feat: init

2025-05-12 13:09:43 +02:00
commit 516eb78832
12 changed files with 403 additions and 0 deletions
--- a/config/dns/config.sample.json
+++ b/config/dns/config.sample.json
@ -0,0 +1,41 @@
+{
+  "version": 2,
+  "activeEnv": "",
+  "webServerPort": null,
+  "dnsServerPort": null,
+  "defaultDns": null,
+  "logLevel": null,
+  "logFile": null,
+  "registerContainerNames": null,
+  "hostMachineHostname": null,
+  "domain": "docker",
+  "dpsNetwork": true,
+  "dpsNetworkAutoConnect": true,
+  "resolvConfOverrideNameServers": false,
+  "noRemoteServers": true,
+  "noEntriesResponseCode": 2,
+  "remoteDnsServers": [],
+  "envs": [
+    {
+      "name": "",
+      "hostnames": [
+        {
+          "id": 1,
+          "hostname": ".vm",
+          "ip": "",
+          "target": "host.docker",
+          "ttl": 3600,
+          "type": "CNAME"
+        },
+        {
+          "id": 2,
+          "hostname": ".dev.local",
+          "ip": "",
+          "target": "host.docker",
+          "ttl": 3600,
+          "type": "CNAME"
+        }
+      ]
+    }
+  ]
+},
--- a/config/dns/entrypoint.sh
+++ b/config/dns/entrypoint.sh
@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+if [ ! -d "/app/conf" ]; then
+  mkdir /app/conf
+fi
+
+if [ ! -f "/app/conf/config.json" ]; then
+  cp /conf/config.sample.json /app/conf/config.json
+elif [ "/conf/config.sample.json" -nt "/app/conf/config.json" ]; then
+  echo "example config file is newer than existing config."
+  echo "replacing existing file by new config"
+
+  CONFIG_BACKUP="/app/conf/config_$(date +"%Y%m%d_%H%M%s").json"
+
+  echo "saving existing config as ${CONFIG_BACKUP}"
+
+  cp /app/conf/config.json ${CONFIG_BACKUP}
+  cp /conf/config.sample.json /app/conf/config.json
+fi
+
+if [ -z "$@" ] ; then
+  exec "/app/dns-proxy-server" -XX:MaxHeapSize=50m -XX:MaxNewSize=10m
+else
+  exec "$@"
+fi
--- a/config/traefik/dynamic/dashboard.yaml
+++ b/config/traefik/dynamic/dashboard.yaml
@ -0,0 +1,5 @@
+http:
+  routers:
+    api:
+      service: api@internal
+      rule: "Host(`traefik.vm`)"
--- a/config/traefik/dynamic/ssl.yaml
+++ b/config/traefik/dynamic/ssl.yaml
@ -0,0 +1,16 @@
+http:
+  middlewares:
+    redirect-https:
+      redirectScheme:
+        scheme: https
+        permanent: false
+
+  routers:
+    https-router:
+      rule: "!Host(`localhost`)"
+      priority: 999999
+      middlewares:
+        - redirect-https
+      service: noop@internal
+      entrypoints:
+        - http
--- a/config/traefik/traefik.yml
+++ b/config/traefik/traefik.yml
@ -0,0 +1,37 @@
+log:
+  level: INFO
+
+api:
+  dashboard: true
+  disableDashboardAd: true
+
+entryPoints:
+  http:
+    address: :80
+
+  https:
+    address: :443
+    asDefault: true
+    http:
+      tls:
+        certResolver: step
+
+providers:
+  file:
+    directory: /etc/traefik/dynamic
+    watch: true
+
+  docker:
+    defaultRule: |
+      Host(`{{ trim (index .Labels "serviceName") }}.dev.local`) {{range $i, $domain := splitList "," (index .Labels "serviceDomains")}}{{if ne $domain ""}}|| Host(`{{$domain}}`){{end}}{{end}}
+    constraints: LabelRegex(`serviceName`, `.+`) && !Label(`com.docker.compose.oneoff`, `True`)
+
+certificatesResolvers:
+  step:
+    acme:
+      caServer: https://localhost:9000/acme/acme/directory
+      certificatesDuration: 24
+      email: dev@example.com
+      storage: /traefik/certs.json
+      httpChallenge:
+        entryPoint: http