traveler/services
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

new caddy
Some checks are pending
Deploy on push / detect (push) Waiting to run
Details
Deploy on push / deploy_swarm (push) Blocked by required conditions
Details
Deploy on push / deploy_compose (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
traveler 2026-02-24 19:22:11 -06:00
parent 573a7d8f9e
commit 3b5fe16573
2 changed files with 70 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

42
swarm/stack/caddy/caddy.yaml
View file

@ -6,35 +6,53 @@ configs:
services:
caddy:
image: lucaslorentz/caddy-docker-proxy:ci-alpine
#image: ghcr.io/serfriz/caddy-crowdsec:latest
#image: caddy-crowdsec
#image: git.netgrimoire.com/traveler/caddy-crowdsec
image: ghcr.io/serfriz/caddy-crowdsec-geoip-ratelimit-security-dockerproxy:latest
ports:
- 8900:80
- 443:443
environment:
- CADDY_INGRESS_NETWORKS=netgrimoire
- CADDY_DOCKER_EVENT_THROTTLE_INTERVAL=2000 # Prevents non-deterministic reload with CrowdSec module
- CROWDSEC_API_KEY=${CROWDSEC_API_KEY}
networks:
- netgrimoire
- vpn
- crowdsec_net
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /export/Docker/caddy/Caddyfile:/etc/caddy/Caddyfile
- /export/Docker/caddy:/data
#- /export/Docker/caddy/logs:/var/log/caddy # Mount logs for CrowdSec
- caddy-logs:/var/log/caddy
deploy:
placement:
constraints:
- node.hostname == znas
# restart: unless-stopped
crowdsec:
image: crowdsecurity/crowdsec
restart: unless-stopped
environment:
COLLECTIONS: "crowdsecurity/caddy crowdsecurity/http-cve crowdsecurity/whitelist-good-actors"
BOUNCER_KEY_CADDY: ${CROWDSEC_API_KEY} # Pre-registers the Caddy bouncer automatically
volumes:
- crowdsec-db:/var/lib/crowdsec/data
- ./crowdsec/acquis.yaml:/etc/crowdsec/acquis.yaml
- caddy-logs:/var/log/caddy:ro
networks:
- crowdsec_net
deploy:
placement:
constraints:
- node.hostname == znas
volumes:
caddy-logs:
crowdsec-db:
networks:
netgrimoire:
external: true
external: true
vpn:
external: true
external: true
crowdsec_net:
driver: overlay # Swarm overlay network