feat: 部屬 socat 到 ds116 #5
@@ -54,7 +54,7 @@ services:
|
|||||||
# === 重新啟動策略 ===
|
# === 重新啟動策略 ===
|
||||||
restart: always # 容器異常退出時自動重啟
|
restart: always # 容器異常退出時自動重啟
|
||||||
|
|
||||||
# --- DS116 主要代理服務 ---
|
# --- DS116 Bitwarden 主要代理服務 ---
|
||||||
ds116-bitwarden:
|
ds116-bitwarden:
|
||||||
# === 容器基本設定 ===
|
# === 容器基本設定 ===
|
||||||
image: alpine/socat:latest # Alpine Linux + socat 工具
|
image: alpine/socat:latest # Alpine Linux + socat 工具
|
||||||
@@ -66,27 +66,27 @@ services:
|
|||||||
- "traefik.docker.network=traefik_vlan" # 指定網路
|
- "traefik.docker.network=traefik_vlan" # 指定網路
|
||||||
|
|
||||||
# --- HTTP 服務配置 ---
|
# --- HTTP 服務配置 ---
|
||||||
- "traefik.http.services.ds116-bitwarden.loadbalancer.server.scheme=http" # 服務協議為 HTTPS
|
- "traefik.http.services.ds116-bitwarden.loadbalancer.server.scheme=http" # 服務協議為 HTTP
|
||||||
- "traefik.http.services.ds116-bitwarden.loadbalancer.server.port=52080" # 後端服務連接埠 5001
|
- "traefik.http.services.ds116-bitwarden.loadbalancer.server.port=52080" # 後端服務連接埠 52080
|
||||||
|
|
||||||
# --- HTTP 路由 (轉導至 HTTPS) ---
|
# --- HTTP 路由 (轉導至 HTTPS) ---
|
||||||
- "traefik.http.routers.ds116-bitwarden.entrypoints=http" # HTTP 入口點
|
- "traefik.http.routers.ds116-bitwarden.entrypoints=http" # HTTP 入口點
|
||||||
- "traefik.http.routers.ds116-bitwarden.rule=Host(`bitwarden.jsc.idv.me`)" # 域名規則
|
- "traefik.http.routers.ds116-bitwarden.rule=Host(`bitwarden.jsc.idv.me`)" # 域名規則
|
||||||
- "traefik.http.routers.ds116-bitwarden.middlewares=https-redirect@docker" # 強制 HTTPS 轉導
|
- "traefik.http.routers.ds116-bitwarden.middlewares=https-redirect@docker" # 強制 HTTPS 轉導
|
||||||
|
|
||||||
# --- HTTPS 路由 ---
|
# --- HTTPS 路由 ---
|
||||||
- "traefik.http.routers.ds116-bitwarden-tls.entrypoints=https" # HTTPS 入口點
|
- "traefik.http.routers.ds116-bitwarden-tls.entrypoints=https" # HTTPS 入口點
|
||||||
- "traefik.http.routers.ds116-bitwarden-tls.rule=Host(`bitwarden.jsc.idv.me`)" # 域名規則
|
- "traefik.http.routers.ds116-bitwarden-tls.rule=Host(`bitwarden.jsc.idv.me`)" # 域名規則
|
||||||
- "traefik.http.routers.ds116-bitwarden-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮
|
- "traefik.http.routers.ds116-bitwarden-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮
|
||||||
- "traefik.http.routers.ds116-bitwarden-tls.service=ds116-bitwarden" # 指向服務
|
- "traefik.http.routers.ds116-bitwarden-tls.service=ds116-bitwarden" # 指向服務
|
||||||
- "traefik.http.routers.ds116-bitwarden-tls.tls=true" # 啟用 TLS
|
- "traefik.http.routers.ds116-bitwarden-tls.tls=true" # 啟用 TLS
|
||||||
|
|
||||||
# --- HTTPS 路由 (Let's Encrypt) ---
|
# --- HTTPS 路由 (Let's Encrypt) ---
|
||||||
- "traefik.http.routers.ds116-bitwarden-letsencrypt.entrypoints=https" # HTTPS 入口點
|
- "traefik.http.routers.ds116-bitwarden-letsencrypt.entrypoints=https" # HTTPS 入口點
|
||||||
- "traefik.http.routers.ds116-bitwarden-letsencrypt.rule=Host(`bitwarden.jsc.idv.tw`)" # 域名規則
|
- "traefik.http.routers.ds116-bitwarden-letsencrypt.rule=Host(`bitwarden.jsc.idv.tw`)" # 域名規則
|
||||||
- "traefik.http.routers.ds116-bitwarden-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮
|
- "traefik.http.routers.ds116-bitwarden-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮
|
||||||
- "traefik.http.routers.ds116-bitwarden-letsencrypt.service=ds116-bitwarden" # 指向服務
|
- "traefik.http.routers.ds116-bitwarden-letsencrypt.service=ds116-bitwarden" # 指向服務
|
||||||
- "traefik.http.routers.ds116-bitwarden-letsencrypt.tls=true" # 啟用 TLS
|
- "traefik.http.routers.ds116-bitwarden-letsencrypt.tls=true" # 啟用 TLS
|
||||||
- "traefik.http.routers.ds116-bitwarden-letsencrypt.tls.certresolver=letsencrypt" # 使用 Let's Encrypt 證書
|
- "traefik.http.routers.ds116-bitwarden-letsencrypt.tls.certresolver=letsencrypt" # 使用 Let's Encrypt 證書
|
||||||
|
|
||||||
# === 環境變數設定 ===
|
# === 環境變數設定 ===
|
||||||
@@ -98,7 +98,7 @@ services:
|
|||||||
- vlan # 使用 traefik_vlan 網路
|
- vlan # 使用 traefik_vlan 網路
|
||||||
|
|
||||||
# === Socat 代理指令 ===
|
# === Socat 代理指令 ===
|
||||||
command: "-d -d tcp-listen:52080,reuseaddr,fork tcp:192.168.1.102:52080" # TCP 代理至 DS116
|
command: "-d -d tcp-listen:52080,reuseaddr,fork tcp:192.168.1.102:52080" # TCP 代理至 DS116 Bitwarden
|
||||||
|
|
||||||
# === 日誌管理 ===
|
# === 日誌管理 ===
|
||||||
logging:
|
logging:
|
||||||
@@ -287,26 +287,26 @@ services:
|
|||||||
|
|
||||||
# --- HTTP 服務配置 ---
|
# --- HTTP 服務配置 ---
|
||||||
- "traefik.http.services.ezbookkeeping.loadbalancer.server.scheme=http" # 服務協議為 HTTP
|
- "traefik.http.services.ezbookkeeping.loadbalancer.server.scheme=http" # 服務協議為 HTTP
|
||||||
- "traefik.http.services.ezbookkeeping.loadbalancer.server.port=8080" # 後端服務連接埠 8080
|
- "traefik.http.services.ezbookkeeping.loadbalancer.server.port=8080" # 後端服務連接埠 8080
|
||||||
|
|
||||||
# --- HTTP 路由 (轉導至 HTTPS) ---
|
# --- HTTP 路由 (轉導至 HTTPS) ---
|
||||||
- "traefik.http.routers.ezbookkeeping.entrypoints=http" # HTTP 入口點
|
- "traefik.http.routers.ezbookkeeping.entrypoints=http" # HTTP 入口點
|
||||||
- "traefik.http.routers.ezbookkeeping.rule=Host(`ezbookkeeping.jsc.idv.me`)" # 域名規則
|
- "traefik.http.routers.ezbookkeeping.rule=Host(`ezbookkeeping.jsc.idv.me`)" # 域名規則
|
||||||
- "traefik.http.routers.ezbookkeeping.middlewares=https-redirect@docker" # 強制 HTTPS 轉導
|
- "traefik.http.routers.ezbookkeeping.middlewares=https-redirect@docker" # 強制 HTTPS 轉導
|
||||||
|
|
||||||
# --- HTTPS 路由 ---
|
# --- HTTPS 路由 ---
|
||||||
- "traefik.http.routers.ezbookkeeping-tls.entrypoints=https" # HTTPS 入口點
|
- "traefik.http.routers.ezbookkeeping-tls.entrypoints=https" # HTTPS 入口點
|
||||||
- "traefik.http.routers.ezbookkeeping-tls.rule=Host(`ezbookkeeping.jsc.idv.me`)" # 域名規則
|
- "traefik.http.routers.ezbookkeeping-tls.rule=Host(`ezbookkeeping.jsc.idv.me`)" # 域名規則
|
||||||
- "traefik.http.routers.ezbookkeeping-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮
|
- "traefik.http.routers.ezbookkeeping-tls.middlewares=gzip@docker" # 啟用 Gzip 壓縮
|
||||||
- "traefik.http.routers.ezbookkeeping-tls.service=ezbookkeeping" # 指向服務
|
- "traefik.http.routers.ezbookkeeping-tls.service=ezbookkeeping" # 指向服務
|
||||||
- "traefik.http.routers.ezbookkeeping-tls.tls=true" # 啟用 TLS
|
- "traefik.http.routers.ezbookkeeping-tls.tls=true" # 啟用 TLS
|
||||||
|
|
||||||
# --- HTTPS 路由 (Let's Encrypt) ---
|
# --- HTTPS 路由 (Let's Encrypt) ---
|
||||||
- "traefik.http.routers.ezbookkeeping-letsencrypt.entrypoints=https" # HTTPS 入口點
|
- "traefik.http.routers.ezbookkeeping-letsencrypt.entrypoints=https" # HTTPS 入口點
|
||||||
- "traefik.http.routers.ezbookkeeping-letsencrypt.rule=Host(`ezbookkeeping.jsc.idv.tw`)" # 域名規則
|
- "traefik.http.routers.ezbookkeeping-letsencrypt.rule=Host(`ezbookkeeping.jsc.idv.tw`)" # 域名規則
|
||||||
- "traefik.http.routers.ezbookkeeping-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮
|
- "traefik.http.routers.ezbookkeeping-letsencrypt.middlewares=gzip@docker" # 啟用 Gzip 壓縮
|
||||||
- "traefik.http.routers.ezbookkeeping-letsencrypt.service=ezbookkeeping" # 指向服務
|
- "traefik.http.routers.ezbookkeeping-letsencrypt.service=ezbookkeeping" # 指向服務
|
||||||
- "traefik.http.routers.ezbookkeeping-letsencrypt.tls=true" # 啟用 TLS
|
- "traefik.http.routers.ezbookkeeping-letsencrypt.tls=true" # 啟用 TLS
|
||||||
- "traefik.http.routers.ezbookkeeping-letsencrypt.tls.certresolver=letsencrypt" # 使用 Let's Encrypt 證書
|
- "traefik.http.routers.ezbookkeeping-letsencrypt.tls.certresolver=letsencrypt" # 使用 Let's Encrypt 證書
|
||||||
|
|
||||||
# === 環境變數設定 ===
|
# === 環境變數設定 ===
|
||||||
@@ -318,7 +318,7 @@ services:
|
|||||||
- vlan # 使用 traefik_vlan 網路
|
- vlan # 使用 traefik_vlan 網路
|
||||||
|
|
||||||
# === Socat 代理指令 ===
|
# === Socat 代理指令 ===
|
||||||
command: "-d -d tcp-listen:8080,reuseaddr,fork tcp:192.168.30.222:8080" # TCP 代理至 ezBookkeeping
|
command: "-d -d tcp-listen:8080,reuseaddr,fork tcp:192.168.30.222:8080" # TCP 代理至 ezBookkeeping
|
||||||
|
|
||||||
# === 日誌管理 ===
|
# === 日誌管理 ===
|
||||||
logging:
|
logging:
|
||||||
@@ -420,7 +420,7 @@ services:
|
|||||||
- vlan # 使用 traefik_vlan 網路
|
- vlan # 使用 traefik_vlan 網路
|
||||||
|
|
||||||
# === Socat 代理指令 ===
|
# === Socat 代理指令 ===
|
||||||
command: "-d -d tcp-listen:80,reuseaddr,fork tcp:192.168.30.254:80" # TCP 代理至 OpenWrt
|
command: "-d -d tcp-listen:80,reuseaddr,fork tcp:192.168.30.254:80" # TCP 代理至 OpenWrt
|
||||||
|
|
||||||
# === 日誌管理 ===
|
# === 日誌管理 ===
|
||||||
logging:
|
logging:
|
||||||
@@ -435,6 +435,6 @@ services:
|
|||||||
# Docker Networks 定義
|
# Docker Networks 定義
|
||||||
# ===============================================================
|
# ===============================================================
|
||||||
networks:
|
networks:
|
||||||
vlan: # Traefik 共用網路
|
vlan: # Traefik 共用網路
|
||||||
name: traefik_vlan
|
name: traefik_vlan
|
||||||
external: true # 使用外部建立的網路
|
external: true # 使用外部建立的網路
|
||||||
|
|||||||
Reference in New Issue
Block a user