ryuupendragon/docker-compose
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Remove network for caddy

Browse Source
This commit is contained in:
Ryuu Pendragon
2025-07-14 22:42:15 +05:30
parent cfd78c5a00
commit a1be0f3ae7
2 changed files with 83 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
caddy-cloudflare-ddns-crowdsec/docker-compose.yml
View File

@@ -1,17 +1,25 @@
# Caddy with Cloudflare DDNS and CrowdSec Security
services: services:
# CrowdSec - Security automation service that protects from attacks
crowdsec: crowdsec:
container_name: crowdsec container_name: crowdsec
image: ghcr.io/crowdsecurity/crowdsec:v1.6.10 image: ghcr.io/crowdsecurity/crowdsec:v1.6.10 # Official CrowdSec image
restart: unless-stopped restart: unless-stopped # Auto-restart unless explicitly stopped
# Environment configuration
environment: environment:
- BOUNCER_KEY_CADDY=${CROWDSEC_API_KEY} - BOUNCER_KEY_CADDY=${CROWDSEC_API_KEY} # API key for Caddy integration
- GID=${GID} - GID=${GID} # Group ID for file permissions
- COLLECTIONS=${COLLECTIONS} - COLLECTIONS=${COLLECTIONS} # Security collections to enable
# Persistent storage volumes
volumes: volumes:
- ${APPDATA_PATH}/caddy/crowdsec-acquis.d:/etc/crowdsec/acquis.d - ${APPDATA_PATH}/caddy/crowdsec-acquis.d:/etc/crowdsec/acquis.d # Log parsers
- ${APPDATA_PATH}/caddy/crowdsec-db:/var/lib/crowdsec/data/ - ${APPDATA_PATH}/caddy/crowdsec-db:/var/lib/crowdsec/data/ # Security database
- ${APPDATA_PATH}/caddy/crowdsec-config:/etc/crowdsec/ - ${APPDATA_PATH}/caddy/crowdsec-config:/etc/crowdsec/ # Configuration files
- ${APPDATA_PATH}/caddy/caddy-logs:/var/log/caddy:ro - ${APPDATA_PATH}/caddy/caddy-logs:/var/log/caddy:ro # Read-only log access
# Health check configuration
healthcheck: healthcheck:
test: ["CMD-SHELL", "wget --spider --quiet --tries=1 --timeout=5 http://localhost:8080/health > /dev/null 2>&1 || exit 1"] test: ["CMD-SHELL", "wget --spider --quiet --tries=1 --timeout=5 http://localhost:8080/health > /dev/null 2>&1 || exit 1"]
interval: 30s interval: 30s
@@ -19,25 +27,36 @@ services:
retries: 3 retries: 3
start_period: 30s start_period: 30s
# Caddy web server with Cloudflare DDNS integration
caddy: caddy:
container_name: caddy container_name: caddy
image: docker.io/ryuupendragon/caddy-cloudflare-ddns-crowdsec:2.10.0 image: docker.io/ryuupendragon/caddy-cloudflare-ddns-crowdsec:2.10.0 # Custom Caddy image with Cloudflare, DDNS and CrowdSec plugins
restart: unless-stopped restart: unless-stopped # Auto-restart on failure
# Service dependencies
depends_on: depends_on:
crowdsec: crowdsec:
condition: service_healthy condition: service_healthy # Requires working CrowdSec before starting
# Required network capabilities
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN # Needed for network-level operations
# Environment configuration
environment: environment:
- CLOUDFLARE_API_TOKEN=${CLOUDFLARE_API_TOKEN} - CLOUDFLARE_API_TOKEN=${CLOUDFLARE_API_TOKEN} # Cloudflare API token for DNS updates
- CROWDSEC_API_KEY=${CROWDSEC_API_KEY} - CROWDSEC_API_KEY=${CROWDSEC_API_KEY} # Security key for CrowdSec integration
# Persistent storage volumes
volumes: volumes:
- ${APPDATA_PATH}/caddy/caddy-file:/etc/caddy - ${APPDATA_PATH}/caddy/caddy-file:/etc/caddy # Caddyfile configuration
- ${APPDATA_PATH}/caddy/caddy-config:/config - ${APPDATA_PATH}/caddy/caddy-config:/config # Automatic HTTPS certificates
- ${APPDATA_PATH}/caddy/caddy-data:/data - ${APPDATA_PATH}/caddy/caddy-data:/data # Site data and assets
- ${APPDATA_PATH}/caddy/caddy-logs:/logs - ${APPDATA_PATH}/caddy/caddy-logs:/logs # Access logs
- ${APPDATA_PATH}/caddy/caddy-srv:/srv - ${APPDATA_PATH}/caddy/caddy-srv:/srv # Served content
# Network ports
ports: ports:
- ${HTTP_PORT}:80 - ${HTTP_PORT}:80 # HTTP traffic
- ${HTTPS_PORT}:443 - ${HTTPS_PORT}:443 # HTTPS traffic
- ${HTTPS_PORT}:443/udp - ${HTTPS_PORT}:443/udp # QUIC/HTTP3 support

63
caddy-crowdsec/docker-compose.yml
View File

@@ -1,17 +1,25 @@
# Caddy with CrowdSec Security
services: services:
# CrowdSec - Security automation service that protects from attacks
crowdsec: crowdsec:
container_name: crowdsec container_name: crowdsec
image: ghcr.io/crowdsecurity/crowdsec:v1.6.10 image: ghcr.io/crowdsecurity/crowdsec:v1.6.10 # Official CrowdSec image
restart: unless-stopped restart: unless-stopped # Auto-restart unless explicitly stopped
# Environment configuration
environment: environment:
- BOUNCER_KEY_CADDY=${CROWDSEC_API_KEY} - BOUNCER_KEY_CADDY=${CROWDSEC_API_KEY} # API key for Caddy integration
- GID=${GID} - GID=${GID} # Group ID for file permissions
- COLLECTIONS=${COLLECTIONS} - COLLECTIONS=${COLLECTIONS} # Security collections to enable
# Persistent storage volumes
volumes: volumes:
- ${APPDATA_PATH}/caddy/crowdsec-acquis.d:/etc/crowdsec/acquis.d - ${APPDATA_PATH}/caddy/crowdsec-acquis.d:/etc/crowdsec/acquis.d # Log parsers
- ${APPDATA_PATH}/caddy/crowdsec-db:/var/lib/crowdsec/data/ - ${APPDATA_PATH}/caddy/crowdsec-db:/var/lib/crowdsec/data/ # Security database
- ${APPDATA_PATH}/caddy/crowdsec-config:/etc/crowdsec/ - ${APPDATA_PATH}/caddy/crowdsec-config:/etc/crowdsec/ # Configuration files
- ${APPDATA_PATH}/caddy/caddy-logs:/var/log/caddy:ro - ${APPDATA_PATH}/caddy/caddy-logs:/var/log/caddy:ro # Read-only log access
# Health check configuration
healthcheck: healthcheck:
test: ["CMD-SHELL", "wget --spider --quiet --tries=1 --timeout=5 http://localhost:8080/health > /dev/null 2>&1 || exit 1"] test: ["CMD-SHELL", "wget --spider --quiet --tries=1 --timeout=5 http://localhost:8080/health > /dev/null 2>&1 || exit 1"]
interval: 30s interval: 30s
@@ -19,24 +27,35 @@ services:
retries: 3 retries: 3
start_period: 30s start_period: 30s
# Caddy web server with CrowdSec security
caddy: caddy:
container_name: caddy container_name: caddy
image: docker.io/ryuupendragon/caddy-crowdsec:2.10.0 image: docker.io/ryuupendragon/caddy-crowdsec:2.10.0 # Custom Caddy image with CrowdSec plugins
restart: unless-stopped restart: unless-stopped # Auto-restart on failure
# Service dependencies
depends_on: depends_on:
crowdsec: crowdsec:
condition: service_healthy condition: service_healthy # Requires working CrowdSec before starting
# Required network capabilities
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN # Needed for network-level operations
# Environment configuration
environment: environment:
- CROWDSEC_API_KEY=${CROWDSEC_API_KEY} - CROWDSEC_API_KEY=${CROWDSEC_API_KEY} # Security key for CrowdSec integration
# Persistent storage volumes
volumes: volumes:
- ${APPDATA_PATH}/caddy/caddy-file:/etc/caddy - ${APPDATA_PATH}/caddy/caddy-file:/etc/caddy # Caddyfile configuration
- ${APPDATA_PATH}/caddy/caddy-config:/config - ${APPDATA_PATH}/caddy/caddy-config:/config # Automatic HTTPS certificates
- ${APPDATA_PATH}/caddy/caddy-data:/data - ${APPDATA_PATH}/caddy/caddy-data:/data # Site data and assets
- ${APPDATA_PATH}/caddy/caddy-logs:/logs - ${APPDATA_PATH}/caddy/caddy-logs:/logs # Access logs
- ${APPDATA_PATH}/caddy/caddy-srv:/srv - ${APPDATA_PATH}/caddy/caddy-srv:/srv # Served content
# Network ports
ports: ports:
- ${HTTP_PORT}:80 - ${HTTP_PORT}:80 # HTTP traffic
- ${HTTPS_PORT}:443 - ${HTTPS_PORT}:443 # HTTPS traffic
- ${HTTPS_PORT}:443/udp - ${HTTPS_PORT}:443/udp # QUIC/HTTP3 support