feat: Add new Portainer stacks, setup scripts, and configurations for various services including filebrowser, paperless, and firefly.
This commit is contained in:
6
cloudflared/cloudflared/cert.pem
Normal file
6
cloudflared/cloudflared/cert.pem
Normal file
@@ -0,0 +1,6 @@
|
||||
-----BEGIN ARGO TUNNEL TOKEN-----
|
||||
eyJ6b25lSUQiOiI3ZGY4MWRkMzM4NGI2MDU3ODBkZGYzZGNjYmQyOTI5MCIsImFj
|
||||
Y291bnRJRCI6IjJmZWIxMWZkZDlmYTczYTJhYjQ4MDUyMjM4NmJkNzM1IiwiYXBp
|
||||
VG9rZW4iOiJESmxwNFR3RzVUZlJUZlFRdmdwdlZZdUxodVI4cEhiXzNUVk9xeFJL
|
||||
In0=
|
||||
-----END ARGO TUNNEL TOKEN-----
|
||||
43
cloudflared/commands.sh
Normal file
43
cloudflared/commands.sh
Normal file
@@ -0,0 +1,43 @@
|
||||
#cloudflare API token
|
||||
# AutoUpdateIP WhAIOCeGjws2IFCD32BJn1r8TS1M8SWeGbEYVuVc
|
||||
|
||||
curl "https://api.cloudflare.com/client/v4/user/tokens/verify" \
|
||||
-H "Authorization: Bearer WhAIOCeGjws2IFCD32BJn1r8TS1M8SWeGbEYVuVc"
|
||||
|
||||
#allow ping in cloudflared
|
||||
sudo sysctl -w net.ipv4.ping_group_range="0 65535"
|
||||
|
||||
|
||||
sudo mkdir -p /etc/sysctl.d
|
||||
echo "net.ipv4.ping_group_range = 0 65535" | sudo tee /etc/sysctl.d/99-cloudflared.conf
|
||||
|
||||
|
||||
|
||||
docker exec cloudflare-tunnel tunnel create nas-tunnel
|
||||
|
||||
|
||||
|
||||
docker run -it --rm -v /volume1/docker/cloudflared:/etc/cloudflared cloudflare-tunnel tunnel login
|
||||
|
||||
|
||||
docker run -it --rm \
|
||||
-v /volume1/docker/cloudflared:/etc/cloudflared \
|
||||
cloudflare/cloudflared:latest tunnel login
|
||||
|
||||
|
||||
# tunnel uuid fb59f081-ac72-4fd9-bad3-9211b931d5e5
|
||||
|
||||
|
||||
|
||||
docker stop cloudflare-tunnel
|
||||
docker rm cloudflare-tunnel
|
||||
|
||||
docker run -it --rm \
|
||||
-v /volume1/docker/cloudflared:/root/.cloudflared \
|
||||
-v /volume1/docker/cloudflared/etc:/etc/cloudflared \
|
||||
cloudflare/cloudflared:latest tunnel login
|
||||
|
||||
|
||||
docker run -it --rm \
|
||||
-v /volume1/docker/cloudflared:/root/.cloudflared \
|
||||
cloudflare/cloudflared:latest tunnel token nas
|
||||
20
cloudflared/create_cloudflared_folders.sh
Normal file
20
cloudflared/create_cloudflared_folders.sh
Normal file
@@ -0,0 +1,20 @@
|
||||
# Define base path
|
||||
BASE="/volume1/docker/cloudflared"
|
||||
|
||||
# Create folders
|
||||
mkdir -p "${BASE}/etc"
|
||||
|
||||
# Set ownership and permissions
|
||||
chown -R 1037:65538 "${BASE}"
|
||||
chmod -R 750 "${BASE}"
|
||||
|
||||
|
||||
# Define base path
|
||||
BASE="/volume1/docker/ddns-updater"
|
||||
|
||||
# Create folders
|
||||
mkdir -p "${BASE}"
|
||||
|
||||
# Set ownership and permissions
|
||||
chown -R 1037:65538 "${BASE}"
|
||||
chmod -R 750 "${BASE}"
|
||||
14
cloudflared/ddns-updater/config.json
Normal file
14
cloudflared/ddns-updater/config.json
Normal file
@@ -0,0 +1,14 @@
|
||||
{
|
||||
"settings": [
|
||||
{
|
||||
"provider": "cloudflare",
|
||||
"zone_identifier": "7df81dd3384b605780ddf3dccbd29290",
|
||||
"domain": "chengs.uk",
|
||||
"host": "@",
|
||||
"ttl": 600,
|
||||
"proxied": true,
|
||||
"token": "WhAIOCeGjws2IFCD32BJn1r8TS1M8SWeGbEYVuVc",
|
||||
"ip_version": "ipv4"
|
||||
}
|
||||
]
|
||||
}
|
||||
0
cloudflared/ddns-updater/updates.json
Normal file
0
cloudflared/ddns-updater/updates.json
Normal file
96
cloudflared/docker-compose.portainer.yml
Normal file
96
cloudflared/docker-compose.portainer.yml
Normal file
@@ -0,0 +1,96 @@
|
||||
# Docker Compose configuration for setting up a Cloudflare Tunnel container
|
||||
#
|
||||
# This configuration pulls the latest Cloudflare Tunnel image from the specified repository
|
||||
# and includes options for logging, automatic updates using Watchtower, health checks, and volume mounting.
|
||||
|
||||
services:
|
||||
|
||||
# Cloudflare Tunnel Service
|
||||
cloudflare-tunnel:
|
||||
image: cloudflare/cloudflared:latest # Pull the latest version of the Cloudflare Tunnel image
|
||||
container_name: cloudflare-tunnel # Name of the Cloudflare Tunnel container
|
||||
hostname: cloudflare-tunnel # Hostname for the Cloudflare Tunnel container
|
||||
|
||||
user: root
|
||||
|
||||
restart: unless-stopped # Restart the container unless manually stopped
|
||||
|
||||
# Logging configuration for Cloudflare Tunnel container
|
||||
logging:
|
||||
driver: "json-file" # Use the default json-file logging driver
|
||||
options:
|
||||
max-size: "100m" # Maximum log file size before rotation (100 MB)
|
||||
max-file: "10" # Maximum number of log files to retain (10)
|
||||
|
||||
# Network mode configuration
|
||||
network_mode: "host" # Use the host network (no isolation between host and container)
|
||||
|
||||
# Command to run Cloudflare Tunnel
|
||||
command: 'tunnel --no-autoupdate run' # Command to start the Cloudflare tunnel
|
||||
|
||||
# Volume configuration for time synchronization and hosts file persistence
|
||||
volumes:
|
||||
- /etc/localtime:/etc/localtime:ro # Synchronize time with the host
|
||||
- /volume1/docker/cloudflared:/root/.cloudflared
|
||||
- /volume1/docker/cloudflared/etc:/etc/cloudflared
|
||||
|
||||
#- ./config/hosts:/etc/hosts # Mount hosts file from host to container
|
||||
|
||||
# Environment variables for Cloudflare Tunnel
|
||||
# cloudflared.exe service install eyJhIjoiMmZlYjExZmRkOWZhNzNhMmFiNDgwNTIyMzg2YmQ3MzUiLCJ0IjoiZmI1OWYwODEtYWM3Mi00ZmQ5LWJhZDMtOTIxMWI5MzFkNWU1IiwicyI6IllqWXdaVFEyTURrdFpHVXpPUzAwTnpNMkxUazJPREl0T0RGak9UZ3dOelV3Tm1ZeCJ9
|
||||
environment:
|
||||
- NO_AUTOUPDATE=true
|
||||
- "TUNNEL_TOKEN=${CLOUDFLARE_TUNNEL_TOKEN}" # Pass the Cloudflare Tunnel token from environment variable
|
||||
|
||||
# Health check configuration to verify Cloudflare Tunnel readiness
|
||||
healthcheck:
|
||||
test: ["CMD", "cloudflared", "--version"] # Check if cloudflared version command works
|
||||
interval: 30s # Time between health check attempts
|
||||
timeout: 10s # Time to wait for a response
|
||||
retries: 3 # Number of retries before marking as unhealthy
|
||||
start_period: 10s # Delay before health checks begin
|
||||
|
||||
# Container labels for additional metadata
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=true" # Enable automatic updates with Watchtower
|
||||
|
||||
|
||||
#
|
||||
####################################################
|
||||
# #
|
||||
# -------DDNS-Updater------- #
|
||||
# #
|
||||
####################################################
|
||||
#
|
||||
ddns-updater:
|
||||
container_name: ddns-updater
|
||||
restart: always
|
||||
hostname: ddns-updater
|
||||
environment:
|
||||
- TZ=America/Toronto
|
||||
- PUID=$PUID
|
||||
- PGID=$PGID
|
||||
- PERIOD=5m
|
||||
- UPDATE_COOLDOWN_PERIOD=5m
|
||||
- PUBLICIP_FETCHERS=all
|
||||
- PUBLICIP_HTTP_PROVIDERS=all
|
||||
- PUBLICIPV4_HTTP_PROVIDERS=all
|
||||
- PUBLICIPV6_HTTP_PROVIDERS=all
|
||||
- PUBLICIP_DNS_PROVIDERS=all
|
||||
- PUBLICIP_DNS_TIMEOUT=3s
|
||||
- HTTP_TIMEOUT=10s
|
||||
- LISTENING_PORT=8000
|
||||
- HEALTH_SERVER_ADDRESS=127.0.0.1:9999
|
||||
- ROOT_URL=/
|
||||
- BACKUP_PERIOD=24h # 0 to disable
|
||||
- BACKUP_DIRECTORY=/updater/data
|
||||
- LOG_LEVEL=info
|
||||
- LOG_CALLER=hidden
|
||||
- SHOUTRRR_ADDRESSES=pushover://shoutrrr:$PUSHOVER_API@$PUSHOVER_USER_KEY
|
||||
volumes:
|
||||
- /volume1/docker/ddns-updater:/updater/data
|
||||
ports:
|
||||
- 8002:8000/tcp
|
||||
user: $PUID:$PGID
|
||||
image: 'qmcgaw/ddns-updater:latest'
|
||||
#
|
||||
Reference in New Issue
Block a user