From 89278bfecf61c776e12da9722425626d6424d2ab Mon Sep 17 00:00:00 2001
From: Gurulandia <gurulandia@outlook.com>
Date: Wed, 5 Mar 2025 09:36:40 +0200
Subject: [PATCH] Modified

---
 docker/compose/networks/proxy.yaml |  2 +-
 docker/env/.env.proxy              |  2 +-
 docker/env/.env.stack.proxy        |  5 +++--
 docker/services/dc-traefik.yml     | 26 +++++++++++++-------------
 4 files changed, 18 insertions(+), 17 deletions(-)

diff --git a/docker/compose/networks/proxy.yaml b/docker/compose/networks/proxy.yaml
index 1862ea2..e03aab9 100644
--- a/docker/compose/networks/proxy.yaml
+++ b/docker/compose/networks/proxy.yaml
@@ -1,4 +1,4 @@
 networks:
   proxy:
     name: proxy
-    external: true	
\ No newline at end of file
+    # external: true	
\ No newline at end of file
diff --git a/docker/env/.env.proxy b/docker/env/.env.proxy
index 20fcb59..167e138 100644
--- a/docker/env/.env.proxy
+++ b/docker/env/.env.proxy
@@ -1,4 +1,4 @@
-BASICAUTHUSER=gurulandia:$$apr1$$kBqxEDFb$$aOgGWvLwFUDhSymDy430m.
+# BASICAUTHUSER=gurulandia:$$apr1$$kBqxEDFb$$aOgGWvLwFUDhSymDy430m.
 # create basic auth with: echo $(htpasswd -nb "<USER>" "<PASSWORD>") | sed -e s/\\$/\\$\\$/g
 
 ##### trustedIPs
diff --git a/docker/env/.env.stack.proxy b/docker/env/.env.stack.proxy
index dc8bda1..bd3e3e0 100644
--- a/docker/env/.env.stack.proxy
+++ b/docker/env/.env.stack.proxy
@@ -7,11 +7,12 @@ PROXYNAME=proxy
 TRAEFIK_CONTAINER_NAME=traefik
 TRAEFIK_IMAGE=traefik
 TRAEFIK_TAG=latest
-TRAEFIK_RESTART_POLICY=unless-stopped
+TRAEFIK_RESTART_POLICY=always
 
 ##### socket-proxy Container
 SOCKET_PROXY_CONTAINER_NAME=socket-proxy
-SOCKET_PROXY_IMAGE=ghcr.io/tecnativa/docker-socket-proxy
+#SOCKET_PROXY_IMAGE=ghcr.io/tecnativa/docker-socket-proxy
+SOCKET_PROXY_IMAGE=lscr.io/linuxserver/socket-proxy
 SOCKET_PROXY_TAG=latest
 SOCKET_PROXY_RESTART_POLICY=always
 
diff --git a/docker/services/dc-traefik.yml b/docker/services/dc-traefik.yml
index 6a9c192..d5d6168 100644
--- a/docker/services/dc-traefik.yml
+++ b/docker/services/dc-traefik.yml
@@ -15,11 +15,12 @@ services:
   # chmod 600 $DOCKERDIR/traefik2/acme/acme.json
   # touch $DOCKERDIR/traefik2/traefik.log
   traefik:
-    container_name: ${TRAEFIK_CONTAINER_NAME}
-    image: ${TRAEFIK_IMAGE}:${TRAEFIK_TAG}
-    restart: ${TRAEFIK_RESTART_POLICY}
+    container_name: ${TRAEFIK_CONTAINER_NAME:-traefik}
+    image: ${TRAEFIK_IMAGE:-traefik}:${TRAEFIK_TAG:-latest}
+    restart: ${TRAEFIK_RESTART_POLICY:-always}
     security_opt:
       - no-new-privileges:true
+    user: ${UID:-1000}:${GID:-1000}
     networks:
       proxy:
       socket_proxy:
@@ -36,10 +37,10 @@ services:
       #  published: 465
       #  protocol: tcp
       #  mode: host
-      - target: 587
-        published: 587
-        protocol: tcp
-        mode: host
+      #- target: 587
+      #  published: 587
+      #  protocol: tcp
+      #  mode: host
       #- 465:465
       #- 587:587
     #env_file:
@@ -56,7 +57,7 @@ services:
       - DOMAINNAME1
       - DOMAINNAME2
       - DOMAINNAME3
-      #- CF_API_EMAIL
+      - CF_API_EMAIL
 
     command: # CLI arguments
       - --global.checkNewVersion=true
@@ -104,10 +105,9 @@ services:
       - --certificatesResolvers.$CERTRESOLVER.acme.dnsChallenge.delayBeforeCheck=90 # To delay DNS check and reduce LE hitrate
 #      - --certificatesResolvers.$CERTRESOLVER.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing
 
-
 #      - --entrypoints.http.http.middlewares=middlewares-crowdsec-bouncer@file
-      - --entrypoints.mailsecure.address=:465
-      - --entrypoints.maildefault.address=:587
+#      - --entrypoints.mailsecure.address=:465
+#      - --entrypoints.maildefault.address=:587
 #      - --entrypoints.https.http.middlewares=middlewares-crowdsec-bouncer@file      
 #      - --entryPoints.ping.address=:8081
 #      - --api.insecure=true)
@@ -132,13 +132,13 @@ services:
       - basic_auth_credentials
     labels:
       traefik.enable: true
-      traefik.http.routers.traefik.entrypoints: http
+      traefik.http.routers.traefik.entrypoints: web
       traefik.http.routers.traefik.rule: Host(`${PROXYNAME}.${DOMAINNAME1}`)
       traefik.http.middlewares.traefik-auth.basicauth.users: ${BASICAUTHUSER}
       traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme: https
       traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto: https
       traefik.http.routers.traefik.middlewares: traefik-https-redirect
-      traefik.http.routers.traefik-secure.entrypoints: https
+      traefik.http.routers.traefik-secure.entrypoints: websecure
       traefik.http.routers.traefik-secure.rule: Host(`${PROXYNAME}.${DOMAINNAME1}`)
       traefik.http.routers.traefik-secure.middlewares: chain-no-auth@file
 #      traefik.http.routers.traefik-secure.middlewares: traefik-auth