Modified

docker/compose/networks/proxy.yaml

@@ -1,4 +1,4 @@
 networks:
   proxy:
     name: proxy
-    external: true	
+    # external: true	

docker/env/.env.proxy

@@ -1,4 +1,4 @@
-BASICAUTHUSER=gurulandia:$$apr1$$kBqxEDFb$$aOgGWvLwFUDhSymDy430m.
+# BASICAUTHUSER=gurulandia:$$apr1$$kBqxEDFb$$aOgGWvLwFUDhSymDy430m.
 # create basic auth with: echo $(htpasswd -nb "<USER>" "<PASSWORD>") | sed -e s/\\$/\\$\\$/g
 
 ##### trustedIPs

docker/env/.env.stack.proxy

@@ -7,11 +7,12 @@ PROXYNAME=proxy
 TRAEFIK_CONTAINER_NAME=traefik
 TRAEFIK_IMAGE=traefik
 TRAEFIK_TAG=latest
-TRAEFIK_RESTART_POLICY=unless-stopped
+TRAEFIK_RESTART_POLICY=always
 
 ##### socket-proxy Container
 SOCKET_PROXY_CONTAINER_NAME=socket-proxy
-SOCKET_PROXY_IMAGE=ghcr.io/tecnativa/docker-socket-proxy
+#SOCKET_PROXY_IMAGE=ghcr.io/tecnativa/docker-socket-proxy
+SOCKET_PROXY_IMAGE=lscr.io/linuxserver/socket-proxy
 SOCKET_PROXY_TAG=latest
 SOCKET_PROXY_RESTART_POLICY=always
 

docker/services/dc-traefik.yml

@@ -15,11 +15,12 @@ services:
   # chmod 600 $DOCKERDIR/traefik2/acme/acme.json
   # touch $DOCKERDIR/traefik2/traefik.log
   traefik:
-    container_name: ${TRAEFIK_CONTAINER_NAME}
-    image: ${TRAEFIK_IMAGE}:${TRAEFIK_TAG}
-    restart: ${TRAEFIK_RESTART_POLICY}
+    container_name: ${TRAEFIK_CONTAINER_NAME:-traefik}
+    image: ${TRAEFIK_IMAGE:-traefik}:${TRAEFIK_TAG:-latest}
+    restart: ${TRAEFIK_RESTART_POLICY:-always}
     security_opt:
       - no-new-privileges:true
+    user: ${UID:-1000}:${GID:-1000}
     networks:
       proxy:
       socket_proxy:
@@ -36,10 +37,10 @@ services:
       #  published: 465
       #  protocol: tcp
       #  mode: host
-      - target: 587
-        published: 587
-        protocol: tcp
-        mode: host
+      #- target: 587
+      #  published: 587
+      #  protocol: tcp
+      #  mode: host
       #- 465:465
       #- 587:587
     #env_file:
@@ -56,7 +57,7 @@ services:
       - DOMAINNAME1
       - DOMAINNAME2
       - DOMAINNAME3
-      #- CF_API_EMAIL
+      - CF_API_EMAIL
 
     command: # CLI arguments
       - --global.checkNewVersion=true
@@ -104,10 +105,9 @@ services:
       - --certificatesResolvers.$CERTRESOLVER.acme.dnsChallenge.delayBeforeCheck=90 # To delay DNS check and reduce LE hitrate
 #      - --certificatesResolvers.$CERTRESOLVER.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing
 
-
 #      - --entrypoints.http.http.middlewares=middlewares-crowdsec-bouncer@file
-      - --entrypoints.mailsecure.address=:465
-      - --entrypoints.maildefault.address=:587
+#      - --entrypoints.mailsecure.address=:465
+#      - --entrypoints.maildefault.address=:587
 #      - --entrypoints.https.http.middlewares=middlewares-crowdsec-bouncer@file      
 #      - --entryPoints.ping.address=:8081
 #      - --api.insecure=true)
@@ -132,13 +132,13 @@ services:
       - basic_auth_credentials
     labels:
       traefik.enable: true
-      traefik.http.routers.traefik.entrypoints: http
+      traefik.http.routers.traefik.entrypoints: web
       traefik.http.routers.traefik.rule: Host(`${PROXYNAME}.${DOMAINNAME1}`)
       traefik.http.middlewares.traefik-auth.basicauth.users: ${BASICAUTHUSER}
       traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme: https
       traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto: https
       traefik.http.routers.traefik.middlewares: traefik-https-redirect
-      traefik.http.routers.traefik-secure.entrypoints: https
+      traefik.http.routers.traefik-secure.entrypoints: websecure
       traefik.http.routers.traefik-secure.rule: Host(`${PROXYNAME}.${DOMAINNAME1}`)
       traefik.http.routers.traefik-secure.middlewares: chain-no-auth@file
 #      traefik.http.routers.traefik-secure.middlewares: traefik-auth