ldr/source-repo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

traefik web 설정 파일 작성

Browse Source
This commit is contained in:
이대로 2024-04-09 01:46:32 +09:00
parent e71d31eca5
commit dfb688bf33
20 changed files with 424 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
docker/compose/gitea.yaml
View File

@ -1,4 +1,4 @@
version: "3" version: "3.9"
networks: networks:
net-public: net-public:
@ -6,7 +6,7 @@ networks:
services: services:
server: server:
image: gitea/gitea:1.18.0 image: gitea/gitea:latest
container_name: gitea container_name: gitea
environment: environment:
- USER_UID=1000 - USER_UID=1000
@ -16,6 +16,7 @@ services:
- GITEA__database__NAME=gitea - GITEA__database__NAME=gitea
- GITEA__database__USER=gitea - GITEA__database__USER=gitea
- GITEA__database__PASSWD=gitea - GITEA__database__PASSWD=gitea
- GITEA__webhook__ALLOWED_HOST_LIST=*
restart: always restart: always
networks: networks:
- net-public - net-public
@ -39,4 +40,28 @@ services:
networks: networks:
- net-public - net-public
volumes: volumes:
- /mnt/disk1/gitea/db:/var/lib/postgresql/data - /mnt/disk1/gitea/db:/var/lib/postgresql/data
# runner:
# image: registry.smsoft.kro.kr/gitea/act_runner:latest
# restart: always
# container_name: gitea_runner
# environment:
# - CONFIG_FILE=/config/config.yml
# - GITEA_INSTANCE_URL=https://git.smsoft.kro.kr
# - GITEA_RUNNER_REGISTRATION_TOKEN=cAIObh78BmjdEGkeoT1GSjrV7CiNvjRDRqCmVT9M
# volumes:
# - /mnt/disk1/gitea/runner/config:/config
# - /mnt/disk1/gitea/runner/data:/data
# - /var/run/docker.sock:/var/run/docker.sock
# - /root/cert:/cert
# entrypoint: ["sh", "-c"]
# command:
# - |
# docker context create remote-prod --docker host=https://smsoft.kr:2376,ca=/cert/ca.pem,cert=/cert/cert.pem,key=/cert/key.pem
# docker context create remote-dev --docker host=tcp://10.10.20.20:2375
# /sbin/tini -- /opt/act/run.sh
# networks:
# - net-public
# depends_on:
# - server

12
traefik/digital-twin.yml
View File

@ -1,12 +0,0 @@
http:
routers:
dt-rt:
entryPoints:
- "web"
rule: "Host(`dt.devsmsoft.kro.kr`)"
service: "dt-sv"
services:
dt-sv:
loadbalancer:
servers:
- url: "http://172.30.1.31:8101"

18
traefik/streaming-db.yml → traefik/dynamic/streaming/db.yml
View File

@ -1,31 +1,31 @@
tcp: tcp:
routers: routers:
db-smsoft-main-rt: db-smsoft-main:
entryPoints: entryPoints:
- "db-smsoft-main" - "db-smsoft-main"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "db-smsoft-main-sc" service: "db-smsoft-main"
db-woori-ai-rt: db-woori-ai:
entryPoints: entryPoints:
- "db-woori-ai" - "db-woori-ai"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "db-woori-ai-sc" service: "db-woori-ai"
db-hynix-rt: db-hynix:
entryPoints: entryPoints:
- "db-hynix" - "db-hynix"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "db-hynix-sc" service: "db-hynix"
services: services:
db-smsoft-main-sc: db-smsoft-main:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.81:3306" - address: "10.10.20.81:3306"
db-woori-ai-sc: db-woori-ai:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.81:3308" - address: "10.10.20.81:3308"
db-hynix-sc: db-hynix:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.81:1433" - address: "10.10.20.81:1433"

22
traefik/dynamic/streaming/seal.yml Normal file
View File

@ -0,0 +1,22 @@
tcp:
routers:
seal-subversion:
entryPoints:
- "seal-subversion"
rule: "HostSNI(`*`)"
service: "seal-subversion"
seal-db:
entryPoints:
- "seal-db"
rule: "HostSNI(`*`)"
service: "seal-db"
services:
seal-subversion:
loadbalancer:
servers:
- address: "10.10.20.100:3690"
seal-db:
loadbalancer:
servers:
- address: "10.10.20.100:1521"

47
traefik/streaming-ssh.yml → traefik/dynamic/streaming/ssh.yml
View File

@ -1,58 +1,67 @@
tcp: tcp:
routers: routers:
ssh-swarm-1-rt: ssh-swarm-1:
entryPoints: entryPoints:
- "ssh-swarm-1" - "ssh-swarm-1"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "ssh-swarm-1-sc" service: "ssh-swarm-1"
ssh-swarm-2-rt: ssh-swarm-2:
entryPoints: entryPoints:
- "ssh-swarm-2" - "ssh-swarm-2"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "ssh-swarm-2-sc" service: "ssh-swarm-2"
ssh-swarm-3-rt: ssh-swarm-3:
entryPoints: entryPoints:
- "ssh-swarm-3" - "ssh-swarm-3"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "ssh-swarm-3-sc" service: "ssh-swarm-3"
ssh-gpu-sv-rt: ssh-gpu-sv:
entryPoints: entryPoints:
- "ssh-gpu-sv" - "ssh-gpu-sv"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "ssh-gpu-sc" service: "ssh-gpu"
ssh-dt-sv-rt: ssh-dt-sv:
entryPoints: entryPoints:
- "ssh-dt-sv" - "ssh-dt-sv"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "ssh-dt-sc" service: "ssh-dt"
ssh-db-sv-rt: ssh-db-sv:
entryPoints: entryPoints:
- "ssh-dt-sv" - "ssh-dt-sv"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "ssh-db-sc" service: "ssh-db"
ssh-cvat-sv:
entryPoints:
- "ssh-cvat-sv"
rule: "HostSNI(`*`)"
service: "ssh-cvat"
services: services:
ssh-swarm-1-sc: ssh-swarm-1:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.20:22" - address: "10.10.20.20:22"
ssh-swarm-2-sc: ssh-swarm-2:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.21:22" - address: "10.10.20.21:22"
ssh-swarm-3-sc: ssh-swarm-3:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.22:22" - address: "10.10.20.22:22"
ssh-gpu-sc: ssh-gpu:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.30:22" - address: "10.10.20.30:22"
ssh-dt-sc: ssh-dt:
loadbalancer: loadbalancer:
servers: servers:
- address: "172.30.1.31:22" - address: "172.30.1.31:22"
ssh-db-sc: ssh-db:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.81:22" - address: "10.10.20.81:22"
ssh-cvat:
loadbalancer:
servers:
- address: "10.10.20.23:22"

24
traefik/streaming-web.yml → traefik/dynamic/streaming/web.yml
View File

@ -1,40 +1,40 @@
tcp: tcp:
routers: routers:
aibface-landmark-rt: aibface-landmark:
entryPoints: entryPoints:
- "aibface-landmark" - "aibface-landmark"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "aibface-landmark-sc" service: "aibface-landmark"
aibface-skin-rt: aibface-skin:
entryPoints: entryPoints:
- "aibface-skin" - "aibface-skin"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "aibface-skin-sc" service: "aibface-skin"
kidsnote-site-rt: kidsnote-site:
entryPoints: entryPoints:
- "kidsnote-site" - "kidsnote-site"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "kidsnote-site-sc" service: "kidsnote-site"
narajangteo-site-rt: narajangteo-site:
entryPoints: entryPoints:
- "narajangteo-site" - "narajangteo-site"
rule: "HostSNI(`*`)" rule: "HostSNI(`*`)"
service: "narajangteo-site-sc" service: "narajangteo-site"
services: services:
aibface-landmark-sc: aibface-landmark:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.30:16000" - address: "10.10.20.30:16000"
aibface-skin-sc: aibface-skin:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.30:16001" - address: "10.10.20.30:16001"
kidsnote-site-sc: kidsnote-site:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.20:21437" - address: "10.10.20.20:21437"
narajangteo-site-sc: narajangteo-site:
loadbalancer: loadbalancer:
servers: servers:
- address: "10.10.20.20:24012" - address: "10.10.20.20:24012"

18
traefik/dynamic/web/aibface.yml Normal file
View File

@ -0,0 +1,18 @@
http:
routers:
aibface:
entryPoints:
- "websecure"
rule: "Host(`aibface.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "aibface"
services:
aibface:
loadbalancer:
servers:
- url: "http://10.10.20.20:9082"

18
traefik/dynamic/web/cvat.yml Normal file
View File

@ -0,0 +1,18 @@
http:
routers:
cvat:
entryPoints:
- "websecure"
rule: "Host(`cvat.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "cvat"
services:
cvat:
loadbalancer:
servers:
- url: "http://10.10.20.23:8080"

18
traefik/dynamic/web/digital-twin.yml Normal file
View File

@ -0,0 +1,18 @@
http:
routers:
digital-twin:
entryPoints:
- "websecure"
rule: "Host(`dt.dev.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.dev.semyeongsoft.com"
service: "digital-twin"
services:
digital-twin:
loadbalancer:
servers:
- url: "http://172.30.1.31:8101"

33
traefik/dynamic/web/docker.yml Normal file
View File

@ -0,0 +1,33 @@
http:
routers:
docker:
entryPoints:
- "websecure"
rule: "Host(`docker.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "docker"
registry:
entryPoints:
- "websecure"
rule: "Host(`registry.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "registry"
services:
docker:
loadbalancer:
servers:
- url: "http://10.10.20.50:9000"
registry:
loadbalancer:
servers:
- url: "http://10.10.20.50:5000"

18
traefik/dynamic/web/gitea.yml Normal file
View File

@ -0,0 +1,18 @@
http:
routers:
gitea:
entryPoints:
- "websecure"
rule: "Host(`git.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "gitea"
services:
gitea:
loadbalancer:
servers:
- url: "http://10.10.20.50:3000"

33
traefik/dynamic/web/hyhome.yml Normal file
View File

@ -0,0 +1,33 @@
http:
routers:
home-admin:
entryPoints:
- "websecure"
rule: "Host(`home-admin.dev.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.dev.semyeongsoft.com"
service: "home-admin"
home-web:
entryPoints:
- "websecure"
rule: "Host(`home-web.dev.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.dev.semyeongsoft.com"
service: "home-web"
services:
home-admin:
loadbalancer:
servers:
- url: "http://10.10.20.20:9080"
home-web:
loadbalancer:
servers:
- url: "http://10.10.20.20:9081"

18
traefik/dynamic/web/jenkins.yml Normal file
View File

@ -0,0 +1,18 @@
http:
routers:
jenkins:
entryPoints:
- "websecure"
rule: "Host(`jenkins.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "jenkins"
services:
jenkins:
loadbalancer:
servers:
- url: "http://10.10.20.50:8080"

33
traefik/dynamic/web/nas.yml Normal file
View File

@ -0,0 +1,33 @@
http:
routers:
nas-master:
entryPoints:
- "websecure"
rule: "Host(`nas.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "nas-master"
nas-backup:
entryPoints:
- "websecure"
rule: "Host(`nas-bk.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "nas-backup"
services:
nas-master:
loadbalancer:
servers:
- url: "https://211.243.12.175:8003"
nas-backup:
loadbalancer:
servers:
- url: "http://172.30.1.100:5000"

18
traefik/dynamic/web/nexus.yml Normal file
View File

@ -0,0 +1,18 @@
http:
routers:
nexus:
entryPoints:
- "websecure"
rule: "Host(`nexus.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "nexus"
services:
nexus:
loadbalancer:
servers:
- url: "http://10.10.20.50:8081"

63
traefik/dynamic/web/seal.yml Normal file
View File

@ -0,0 +1,63 @@
http:
routers:
epa:
entryPoints:
- "websecure"
rule: "Host(`epa.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "epa"
seal:
entryPoints:
- "websecure"
rule: "Host(`seal.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "seal"
sld:
entryPoints:
- "websecure"
rule: "Host(`sld.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "sld"
slr:
entryPoints:
- "websecure"
rule: "Host(`slr.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "slr"
services:
epa:
loadbalancer:
servers:
- url: "http://10.10.20.100:8088"
seal:
loadbalancer:
servers:
- url: "http://10.10.20.100:8087"
sld:
loadbalancer:
servers:
- url: "http://10.10.20.100:8089"
slr:
loadbalancer:
servers:
- url: "http://10.10.20.100:8090"

18
traefik/dynamic/web/sign.yml Normal file
View File

@ -0,0 +1,18 @@
http:
routers:
sign:
entryPoints:
- "websecure"
rule: "Host(`sign.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "sign"
services:
sign:
loadbalancer:
servers:
- url: "http://10.10.20.20:21013"

18
traefik/dynamic/web/voice.yml Normal file
View File

@ -0,0 +1,18 @@
http:
routers:
voice:
entryPoints:
- "websecure"
rule: "Host(`voice.semyeongsoft.com`)"
tls:
certResolver: smsoft-dns-challenge
domains:
- main: "semyeongsoft.com"
sans:
- "*.semyeongsoft.com"
service: "voice"
services:
voice:
loadbalancer:
servers:
- url: "http://10.10.20.20:9801"

31
traefik/streaming-seal.yml
View File

@ -1,31 +0,0 @@
tcp:
routers:
seal-subversion-rt:
entryPoints:
- "seal-subversion"
rule: "HostSNI(`*`)"
service: "seal-subversion-sc"
seal-rdp-rt:
entryPoints:
- "seal-rdp"
rule: "HostSNI(`*`)"
service: "seal-rdp-sc"
seal-db-rt:
entryPoints:
- "seal-db"
rule: "HostSNI(`*`)"
service: "seal-db-sc"
services:
seal-subversion-sc:
loadbalancer:
servers:
- address: "10.10.20.100:3690"
seal-rdp-sc:
loadbalancer:
servers:
- address: "10.10.20.100:3389"
seal-db-sc:
loadbalancer:
servers:
- address: "10.10.20.100:1521"

21
traefik/traefik.yml
View File

@ -16,6 +16,8 @@ entryPoints:
address: ":10031" address: ":10031"
ssh-db-sv: ssh-db-sv:
address: ":10081" address: ":10081"
ssh-cvat-sv:
address: ":10023"
# database # database
db-smsoft-main: db-smsoft-main:
address: ":10233" address: ":10233"
@ -26,8 +28,6 @@ entryPoints:
# seal # seal
seal-subversion: seal-subversion:
address: ":11369" address: ":11369"
seal-rdp:
address: ":11389"
seal-db: seal-db:
address: ":11521" address: ":11521"
# aibface # aibface
@ -46,5 +46,22 @@ providers:
directory: /etc/traefik/dynamic directory: /etc/traefik/dynamic
watch: true watch: true
certificatesResolvers:
smsoft-dns-challenge:
acme:
email: daero2120@gmail.com
storage: /etc/traefik/acme.json
dnsChallenge:
provider: cloudflare
log:
level: info
format: json
filePath: /etc/traefik/log/traefik.log
accessLog:
format: json
filePath: /etc/traefik/log/access.log
api: api:
dashboard: true dashboard: true