From 65bcca3fc50f583b949ba69a7e0496c287838307 Mon Sep 17 00:00:00 2001
From: Jeffery <jiantw83@yahoo.com>
Date: Sat, 24 Jan 2026 21:07:54 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20=E6=96=B0=E5=A2=9E=20socat=20=E6=9C=8D?=
 =?UTF-8?q?=E5=8B=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 socat/docker-compose.yaml | 243 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 243 insertions(+)
 create mode 100644 socat/docker-compose.yaml

diff --git a/socat/docker-compose.yaml b/socat/docker-compose.yaml
new file mode 100644
index 0000000..d300b2d
--- /dev/null
+++ b/socat/docker-compose.yaml
@@ -0,0 +1,243 @@
+services:
+  # --- Proxmox VE 主要代理服務 ---
+  pve:
+    # === 容器基本設定 ===
+    image: alpine/socat:latest                                            # Alpine Linux + socat 工具
+    container_name: socat_pve
+
+    # === Traefik 標籤設定 ===
+    labels:
+      - "traefik.enable=true"                                             # 啟用 Traefik 代理
+      - "traefik.docker.network=traefik_vlan"                            # 指定網路
+
+      # --- HTTP 服務配置 ---
+      - "traefik.http.services.pve.loadbalancer.server.scheme=https"    # 服務協議為 HTTPS
+      - "traefik.http.services.pve.loadbalancer.server.port=8006"      # 後端服務連接埠 8006
+
+      # --- HTTP 路由 (轉導至 HTTPS) ---
+      - "traefik.http.routers.pve.entrypoints=http"                    # HTTP 入口點
+      - "traefik.http.routers.pve.rule=Host(`pve.jsc.idv.me`)"       # 域名規則
+      - "traefik.http.routers.pve.middlewares=https-redirect@docker"   # 強制 HTTPS 轉導
+
+      # --- HTTPS 路由 ---
+      - "traefik.http.routers.pve-tls.entrypoints=https"               # HTTPS 入口點
+      - "traefik.http.routers.pve-tls.rule=Host(`pve.jsc.idv.me`)"   # 域名規則
+      - "traefik.http.routers.pve-tls.middlewares=gzip@docker"         # 啟用 Gzip 壓縮
+      - "traefik.http.routers.pve-tls.service=pve"                   # 指向服務
+      - "traefik.http.routers.pve-tls.tls=true"                        # 啟用 TLS
+
+    # === 環境變數設定 ===
+    environment:
+      TZ: "Asia/Taipei"                                                   # 時區設定 (台北時間 UTC+8)
+
+    # === 網路設定 ===
+    networks:
+      - vlan                                                              # 使用 traefik_vlan 網路
+
+    # === Socat 代理指令 ===
+    command: "-d -d tcp-listen:8006,reuseaddr,fork tcp:192.168.30.200:8006"  # TCP 代理至 Proxmox VE
+
+    # === 日誌管理 ===
+    logging:
+      driver: "json-file"                                                 # 使用 JSON 檔案記錄日誌
+      options:
+        max-size: "1m"                                                    # 單一日誌檔案最大 1MB
+
+    # === 重新啟動策略 ===
+    restart: always                                                       # 容器異常退出時自動重啟
+
+  # --- Gitea 主要代理服務 ---
+  gitea:
+    # === 容器基本設定 ===
+    image: alpine/socat:latest                                            # Alpine Linux + socat 工具
+    container_name: socat_gitea
+
+    # === Traefik 標籤設定 ===
+    labels:
+      - "traefik.enable=true"                                             # 啟用 Traefik 代理
+      - "traefik.docker.network=traefik_vlan"                            # 指定網路
+
+      # --- HTTP 服務配置 ---
+      - "traefik.http.services.gitea.loadbalancer.server.scheme=http"    # 服務協議為 HTTP
+      - "traefik.http.services.gitea.loadbalancer.server.port=3000"      # 後端服務連接埠 3000
+
+      # --- HTTP 路由 (轉導至 HTTPS) ---
+      - "traefik.http.routers.gitea.entrypoints=http"                    # HTTP 入口點
+      - "traefik.http.routers.gitea.rule=Host(`gitea.jsc.idv.me`)"       # 域名規則
+      - "traefik.http.routers.gitea.middlewares=https-redirect@docker"   # 強制 HTTPS 轉導
+
+      # --- HTTPS 路由 ---
+      - "traefik.http.routers.gitea-tls.entrypoints=https"               # HTTPS 入口點
+      - "traefik.http.routers.gitea-tls.rule=Host(`gitea.jsc.idv.me`)"   # 域名規則
+      - "traefik.http.routers.gitea-tls.middlewares=gzip@docker"         # 啟用 Gzip 壓縮
+      - "traefik.http.routers.gitea-tls.service=gitea"                   # 指向服務
+      - "traefik.http.routers.gitea-tls.tls=true"                        # 啟用 TLS
+
+    # === 環境變數設定 ===
+    environment:
+      TZ: "Asia/Taipei"                                                   # 時區設定 (台北時間 UTC+8)
+
+    # === 網路設定 ===
+    networks:
+      - vlan                                                              # 使用 traefik_vlan 網路
+
+    # === Socat 代理指令 ===
+    command: "-d -d tcp-listen:3000,reuseaddr,fork tcp:192.168.30.221:3000"  # TCP 代理至 Gitea
+
+    # === 日誌管理 ===
+    logging:
+      driver: "json-file"                                                 # 使用 JSON 檔案記錄日誌
+      options:
+        max-size: "1m"                                                    # 單一日誌檔案最大 1MB
+
+    # === 重新啟動策略 ===
+    restart: always                                                       # 容器異常退出時自動重啟
+
+  # --- ezBookkeeping 主要代理服務 ---
+  ezbookkeeping:
+    # === 容器基本設定 ===
+    image: alpine/socat:latest                                            # Alpine Linux + socat 工具
+    container_name: socat_ezbookkeeping
+
+    # === Traefik 標籤設定 ===
+    labels:
+      - "traefik.enable=true"                                             # 啟用 Traefik 代理
+      - "traefik.docker.network=traefik_vlan"                            # 指定網路
+
+      # --- HTTP 服務配置 ---
+      - "traefik.http.services.ezbookkeeping.loadbalancer.server.scheme=http"    # 服務協議為 HTTP
+      - "traefik.http.services.ezbookkeeping.loadbalancer.server.port=8080"      # 後端服務連接埠 8080
+
+      # --- HTTP 路由 (轉導至 HTTPS) ---
+      - "traefik.http.routers.ezbookkeeping.entrypoints=http"                    # HTTP 入口點
+      - "traefik.http.routers.ezbookkeeping.rule=Host(`ezbookkeeping.jsc.idv.me`)"       # 域名規則
+      - "traefik.http.routers.ezbookkeeping.middlewares=https-redirect@docker"   # 強制 HTTPS 轉導
+
+      # --- HTTPS 路由 ---
+      - "traefik.http.routers.ezbookkeeping-tls.entrypoints=https"               # HTTPS 入口點
+      - "traefik.http.routers.ezbookkeeping-tls.rule=Host(`ezbookkeeping.jsc.idv.me`)"   # 域名規則
+      - "traefik.http.routers.ezbookkeeping-tls.middlewares=gzip@docker"         # 啟用 Gzip 壓縮
+      - "traefik.http.routers.ezbookkeeping-tls.service=ezbookkeeping"                   # 指向服務
+      - "traefik.http.routers.ezbookkeeping-tls.tls=true"                        # 啟用 TLS
+
+    # === 環境變數設定 ===
+    environment:
+      TZ: "Asia/Taipei"                                                   # 時區設定 (台北時間 UTC+8)
+
+    # === 網路設定 ===
+    networks:
+      - vlan                                                              # 使用 traefik_vlan 網路
+
+    # === Socat 代理指令 ===
+    command: "-d -d tcp-listen:8080,reuseaddr,fork tcp:192.168.30.222:8080"  # TCP 代理至 ezBookkeeping
+
+    # === 日誌管理 ===
+    logging:
+      driver: "json-file"                                                 # 使用 JSON 檔案記錄日誌
+      options:
+        max-size: "1m"                                                    # 單一日誌檔案最大 1MB
+
+    # === 重新啟動策略 ===
+    restart: always                                                       # 容器異常退出時自動重啟
+
+  # --- DS225+ 主要代理服務 ---
+  ds225:
+    # === 容器基本設定 ===
+    image: alpine/socat:latest                                            # Alpine Linux + socat 工具
+    container_name: socat_ds225
+
+    # === Traefik 標籤設定 ===
+    labels:
+      - "traefik.enable=true"                                             # 啟用 Traefik 代理
+      - "traefik.docker.network=traefik_vlan"                            # 指定網路
+
+      # --- HTTP 服務配置 ---
+      - "traefik.http.services.ds225.loadbalancer.server.scheme=https"    # 服務協議為 HTTPS
+      - "traefik.http.services.ds225.loadbalancer.server.port=5001"      # 後端服務連接埠 5001
+
+      # --- HTTP 路由 (轉導至 HTTPS) ---
+      - "traefik.http.routers.ds225.entrypoints=http"                    # HTTP 入口點
+      - "traefik.http.routers.ds225.rule=Host(`ds225.jsc.idv.me`)"       # 域名規則
+      - "traefik.http.routers.ds225.middlewares=https-redirect@docker"   # 強制 HTTPS 轉導
+
+      # --- HTTPS 路由 ---
+      - "traefik.http.routers.ds225-tls.entrypoints=https"               # HTTPS 入口點
+      - "traefik.http.routers.ds225-tls.rule=Host(`ds225.jsc.idv.me`)"   # 域名規則
+      - "traefik.http.routers.ds225-tls.middlewares=gzip@docker"         # 啟用 Gzip 壓縮
+      - "traefik.http.routers.ds225-tls.service=ds225"                   # 指向服務
+      - "traefik.http.routers.ds225-tls.tls=true"                        # 啟用 TLS
+
+    # === 環境變數設定 ===
+    environment:
+      TZ: "Asia/Taipei"                                                   # 時區設定 (台北時間 UTC+8)
+
+    # === 網路設定 ===
+    networks:
+      - vlan                                                              # 使用 traefik_vlan 網路
+
+    # === Socat 代理指令 ===
+    command: "-d -d tcp-listen:5001,reuseaddr,fork tcp:192.168.30.253:5001"  # TCP 代理至 DS225+
+
+    # === 日誌管理 ===
+    logging:
+      driver: "json-file"                                                 # 使用 JSON 檔案記錄日誌
+      options:
+        max-size: "1m"                                                    # 單一日誌檔案最大 1MB
+
+    # === 重新啟動策略 ===
+    restart: always                                                       # 容器異常退出時自動重啟
+
+  # --- OpenWrt 主要代理服務 ---
+  openwrt:
+    # === 容器基本設定 ===
+    image: alpine/socat:latest                                            # Alpine Linux + socat 工具
+    container_name: socat_openwrt
+
+    # === Traefik 標籤設定 ===
+    labels:
+      - "traefik.enable=true"                                             # 啟用 Traefik 代理
+      - "traefik.docker.network=traefik_vlan"                            # 指定網路
+
+      # --- HTTP 服務配置 ---
+      - "traefik.http.services.openwrt.loadbalancer.server.scheme=http"    # 服務協議為 HTTP
+      - "traefik.http.services.openwrt.loadbalancer.server.port=80"      # 後端服務連接埠 80
+
+      # --- HTTP 路由 (轉導至 HTTPS) ---
+      - "traefik.http.routers.openwrt.entrypoints=http"                    # HTTP 入口點
+      - "traefik.http.routers.openwrt.rule=Host(`openwrt.jsc.idv.me`)"       # 域名規則
+      - "traefik.http.routers.openwrt.middlewares=https-redirect@docker"   # 強制 HTTPS 轉導
+
+      # --- HTTPS 路由 ---
+      - "traefik.http.routers.openwrt-tls.entrypoints=https"               # HTTPS 入口點
+      - "traefik.http.routers.openwrt-tls.rule=Host(`openwrt.jsc.idv.me`)"   # 域名規則
+      - "traefik.http.routers.openwrt-tls.middlewares=gzip@docker"         # 啟用 Gzip 壓縮
+      - "traefik.http.routers.openwrt-tls.service=openwrt"                   # 指向服務
+      - "traefik.http.routers.openwrt-tls.tls=true"                        # 啟用 TLS
+
+    # === 環境變數設定 ===
+    environment:
+      TZ: "Asia/Taipei"                                                   # 時區設定 (台北時間 UTC+8)
+
+    # === 網路設定 ===
+    networks:
+      - vlan                                                              # 使用 traefik_vlan 網路
+
+    # === Socat 代理指令 ===
+    command: "-d -d tcp-listen:80,reuseaddr,fork tcp:192.168.30.254:80"  # TCP 代理至 OpenWrt
+
+    # === 日誌管理 ===
+    logging:
+      driver: "json-file"                                                 # 使用 JSON 檔案記錄日誌
+      options:
+        max-size: "1m"                                                    # 單一日誌檔案最大 1MB
+
+    # === 重新啟動策略 ===
+    restart: always                                                       # 容器異常退出時自動重啟
+
+# ===============================================================
+# Docker Networks 定義
+# ===============================================================
+networks:
+  vlan:                                              # Traefik 共用網路
+    name: traefik_vlan
+    external: true                                   # 使用外部建立的網路
-- 
2.48.1