policy allkeys-lru
|
|
|
|
app:
|
|
image: cupcakearmy/cryptgeon:latest
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- redis
|
|
networks:
|
|
- default
|
|
- proxy
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.cryptgeon.rule=Host(`example.org`)
|
|
- traefik.http.routers.cryptgeon.entrypoints=secure
|
|
- traefik.http.routers.cryptgeon.tls.certresolver=le
|
|
```
|
|
|
|
## With basic auth
|
|
|
|
Some times it's useful to hide the service behind auth. This is easily achieved with traefik middleware. Many reverse proxies support similar features, so while traefik is used in this example, other reverse proxies can do the same.
|
|
|
|
```yaml
|
|
services:
|
|
traefik:
|
|
image: traefik:v3.0
|
|
command:
|
|
- "--api.insecure=true"
|
|
- "--providers.docker=true"
|
|
- "--providers.docker.exposedbydefault=false"
|
|
- "--entrypoints.web.address=:80"
|
|
ports:
|
|
- "80:80"
|
|
volumes:
|
|
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
|
|
cryptgeon:
|
|
image: cupcakearmy/cryptgeon
|
|
depends_on:
|
|
- redis
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.cryptgeon.rule=Host(`cryptgeon.localhost`)"
|
|
- "traefik.http.routers.cryptgeon.entrypoints=web"
|
|
- "traefik.http.routers.cryptgeon.middlewares=cryptgeon-auth"
|
|
- "traefik.http.middlewares.cryptgeon-auth.basicauth.users=user:$$2y$$05$$juUw0zgc5ebvJ00MFPVVLujF6P.rcEMbGZ99Jfq6ZWEa1dgetacEq"
|
|
```
|
|
|
|
```bash
|
|
docker compose up -d
|
|
```
|
|
|
|
1. Open http://cryptgeon.localhost
|
|
2. Log in with `user` and `secret`
|