Switches gitea to git.captnemo.in
This commit is contained in:
parent
a554b2dab5
commit
59f5f49271
|
@ -20,6 +20,13 @@ resource "cloudflare_record" "docker" {
|
||||||
type = "A"
|
type = "A"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "cloudflare_record" "debug" {
|
||||||
|
domain = "${var.domain}"
|
||||||
|
name = "debug.in"
|
||||||
|
value = "10.8.0.14"
|
||||||
|
type = "A"
|
||||||
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "internet" {
|
resource "cloudflare_record" "internet" {
|
||||||
domain = "${var.domain}"
|
domain = "${var.domain}"
|
||||||
name = "@"
|
name = "@"
|
||||||
|
|
|
@ -8,6 +8,9 @@ defaultEntryPoints = ["http", "https"]
|
||||||
address = ":443"
|
address = ":443"
|
||||||
# This is required for ACME support
|
# This is required for ACME support
|
||||||
[entryPoints.https.tls]
|
[entryPoints.https.tls]
|
||||||
|
[[entryPoints.https.tls.certificates]]
|
||||||
|
certFile = "/etc/traefik/git.captnemo.in.crt"
|
||||||
|
keyFile = "/etc/traefik/git.captnemo.in.key"
|
||||||
|
|
||||||
[docker]
|
[docker]
|
||||||
# Make sure you mount this as readonly
|
# Make sure you mount this as readonly
|
||||||
|
@ -78,7 +81,8 @@ sans = [
|
||||||
"emby.in.bb8.fun",
|
"emby.in.bb8.fun",
|
||||||
"debug.in.bb8.fun",
|
"debug.in.bb8.fun",
|
||||||
"flexget.bb8.fun",
|
"flexget.bb8.fun",
|
||||||
# "gitea.bb8.fun",
|
"git.bb8.fun",
|
||||||
|
"gitea.bb8.fun",
|
||||||
"headphones.bb8.fun",
|
"headphones.bb8.fun",
|
||||||
"home.bb8.fun",
|
"home.bb8.fun",
|
||||||
"home.in.bb8.fun",
|
"home.in.bb8.fun",
|
||||||
|
|
|
@ -61,11 +61,12 @@ resource docker_container "gitea" {
|
||||||
labels {
|
labels {
|
||||||
"traefik.port" = 3000
|
"traefik.port" = 3000
|
||||||
"traefik.enable" = "true"
|
"traefik.enable" = "true"
|
||||||
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
|
"traefik.frontend.rule" = "Host:git.captnemo.in"
|
||||||
"traefik.frontend.headers.STSSeconds" = "2592000"
|
"traefik.frontend.headers.STSSeconds" = "2592000"
|
||||||
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
|
|
||||||
"traefik.frontend.headers.contentTypeNosniff" = "true"
|
|
||||||
"traefik.frontend.headers.browserXSSFilter" = "true"
|
"traefik.frontend.headers.browserXSSFilter" = "true"
|
||||||
|
"traefik.frontend.headers.contentTypeNosniff" = "true"
|
||||||
|
"traefik.frontend.headers.SSLTemporaryRedirect" = "true"
|
||||||
|
"traefik.frontend.headers.STSIncludeSubdomains" = "false"
|
||||||
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
|
"traefik.frontend.headers.customResponseHeaders" = "${var.xpoweredby}"
|
||||||
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
|
"traefik.frontend.headers.customFrameOptionsValue" = "${var.xfo_allow}"
|
||||||
}
|
}
|
||||||
|
|
|
@ -48,6 +48,16 @@ resource "docker_container" "traefik" {
|
||||||
file = "/etc/traefik/traefik.toml"
|
file = "/etc/traefik/traefik.toml"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
upload {
|
||||||
|
content = "${file("/home/nemo/projects/personal/certs/git.captnemo.in/fullchain.pem")}"
|
||||||
|
file = "/etc/traefik/git.captnemo.in.crt"
|
||||||
|
}
|
||||||
|
|
||||||
|
upload {
|
||||||
|
content = "${file("/home/nemo/projects/personal/certs/git.captnemo.in/privkey.pem")}"
|
||||||
|
file = "/etc/traefik/git.captnemo.in.key"
|
||||||
|
}
|
||||||
|
|
||||||
volumes {
|
volumes {
|
||||||
host_path = "/var/run/docker.sock"
|
host_path = "/var/run/docker.sock"
|
||||||
container_path = "/var/run/docker.sock"
|
container_path = "/var/run/docker.sock"
|
||||||
|
|
Loading…
Reference in New Issue