From 2fef3ea9ffa7b3d67680d73c1b78e380827d1b17 Mon Sep 17 00:00:00 2001 From: Jeffery Date: Sat, 31 Jan 2026 19:23:49 +0800 Subject: [PATCH 1/3] =?UTF-8?q?feat:=20=E5=8A=A0=E5=85=A5=20letsencrypt=20?= =?UTF-8?q?=E8=A8=AD=E5=AE=9A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- socat/docker-compose.yaml | 48 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/socat/docker-compose.yaml b/socat/docker-compose.yaml index ee65eba..0aebc65 100644 --- a/socat/docker-compose.yaml +++ b/socat/docker-compose.yaml @@ -26,6 +26,14 @@ services: - "traefik.http.routers.ds116-tls.service=ds116" # 指向服務 - "traefik.http.routers.ds116-tls.tls=true" # 啟用 TLS + # --- HTTPS 路由 --- + - "traefik.http.routers.ds116-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ds116-letsencrypt.rule=Host(`ds116.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.ds116-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ds116-letsencrypt.service=ds116" # 指向服務 + - "traefik.http.routers.ds116-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.ds116-letsencrypt.tls.certresolver=letsencrypt" + # === 環境變數設定 === environment: TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) @@ -73,6 +81,14 @@ services: - "traefik.http.routers.ds718-tls.service=ds718" # 指向服務 - "traefik.http.routers.ds718-tls.tls=true" # 啟用 TLS + # --- HTTPS 路由 --- + - "traefik.http.routers.ds718-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ds718-letsencrypt.rule=Host(`ds718.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.ds718-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ds718-letsencrypt.service=ds718" # 指向服務 + - "traefik.http.routers.ds718-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.ds718-letsencrypt.tls.certresolver=letsencrypt" + # === 環境變數設定 === environment: TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) @@ -120,6 +136,14 @@ services: - "traefik.http.routers.pve-tls.service=pve" # 指向服務 - "traefik.http.routers.pve-tls.tls=true" # 啟用 TLS + # --- HTTPS 路由 --- + - "traefik.http.routers.pve-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.pve-letsencrypt.rule=Host(`pve.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.pve-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.pve-letsencrypt.service=pve" # 指向服務 + - "traefik.http.routers.pve-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.pve-letsencrypt.tls.certresolver=letsencrypt" + # === 環境變數設定 === environment: TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) @@ -167,6 +191,14 @@ services: - "traefik.http.routers.gitea-tls.service=gitea" # 指向服務 - "traefik.http.routers.gitea-tls.tls=true" # 啟用 TLS + # --- HTTPS 路由 --- + - "traefik.http.routers.gitea-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.gitea-letsencrypt.rule=Host(`gitea.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.gitea-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.gitea-letsencrypt.service=gitea" # 指向服務 + - "traefik.http.routers.gitea-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.gitea-letsencrypt.tls.certresolver=letsencrypt" + # === 環境變數設定 === environment: TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) @@ -214,6 +246,14 @@ services: - "traefik.http.routers.ezbookkeeping-tls.service=ezbookkeeping" # 指向服務 - "traefik.http.routers.ezbookkeeping-tls.tls=true" # 啟用 TLS + # --- HTTPS 路由 --- + - "traefik.http.routers.ezbookkeeping-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ezbookkeeping-letsencrypt.rule=Host(`ezbookkeeping.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.ezbookkeeping-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ezbookkeeping-letsencrypt.service=ezbookkeeping" # 指向服務 + - "traefik.http.routers.ezbookkeeping-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.ezbookkeeping-letsencrypt.tls.certresolver=letsencrypt" + # === 環境變數設定 === environment: TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) @@ -261,6 +301,14 @@ services: - "traefik.http.routers.ds225-tls.service=ds225" # 指向服務 - "traefik.http.routers.ds225-tls.tls=true" # 啟用 TLS + # --- HTTPS 路由 --- + - "traefik.http.routers.ds225-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ds225-letsencrypt.rule=Host(`ds225.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.ds225-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ds225-letsencrypt.service=ds225" # 指向服務 + - "traefik.http.routers.ds225-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.ds225-letsencrypt.tls.certresolver=letsencrypt" + # === 環境變數設定 === environment: TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) From f21ef8f018c56bfda0980ae55cfbab62be3b0fd6 Mon Sep 17 00:00:00 2001 From: Jeffery Date: Sat, 31 Jan 2026 19:27:23 +0800 Subject: [PATCH 2/3] =?UTF-8?q?feat:=20=E4=BF=AE=E6=AD=A3=E6=89=80?= =?UTF-8?q?=E6=9C=89=E8=A8=BB=E8=A7=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- socat/docker-compose.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/socat/docker-compose.yaml b/socat/docker-compose.yaml index 0aebc65..f04edbc 100644 --- a/socat/docker-compose.yaml +++ b/socat/docker-compose.yaml @@ -1,5 +1,5 @@ services: - # --- Proxmox VE 主要代理服務 --- + # --- DS116 主要代理服務 --- ds116: # === 容器基本設定 === image: alpine/socat:latest # Alpine Linux + socat 工具 @@ -12,7 +12,7 @@ services: # --- HTTP 服務配置 --- - "traefik.http.services.ds116.loadbalancer.server.scheme=https" # 服務協議為 HTTPS - - "traefik.http.services.ds116.loadbalancer.server.port=5001" # 後端服務連接埠 8006 + - "traefik.http.services.ds116.loadbalancer.server.port=5001" # 後端服務連接埠 5001 # --- HTTP 路由 (轉導至 HTTPS) --- - "traefik.http.routers.ds116.entrypoints=http" # HTTP 入口點 @@ -43,7 +43,7 @@ services: - vlan # 使用 traefik_vlan 網路 # === Socat 代理指令 === - command: "-d -d tcp-listen:5001,reuseaddr,fork tcp:192.168.1.101:5001" # TCP 代理至 Proxmox VE + command: "-d -d tcp-listen:5001,reuseaddr,fork tcp:192.168.1.101:5001" # TCP 代理至 DS116 # === 日誌管理 === logging: @@ -54,7 +54,7 @@ services: # === 重新啟動策略 === restart: always # 容器異常退出時自動重啟 - # --- Proxmox VE 主要代理服務 --- + # --- DS718 主要代理服務 --- ds718: # === 容器基本設定 === image: alpine/socat:latest # Alpine Linux + socat 工具 @@ -67,7 +67,7 @@ services: # --- HTTP 服務配置 --- - "traefik.http.services.ds718.loadbalancer.server.scheme=https" # 服務協議為 HTTPS - - "traefik.http.services.ds718.loadbalancer.server.port=5001" # 後端服務連接埠 8006 + - "traefik.http.services.ds718.loadbalancer.server.port=5001" # 後端服務連接埠 5001 # --- HTTP 路由 (轉導至 HTTPS) --- - "traefik.http.routers.ds718.entrypoints=http" # HTTP 入口點 @@ -98,7 +98,7 @@ services: - vlan # 使用 traefik_vlan 網路 # === Socat 代理指令 === - command: "-d -d tcp-listen:5001,reuseaddr,fork tcp:192.168.1.102:5001" # TCP 代理至 Proxmox VE + command: "-d -d tcp-listen:5001,reuseaddr,fork tcp:192.168.1.102:5001" # TCP 代理至 DS718 # === 日誌管理 === logging: From fd5d83bcde53f1c6f338939b1cdb4033935b1c45 Mon Sep 17 00:00:00 2001 From: Jeffery Date: Sat, 31 Jan 2026 19:31:14 +0800 Subject: [PATCH 3/3] =?UTF-8?q?feat:=20=E5=B0=8D=E9=BD=8A=E6=89=80?= =?UTF-8?q?=E6=9C=89=E8=A8=BB=E8=A7=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- socat/docker-compose.yaml | 342 +++++++++++++++++++------------------- 1 file changed, 171 insertions(+), 171 deletions(-) diff --git a/socat/docker-compose.yaml b/socat/docker-compose.yaml index f04edbc..6b320a4 100644 --- a/socat/docker-compose.yaml +++ b/socat/docker-compose.yaml @@ -2,384 +2,384 @@ services: # --- DS116 主要代理服務 --- ds116: # === 容器基本設定 === - image: alpine/socat:latest # Alpine Linux + socat 工具 + image: alpine/socat:latest # Alpine Linux + socat 工具 container_name: socat_ds116 # === Traefik 標籤設定 === labels: - - "traefik.enable=true" # 啟用 Traefik 代理 - - "traefik.docker.network=traefik_vlan" # 指定網路 + - "traefik.enable=true" # 啟用 Traefik 代理 + - "traefik.docker.network=traefik_vlan" # 指定網路 # --- HTTP 服務配置 --- - - "traefik.http.services.ds116.loadbalancer.server.scheme=https" # 服務協議為 HTTPS - - "traefik.http.services.ds116.loadbalancer.server.port=5001" # 後端服務連接埠 5001 + - "traefik.http.services.ds116.loadbalancer.server.scheme=https" # 服務協議為 HTTPS + - "traefik.http.services.ds116.loadbalancer.server.port=5001" # 後端服務連接埠 5001 # --- HTTP 路由 (轉導至 HTTPS) --- - - "traefik.http.routers.ds116.entrypoints=http" # HTTP 入口點 - - "traefik.http.routers.ds116.rule=Host(`ds116.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.ds116.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 + - "traefik.http.routers.ds116.entrypoints=http" # HTTP 入口點 + - "traefik.http.routers.ds116.rule=Host(`ds116.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.ds116.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 # --- HTTPS 路由 --- - - "traefik.http.routers.ds116-tls.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.ds116-tls.rule=Host(`ds116.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.ds116-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.ds116-tls.service=ds116" # 指向服務 - - "traefik.http.routers.ds116-tls.tls=true" # 啟用 TLS + - "traefik.http.routers.ds116-tls.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ds116-tls.rule=Host(`ds116.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.ds116-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ds116-tls.service=ds116" # 指向服務 + - "traefik.http.routers.ds116-tls.tls=true" # 啟用 TLS - # --- HTTPS 路由 --- - - "traefik.http.routers.ds116-letsencrypt.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.ds116-letsencrypt.rule=Host(`ds116.jsc.idv.tw`)" # 域名規則 - - "traefik.http.routers.ds116-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.ds116-letsencrypt.service=ds116" # 指向服務 - - "traefik.http.routers.ds116-letsencrypt.tls=true" # 啟用 TLS - - "traefik.http.routers.ds116-letsencrypt.tls.certresolver=letsencrypt" + # --- HTTPS 路由 (Let's Encrypt) --- + - "traefik.http.routers.ds116-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ds116-letsencrypt.rule=Host(`ds116.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.ds116-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ds116-letsencrypt.service=ds116" # 指向服務 + - "traefik.http.routers.ds116-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.ds116-letsencrypt.tls.certresolver=letsencrypt" # 使用 Let's Encrypt 證書 # === 環境變數設定 === environment: - TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) + TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) # === 網路設定 === networks: - - vlan # 使用 traefik_vlan 網路 + - vlan # 使用 traefik_vlan 網路 # === Socat 代理指令 === command: "-d -d tcp-listen:5001,reuseaddr,fork tcp:192.168.1.101:5001" # TCP 代理至 DS116 # === 日誌管理 === logging: - driver: "json-file" # 使用 JSON 檔案記錄日誌 + driver: "json-file" # 使用 JSON 檔案記錄日誌 options: - max-size: "1m" # 單一日誌檔案最大 1MB + max-size: "1m" # 單一日誌檔案最大 1MB # === 重新啟動策略 === - restart: always # 容器異常退出時自動重啟 + restart: always # 容器異常退出時自動重啟 # --- DS718 主要代理服務 --- ds718: # === 容器基本設定 === - image: alpine/socat:latest # Alpine Linux + socat 工具 + image: alpine/socat:latest # Alpine Linux + socat 工具 container_name: socat_ds718 # === Traefik 標籤設定 === labels: - - "traefik.enable=true" # 啟用 Traefik 代理 - - "traefik.docker.network=traefik_vlan" # 指定網路 + - "traefik.enable=true" # 啟用 Traefik 代理 + - "traefik.docker.network=traefik_vlan" # 指定網路 # --- HTTP 服務配置 --- - - "traefik.http.services.ds718.loadbalancer.server.scheme=https" # 服務協議為 HTTPS - - "traefik.http.services.ds718.loadbalancer.server.port=5001" # 後端服務連接埠 5001 + - "traefik.http.services.ds718.loadbalancer.server.scheme=https" # 服務協議為 HTTPS + - "traefik.http.services.ds718.loadbalancer.server.port=5001" # 後端服務連接埠 5001 # --- HTTP 路由 (轉導至 HTTPS) --- - - "traefik.http.routers.ds718.entrypoints=http" # HTTP 入口點 - - "traefik.http.routers.ds718.rule=Host(`ds718.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.ds718.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 + - "traefik.http.routers.ds718.entrypoints=http" # HTTP 入口點 + - "traefik.http.routers.ds718.rule=Host(`ds718.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.ds718.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 # --- HTTPS 路由 --- - - "traefik.http.routers.ds718-tls.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.ds718-tls.rule=Host(`ds718.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.ds718-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.ds718-tls.service=ds718" # 指向服務 - - "traefik.http.routers.ds718-tls.tls=true" # 啟用 TLS + - "traefik.http.routers.ds718-tls.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ds718-tls.rule=Host(`ds718.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.ds718-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ds718-tls.service=ds718" # 指向服務 + - "traefik.http.routers.ds718-tls.tls=true" # 啟用 TLS - # --- HTTPS 路由 --- - - "traefik.http.routers.ds718-letsencrypt.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.ds718-letsencrypt.rule=Host(`ds718.jsc.idv.tw`)" # 域名規則 - - "traefik.http.routers.ds718-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.ds718-letsencrypt.service=ds718" # 指向服務 - - "traefik.http.routers.ds718-letsencrypt.tls=true" # 啟用 TLS - - "traefik.http.routers.ds718-letsencrypt.tls.certresolver=letsencrypt" + # --- HTTPS 路由 (Let's Encrypt) --- + - "traefik.http.routers.ds718-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ds718-letsencrypt.rule=Host(`ds718.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.ds718-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ds718-letsencrypt.service=ds718" # 指向服務 + - "traefik.http.routers.ds718-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.ds718-letsencrypt.tls.certresolver=letsencrypt" # 使用 Let's Encrypt 證書 # === 環境變數設定 === environment: - TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) + TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) # === 網路設定 === networks: - - vlan # 使用 traefik_vlan 網路 + - vlan # 使用 traefik_vlan 網路 # === Socat 代理指令 === command: "-d -d tcp-listen:5001,reuseaddr,fork tcp:192.168.1.102:5001" # TCP 代理至 DS718 # === 日誌管理 === logging: - driver: "json-file" # 使用 JSON 檔案記錄日誌 + driver: "json-file" # 使用 JSON 檔案記錄日誌 options: - max-size: "1m" # 單一日誌檔案最大 1MB + max-size: "1m" # 單一日誌檔案最大 1MB # === 重新啟動策略 === - restart: always # 容器異常退出時自動重啟 + restart: always # 容器異常退出時自動重啟 # --- Proxmox VE 主要代理服務 --- pve: # === 容器基本設定 === - image: alpine/socat:latest # Alpine Linux + socat 工具 + image: alpine/socat:latest # Alpine Linux + socat 工具 container_name: socat_pve # === Traefik 標籤設定 === labels: - - "traefik.enable=true" # 啟用 Traefik 代理 - - "traefik.docker.network=traefik_vlan" # 指定網路 + - "traefik.enable=true" # 啟用 Traefik 代理 + - "traefik.docker.network=traefik_vlan" # 指定網路 # --- HTTP 服務配置 --- - - "traefik.http.services.pve.loadbalancer.server.scheme=https" # 服務協議為 HTTPS - - "traefik.http.services.pve.loadbalancer.server.port=8006" # 後端服務連接埠 8006 + - "traefik.http.services.pve.loadbalancer.server.scheme=https" # 服務協議為 HTTPS + - "traefik.http.services.pve.loadbalancer.server.port=8006" # 後端服務連接埠 8006 # --- HTTP 路由 (轉導至 HTTPS) --- - - "traefik.http.routers.pve.entrypoints=http" # HTTP 入口點 - - "traefik.http.routers.pve.rule=Host(`pve.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.pve.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 + - "traefik.http.routers.pve.entrypoints=http" # HTTP 入口點 + - "traefik.http.routers.pve.rule=Host(`pve.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.pve.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 # --- HTTPS 路由 --- - - "traefik.http.routers.pve-tls.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.pve-tls.rule=Host(`pve.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.pve-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.pve-tls.service=pve" # 指向服務 - - "traefik.http.routers.pve-tls.tls=true" # 啟用 TLS + - "traefik.http.routers.pve-tls.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.pve-tls.rule=Host(`pve.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.pve-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.pve-tls.service=pve" # 指向服務 + - "traefik.http.routers.pve-tls.tls=true" # 啟用 TLS - # --- HTTPS 路由 --- - - "traefik.http.routers.pve-letsencrypt.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.pve-letsencrypt.rule=Host(`pve.jsc.idv.tw`)" # 域名規則 - - "traefik.http.routers.pve-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.pve-letsencrypt.service=pve" # 指向服務 - - "traefik.http.routers.pve-letsencrypt.tls=true" # 啟用 TLS - - "traefik.http.routers.pve-letsencrypt.tls.certresolver=letsencrypt" + # --- HTTPS 路由 (Let's Encrypt) --- + - "traefik.http.routers.pve-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.pve-letsencrypt.rule=Host(`pve.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.pve-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.pve-letsencrypt.service=pve" # 指向服務 + - "traefik.http.routers.pve-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.pve-letsencrypt.tls.certresolver=letsencrypt" # 使用 Let's Encrypt 證書 # === 環境變數設定 === environment: - TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) + TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) # === 網路設定 === networks: - - vlan # 使用 traefik_vlan 網路 + - vlan # 使用 traefik_vlan 網路 # === Socat 代理指令 === command: "-d -d tcp-listen:8006,reuseaddr,fork tcp:192.168.30.200:8006" # TCP 代理至 Proxmox VE # === 日誌管理 === logging: - driver: "json-file" # 使用 JSON 檔案記錄日誌 + driver: "json-file" # 使用 JSON 檔案記錄日誌 options: - max-size: "1m" # 單一日誌檔案最大 1MB + max-size: "1m" # 單一日誌檔案最大 1MB # === 重新啟動策略 === - restart: always # 容器異常退出時自動重啟 + restart: always # 容器異常退出時自動重啟 # --- Gitea 主要代理服務 --- gitea: # === 容器基本設定 === - image: alpine/socat:latest # Alpine Linux + socat 工具 + image: alpine/socat:latest # Alpine Linux + socat 工具 container_name: socat_gitea # === Traefik 標籤設定 === labels: - - "traefik.enable=true" # 啟用 Traefik 代理 - - "traefik.docker.network=traefik_vlan" # 指定網路 + - "traefik.enable=true" # 啟用 Traefik 代理 + - "traefik.docker.network=traefik_vlan" # 指定網路 # --- HTTP 服務配置 --- - - "traefik.http.services.gitea.loadbalancer.server.scheme=http" # 服務協議為 HTTP - - "traefik.http.services.gitea.loadbalancer.server.port=3000" # 後端服務連接埠 3000 + - "traefik.http.services.gitea.loadbalancer.server.scheme=http" # 服務協議為 HTTP + - "traefik.http.services.gitea.loadbalancer.server.port=3000" # 後端服務連接埠 3000 # --- HTTP 路由 (轉導至 HTTPS) --- - - "traefik.http.routers.gitea.entrypoints=http" # HTTP 入口點 - - "traefik.http.routers.gitea.rule=Host(`gitea.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.gitea.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 + - "traefik.http.routers.gitea.entrypoints=http" # HTTP 入口點 + - "traefik.http.routers.gitea.rule=Host(`gitea.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.gitea.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 # --- HTTPS 路由 --- - - "traefik.http.routers.gitea-tls.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.gitea-tls.rule=Host(`gitea.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.gitea-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.gitea-tls.service=gitea" # 指向服務 - - "traefik.http.routers.gitea-tls.tls=true" # 啟用 TLS + - "traefik.http.routers.gitea-tls.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.gitea-tls.rule=Host(`gitea.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.gitea-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.gitea-tls.service=gitea" # 指向服務 + - "traefik.http.routers.gitea-tls.tls=true" # 啟用 TLS - # --- HTTPS 路由 --- - - "traefik.http.routers.gitea-letsencrypt.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.gitea-letsencrypt.rule=Host(`gitea.jsc.idv.tw`)" # 域名規則 - - "traefik.http.routers.gitea-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.gitea-letsencrypt.service=gitea" # 指向服務 - - "traefik.http.routers.gitea-letsencrypt.tls=true" # 啟用 TLS - - "traefik.http.routers.gitea-letsencrypt.tls.certresolver=letsencrypt" + # --- HTTPS 路由 (Let's Encrypt) --- + - "traefik.http.routers.gitea-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.gitea-letsencrypt.rule=Host(`gitea.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.gitea-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.gitea-letsencrypt.service=gitea" # 指向服務 + - "traefik.http.routers.gitea-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.gitea-letsencrypt.tls.certresolver=letsencrypt" # 使用 Let's Encrypt 證書 # === 環境變數設定 === environment: - TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) + TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) # === 網路設定 === networks: - - vlan # 使用 traefik_vlan 網路 + - vlan # 使用 traefik_vlan 網路 # === Socat 代理指令 === command: "-d -d tcp-listen:3000,reuseaddr,fork tcp:192.168.30.221:3000" # TCP 代理至 Gitea # === 日誌管理 === logging: - driver: "json-file" # 使用 JSON 檔案記錄日誌 + driver: "json-file" # 使用 JSON 檔案記錄日誌 options: - max-size: "1m" # 單一日誌檔案最大 1MB + max-size: "1m" # 單一日誌檔案最大 1MB # === 重新啟動策略 === - restart: always # 容器異常退出時自動重啟 + restart: always # 容器異常退出時自動重啟 # --- ezBookkeeping 主要代理服務 --- ezbookkeeping: # === 容器基本設定 === - image: alpine/socat:latest # Alpine Linux + socat 工具 + image: alpine/socat:latest # Alpine Linux + socat 工具 container_name: socat_ezbookkeeping # === Traefik 標籤設定 === labels: - - "traefik.enable=true" # 啟用 Traefik 代理 - - "traefik.docker.network=traefik_vlan" # 指定網路 + - "traefik.enable=true" # 啟用 Traefik 代理 + - "traefik.docker.network=traefik_vlan" # 指定網路 # --- HTTP 服務配置 --- - - "traefik.http.services.ezbookkeeping.loadbalancer.server.scheme=http" # 服務協議為 HTTP - - "traefik.http.services.ezbookkeeping.loadbalancer.server.port=8080" # 後端服務連接埠 8080 + - "traefik.http.services.ezbookkeeping.loadbalancer.server.scheme=http" # 服務協議為 HTTP + - "traefik.http.services.ezbookkeeping.loadbalancer.server.port=8080" # 後端服務連接埠 8080 # --- HTTP 路由 (轉導至 HTTPS) --- - - "traefik.http.routers.ezbookkeeping.entrypoints=http" # HTTP 入口點 - - "traefik.http.routers.ezbookkeeping.rule=Host(`ezbookkeeping.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.ezbookkeeping.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 + - "traefik.http.routers.ezbookkeeping.entrypoints=http" # HTTP 入口點 + - "traefik.http.routers.ezbookkeeping.rule=Host(`ezbookkeeping.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.ezbookkeeping.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 # --- HTTPS 路由 --- - - "traefik.http.routers.ezbookkeeping-tls.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.ezbookkeeping-tls.rule=Host(`ezbookkeeping.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.ezbookkeeping-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.ezbookkeeping-tls.service=ezbookkeeping" # 指向服務 - - "traefik.http.routers.ezbookkeeping-tls.tls=true" # 啟用 TLS + - "traefik.http.routers.ezbookkeeping-tls.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ezbookkeeping-tls.rule=Host(`ezbookkeeping.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.ezbookkeeping-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ezbookkeeping-tls.service=ezbookkeeping" # 指向服務 + - "traefik.http.routers.ezbookkeeping-tls.tls=true" # 啟用 TLS - # --- HTTPS 路由 --- - - "traefik.http.routers.ezbookkeeping-letsencrypt.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.ezbookkeeping-letsencrypt.rule=Host(`ezbookkeeping.jsc.idv.tw`)" # 域名規則 - - "traefik.http.routers.ezbookkeeping-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.ezbookkeeping-letsencrypt.service=ezbookkeeping" # 指向服務 - - "traefik.http.routers.ezbookkeeping-letsencrypt.tls=true" # 啟用 TLS - - "traefik.http.routers.ezbookkeeping-letsencrypt.tls.certresolver=letsencrypt" + # --- HTTPS 路由 (Let's Encrypt) --- + - "traefik.http.routers.ezbookkeeping-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ezbookkeeping-letsencrypt.rule=Host(`ezbookkeeping.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.ezbookkeeping-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ezbookkeeping-letsencrypt.service=ezbookkeeping" # 指向服務 + - "traefik.http.routers.ezbookkeeping-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.ezbookkeeping-letsencrypt.tls.certresolver=letsencrypt" # 使用 Let's Encrypt 證書 # === 環境變數設定 === environment: - TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) + TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) # === 網路設定 === networks: - - vlan # 使用 traefik_vlan 網路 + - vlan # 使用 traefik_vlan 網路 # === Socat 代理指令 === command: "-d -d tcp-listen:8080,reuseaddr,fork tcp:192.168.30.222:8080" # TCP 代理至 ezBookkeeping # === 日誌管理 === logging: - driver: "json-file" # 使用 JSON 檔案記錄日誌 + driver: "json-file" # 使用 JSON 檔案記錄日誌 options: - max-size: "1m" # 單一日誌檔案最大 1MB + max-size: "1m" # 單一日誌檔案最大 1MB # === 重新啟動策略 === - restart: always # 容器異常退出時自動重啟 + restart: always # 容器異常退出時自動重啟 # --- DS225+ 主要代理服務 --- ds225: # === 容器基本設定 === - image: alpine/socat:latest # Alpine Linux + socat 工具 + image: alpine/socat:latest # Alpine Linux + socat 工具 container_name: socat_ds225 # === Traefik 標籤設定 === labels: - - "traefik.enable=true" # 啟用 Traefik 代理 - - "traefik.docker.network=traefik_vlan" # 指定網路 + - "traefik.enable=true" # 啟用 Traefik 代理 + - "traefik.docker.network=traefik_vlan" # 指定網路 # --- HTTP 服務配置 --- - - "traefik.http.services.ds225.loadbalancer.server.scheme=https" # 服務協議為 HTTPS - - "traefik.http.services.ds225.loadbalancer.server.port=5001" # 後端服務連接埠 5001 + - "traefik.http.services.ds225.loadbalancer.server.scheme=https" # 服務協議為 HTTPS + - "traefik.http.services.ds225.loadbalancer.server.port=5001" # 後端服務連接埠 5001 # --- HTTP 路由 (轉導至 HTTPS) --- - - "traefik.http.routers.ds225.entrypoints=http" # HTTP 入口點 - - "traefik.http.routers.ds225.rule=Host(`ds225.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.ds225.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 + - "traefik.http.routers.ds225.entrypoints=http" # HTTP 入口點 + - "traefik.http.routers.ds225.rule=Host(`ds225.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.ds225.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 # --- HTTPS 路由 --- - - "traefik.http.routers.ds225-tls.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.ds225-tls.rule=Host(`ds225.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.ds225-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.ds225-tls.service=ds225" # 指向服務 - - "traefik.http.routers.ds225-tls.tls=true" # 啟用 TLS + - "traefik.http.routers.ds225-tls.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ds225-tls.rule=Host(`ds225.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.ds225-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ds225-tls.service=ds225" # 指向服務 + - "traefik.http.routers.ds225-tls.tls=true" # 啟用 TLS - # --- HTTPS 路由 --- - - "traefik.http.routers.ds225-letsencrypt.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.ds225-letsencrypt.rule=Host(`ds225.jsc.idv.tw`)" # 域名規則 - - "traefik.http.routers.ds225-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.ds225-letsencrypt.service=ds225" # 指向服務 - - "traefik.http.routers.ds225-letsencrypt.tls=true" # 啟用 TLS - - "traefik.http.routers.ds225-letsencrypt.tls.certresolver=letsencrypt" + # --- HTTPS 路由 (Let's Encrypt) --- + - "traefik.http.routers.ds225-letsencrypt.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.ds225-letsencrypt.rule=Host(`ds225.jsc.idv.tw`)" # 域名規則 + - "traefik.http.routers.ds225-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.ds225-letsencrypt.service=ds225" # 指向服務 + - "traefik.http.routers.ds225-letsencrypt.tls=true" # 啟用 TLS + - "traefik.http.routers.ds225-letsencrypt.tls.certresolver=letsencrypt" # 使用 Let's Encrypt 證書 # === 環境變數設定 === environment: - TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) + TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) # === 網路設定 === networks: - - vlan # 使用 traefik_vlan 網路 + - vlan # 使用 traefik_vlan 網路 # === Socat 代理指令 === command: "-d -d tcp-listen:5001,reuseaddr,fork tcp:192.168.30.253:5001" # TCP 代理至 DS225+ # === 日誌管理 === logging: - driver: "json-file" # 使用 JSON 檔案記錄日誌 + driver: "json-file" # 使用 JSON 檔案記錄日誌 options: - max-size: "1m" # 單一日誌檔案最大 1MB + max-size: "1m" # 單一日誌檔案最大 1MB # === 重新啟動策略 === - restart: always # 容器異常退出時自動重啟 + restart: always # 容器異常退出時自動重啟 # --- OpenWrt 主要代理服務 --- openwrt: # === 容器基本設定 === - image: alpine/socat:latest # Alpine Linux + socat 工具 + image: alpine/socat:latest # Alpine Linux + socat 工具 container_name: socat_openwrt # === Traefik 標籤設定 === labels: - - "traefik.enable=true" # 啟用 Traefik 代理 - - "traefik.docker.network=traefik_vlan" # 指定網路 + - "traefik.enable=true" # 啟用 Traefik 代理 + - "traefik.docker.network=traefik_vlan" # 指定網路 # --- HTTP 服務配置 --- - - "traefik.http.services.openwrt.loadbalancer.server.scheme=http" # 服務協議為 HTTP - - "traefik.http.services.openwrt.loadbalancer.server.port=80" # 後端服務連接埠 80 + - "traefik.http.services.openwrt.loadbalancer.server.scheme=http" # 服務協議為 HTTP + - "traefik.http.services.openwrt.loadbalancer.server.port=80" # 後端服務連接埠 80 # --- HTTP 路由 (轉導至 HTTPS) --- - - "traefik.http.routers.openwrt.entrypoints=http" # HTTP 入口點 - - "traefik.http.routers.openwrt.rule=Host(`openwrt.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.openwrt.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 + - "traefik.http.routers.openwrt.entrypoints=http" # HTTP 入口點 + - "traefik.http.routers.openwrt.rule=Host(`openwrt.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.openwrt.middlewares=https-redirect@docker" # 強制 HTTPS 轉導 # --- HTTPS 路由 --- - - "traefik.http.routers.openwrt-tls.entrypoints=https" # HTTPS 入口點 - - "traefik.http.routers.openwrt-tls.rule=Host(`openwrt.jsc.idv.me`)" # 域名規則 - - "traefik.http.routers.openwrt-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 - - "traefik.http.routers.openwrt-tls.service=openwrt" # 指向服務 - - "traefik.http.routers.openwrt-tls.tls=true" # 啟用 TLS + - "traefik.http.routers.openwrt-tls.entrypoints=https" # HTTPS 入口點 + - "traefik.http.routers.openwrt-tls.rule=Host(`openwrt.jsc.idv.me`)" # 域名規則 + - "traefik.http.routers.openwrt-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮 + - "traefik.http.routers.openwrt-tls.service=openwrt" # 指向服務 + - "traefik.http.routers.openwrt-tls.tls=true" # 啟用 TLS # === 環境變數設定 === environment: - TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) + TZ: "Asia/Taipei" # 時區設定 (台北時間 UTC+8) # === 網路設定 === networks: - - vlan # 使用 traefik_vlan 網路 + - vlan # 使用 traefik_vlan 網路 # === Socat 代理指令 === - command: "-d -d tcp-listen:80,reuseaddr,fork tcp:192.168.30.254:80" # TCP 代理至 OpenWrt + command: "-d -d tcp-listen:80,reuseaddr,fork tcp:192.168.30.254:80" # TCP 代理至 OpenWrt # === 日誌管理 === logging: - driver: "json-file" # 使用 JSON 檔案記錄日誌 + driver: "json-file" # 使用 JSON 檔案記錄日誌 options: - max-size: "1m" # 單一日誌檔案最大 1MB + max-size: "1m" # 單一日誌檔案最大 1MB # === 重新啟動策略 === - restart: always # 容器異常退出時自動重啟 + restart: always # 容器異常退出時自動重啟 # =============================================================== # Docker Networks 定義 # =============================================================== networks: - vlan: # Traefik 共用網路 + vlan: # Traefik 共用網路 name: traefik_vlan - external: true # 使用外部建立的網路 + external: true # 使用外部建立的網路