Include BitWarden #2
Comments
Setting up Caddy |
jgwehr
added a commit
that referenced
this issue
Oct 1, 2021
#2 Still not working correctly, but fixed typo issue in the compose file. Reformatted environment sections. Updated Log vars.
jgwehr
added a commit
that referenced
this issue
Oct 1, 2021
#2 Added a Log Directory and top-level domain/admin password variables
|
Building a Caddy instance with DuckDNS built in, without having to self-build: https://ben.balter.com/2021/09/01/how-i-re-over-engineered-my-home-network/ docker-compose caddy.Dockerfile |
jgwehr
added a commit
that referenced
this issue
Feb 10, 2022
* Move all volumes to CONFIGDIR * Port Updates Some ports currently occupied from other container stacks... will change once the full stack is in a single compose. * Create template.env * Added BitWarden and Caddy * Port variables for Caddy * log directory and admin variables #2 Added a Log Directory and top-level domain/admin password variables * Caddy finally started! special config directory Fixed where Caddyfile was pointing to. Removed orphaned "Volumes:" which caused compose-up issues. * DuckDNS module prep * gitignore and folder structure * Caddy Healthcheck * Update .gitignore Don't need Certs getting uploaded... * Info on duckdns * Project Structure prep * Better structure Learned about multiple compose files in an `up` command. And this solves the .env problem. And added better file org. * Skip the app data * Restructure didn't work * Security Hardening: User * Ditching Watchtower In the interest of better control * Removed Watchtower and Caddy References * Logging test Setting a default Log level and turning on Extended Logging in an attempt to get a hard file created in /logs * Another try to get solid log file * Logging again * When will logs work? * Trying out CrowdSec Removed fail2ban * Initial for Crowdsec configs see: https://hub.docker.com/r/crowdsecurity/crowdsec * Mirror structure from Crowdsec * Correct env variable? * Realign folder structure https://wiki.servarr.com/docker-guide * Another config option * Crowdsec Ports * Crowdsec Ports (fix) * Crowdsec Ports (fix) * Pin CrowdSec version, Comment nginx * Minor * First working CrowdSec It's not possible to provide both the config.yaml and container /config/ directors at the same time. * Just kidding it still doesn't work This is an alternate with an unspecified config location. As the example (successfully) uses. * Working Crowdsec Not with the configuration folders structure I want, but waddyagonnado * Trying Bitwarden Standing up the container with CrowdSec. And trying to get logging to work. * CrowdSec Health Check Non-functional due to dependency check * Caddy env cleanup * Uncomment Caddy Still doesn't put logs in the right place * Turn on other containers * Fix Health Check * Another healthcheck fix * Try: caddy log mounts * the documentation on this projecy... oy vey Apparently 3 dashes to separate in acquis? Maybe? * env and readme * Cleanup for speed * Caddy is working again Added some ideas for Caddy security. While working, it's not passing to Jellyfin like it should * Fix uptime kuma in caddy Just a port change * Container for Jellyfin Converting to compose; building port env vars; introduce cache directory * cachedir fix * Trying non-SWAG image * Trial: better network organization * Tinker with JF Compose JF dependent on Caddy. Staging to be able to supply the cert to JF. * Remove host when using networks * JF Finally works in compose. Shift to primary config names change bind mounts from test to primary. Requires manual CHOWN of these folders * Pass Caddy's certfile to Jellyfin * Caddyfile security options * Accidentally found the Caddy logs? * testing something... * revert * trying sub sub domains and local addressing * Sub works. Trying proxy * reverse_proxy not proxy Fix issue from https://github.com/bradleyscott/home-automation/commit/bec533f3cb65f895b4f50d87aa3fdf074cd5d3eb * Transparent is also not a directive https://github.com/bradleyscott/home-automation/commit/bec533f3cb65f895b4f50d87aa3fdf074cd5d3eb ^ none of it seems valid * Caddy refuses to work without setting to HOST mode * Fix ports and depends_on * Comment shit out so I can restart faster * Success! Uptime Kuma over Caddy HTTPS wow. Now that this finally works, it's clear there's a configuration issue within Jellyfin rather than Caddy * A functional status server Now, need to get jellyfin operational * Add Heimdall back * Memory Contraints Given it can be more or less public now, avoid brute force abuse. * Added Caddy to the stack Officially * trying to send to jf https * It works! As long suspected, a network problem. Removed all JF's internal HTTPS and instead rely on Caddy (as is appropriate). Swapped JF from host back to network (shared with caddy) and it works! * Returning to Crowdsec trial * Guidance from docker readme Rely on the containers config.yaml since mine isn't customized. Switcb to volume for db since this doesn't really need to be backed up. Read-only log binds. * Crowdsec upgrade 1.3.0 * Crowdsec depends on Caddy to be up * SSHD collection added * Basic log access * Including Crowdsec in custom Caddy build https://www.reddit.com/r/CrowdSec/comments/rmu1wf/bouncer_for_caddy_crowdsec/ * Basic resource control * Pin Caddy build to a known working version * Remove unused nginx. Follow new documentation from https://docs.crowdsec.net/docs/next/data_sources/docker/ and https://discord.com/channels/921520481163673640/922594744062857236/939191793331875860 * Removed crowdsec config.yaml Latest image uses a default file which can be overwritten. No need to overwrite at this time, so removed. * Crowdsec added to stack * Intentionally Broke: Crowdsec init in Caddyfile Following: https://www.reddit.com/r/CrowdSec/comments/rmu1wf/bouncer_for_caddy_crowdsec/hs4mgqp/ Caddy should be instructed to load Crowdsec first and call it during http handling. This likely doesn't work until I can get the LAPI port and api key. * Variablize ports for Caddy Abstract all the things * Trying Socket Proxy * Comments * Socket Proxy guesswork: container Proofed Crowdsec will work with direct access to the socket. Now, also proved the DOCKER_HOST env passthrough successfully abstracts the socket. However, a 403 is (appropriately) returned. Now is the unnecessary task of figuring out which APIs Crowdsec needs. * Stable with socket proxy * Cleanup caddy in crowdsec config Logs complained "caddy_log" wasn't a valid type. Presumably it was successfully looking at the log filename (which didn't work) but failing in the docker context (which is where we wanted it to look) * Clean up Crowdsec collections * fix caddy build for crowdsec bouncer * Trying to insert bouncers in Compose * Rename Crowdsec env var to API * passing BOUNCERS env var didn't work... * Dynamic CrowdSec port and token for Caddy Pass Crowdsec container link into Caddy. New token Env var for the Caddy Bouncer. Configure Caddy bouncer to use the new env variables. * It might just be working...
jgwehr
added a commit
that referenced
this issue
May 4, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://bitwarden.com/help/article/install-on-premise/#configure-your-domain
The text was updated successfully, but these errors were encountered: