From 4ca9647a434fa7edeb066e48e65c9acde02962bf Mon Sep 17 00:00:00 2001
From: Gurulandia <gurulandia@outlook.com>
Date: Sat, 1 Feb 2025 15:45:53 +0200
Subject: [PATCH] New Files for Traefik Reverse Proxy

---
 docker/proxy/.env               | 62 +++++++++++++++++++++++++++++++++
 docker/proxy/docker-compose.yml | 17 +++++++++
 2 files changed, 79 insertions(+)
 create mode 100644 docker/proxy/.env
 create mode 100644 docker/proxy/docker-compose.yml

diff --git a/docker/proxy/.env b/docker/proxy/.env
new file mode 100644
index 0000000..5bcd8b1
--- /dev/null
+++ b/docker/proxy/.env
@@ -0,0 +1,62 @@
+COMPOSE_PROJECT_NAME=proxy
+
+##### SYSTEM
+PUID=1000
+PGID=1000
+TZ=Europe/HelsinkI
+
+#USERDIR=/home/gurulandia
+DOCKERDIR=/gurulandia/data
+SECRETSDIR=/gurulandia/docker-shared/secrets
+
+##### ProxyName
+PROXYNAME=proxy
+
+##### DOMAIN
+DOMAINNAME0=gurulandia.eu
+DOMAINNAME1=lab.gurulandia.eu
+DOMAINNAME2=gurulandia.fi
+DOMAINNAME3=home.gurulandia.fi
+
+
+##### Traefik Container
+TRAEFIK_CONTAINER_NAME=traefik
+TRAEFIK_IMAGE=traefik
+TRAEFIK_VERSION=latest
+TRAEFIK_RESTART_POLICY=unless-stopped
+
+##### socket-proxy Container
+SOCKET_PROXY_CONTAINER_NAME=socket-proxy
+SOCKET_PROXY_IMAGE=ghcr.io/tecnativa/docker-socket-proxy
+SOCKET_PROXY_VERSION=latest
+SOCKET_PROXY_RESTART_POLICY=always
+
+DOCKER_ENDPOINT=tcp://${SOCKET_PROXY_CONTAINER_NAME}:2375
+
+BASICAUTHUSER=gurulandia:$$apr1$$kBqxEDFb$$aOgGWvLwFUDhSymDy430m.
+# create basic auth with: echo $(htpasswd -nb "<USER>" "<PASSWORD>") | sed -e s/\\$/\\$\\$/g
+
+##### trustedIPs
+CLOUDFLARE_IPS=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,172.64.0.0/13,131.0.72.0/22,104.16.0.0/13,104.24.0.0/14
+LOCAL_IPS=127.0.0.1/32,10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
+
+##### Certificate
+CF_API_EMAIL=gurulandia@outlook.com
+
+CERTRESOLVER=dns-cloudflare
+DNS_PROVIDER=cloudflare
+RESOLVER0=1.1.1.1:53
+RESOLVER1=1.0.0.1:53
+
+##### Crowdsec Container
+CROWDSEC_CONTAINER_NAME=crowdsec
+CROWDSEC_IMAGE=crowdsecurity/crowdsec
+CROWDSEC_VERSION=latest
+CROWDSEC_RESTART_POLICY=unless-stopped
+
+##### bouncer-traefik Container
+BT_CONTAINER_NAME=bouncer-traefik
+BT_IMAGE=docker.io/fbonalair/traefik-crowdsec-bouncer
+BT_VERSION=latest
+BT_RESTART_POLICY=unless-stopped
+GIN_MODE=release
\ No newline at end of file
diff --git a/docker/proxy/docker-compose.yml b/docker/proxy/docker-compose.yml
new file mode 100644
index 0000000..a026b34
--- /dev/null
+++ b/docker/proxy/docker-compose.yml
@@ -0,0 +1,17 @@
+########################### NETWORKS
+# There is no need to create any networks outside this docker-compose file.
+networks:
+  proxy:
+    name: proxy
+    driver: bridge
+  socket_proxy:
+    name: socket_proxy
+    driver: bridge
+
+# Docker Compose v2.20 or greater required to use "include"
+include:
+########################### SERVICES
+  - ../compose/dc-traefik.yml
+  - ../compose/dc-socket-proxy.yml
+  - ../compose/dc-crowdsec.yml
+  - ../compose/dc-traefik-bouncer.yml