feat: Added Traefik

- Added compose.yaml file containg also certs-dumper to extract certificates
- Added traefik.yaml configuration file

dist/teamspeak6/.env.template

@@ -1,9 +0,0 @@
-TSSERVER_LICENSE_ACCEPTED=accept
-TSSERVER_DATABASE_PLUGIN=mariadb
-TSSERVER_DATABASE_SQL_CREATE_PATH=create_mariadb
-TSSERVER_DATABASE_PORT=3306
-
-MYSQL_USER=teamspeak
-MYSQL_PASSWORD=YourPasswordHere
-MYSQL_ROOT_PASSWORD=SuperSecretPassword
-MYSQL_DATABASE=teamspeak

dist/teamspeak6/compose.yaml

@@ -1,62 +0,0 @@
-networks:
-    traefik-network:
-        external: true
-    teamspeak6:
-        external: false
-services:
-    teamspeak:
-        image: teamspeaksystems/teamspeak6-server:latest
-        container_name: teamspeak-server
-        restart: unless-stopped
-        labels:
-            - "traefik.enable=true"
-            - "traefik.docker.network=traefik-network"
-            - "traefik.udp.routers.ts6-voice.entrypoints=ts6-voice"
-            - "traefik.udp.routers.ts6-voice.service=ts6-voice-service"
-            - "traefik.udp.services.ts6-voice-service.loadbalancer.server.port=9987"
-            - "traefik.tcp.routers.ts6-filetransfer.rule=HostSNI(`*`)"
-            - "traefik.tcp.routers.ts6-filetransfer.entrypoints=ts6-filetransfer"
-            - "traefik.tcp.routers.ts6-filetransfer.service=ts6-filetransfer-service"
-            - "traefik.tcp.services.ts6-filetransfer-service.loadbalancer.server.port=30033"
-            - "traefik.tcp.routers.ts6-webquery.rule=HostSNI(`*`)"
-            - "traefik.tcp.routers.ts6-webquery.entrypoints=ts6-webquery"
-            - "traefik.tcp.routers.ts6-webquery.service=ts6-webquery-service"
-            - "traefik.tcp.services.ts6-webquery-service.loadbalancer.server.port=10080"
-        networks:
-            - traefik-network
-            - teamspeak6
-        environment:
-            - TSSERVER_LICENSE_ACCEPTED=${TSSERVER_LICENSE_ACCEPTED}
-            # Database settings
-            - TSSERVER_DATABASE_PLUGIN=${TSSERVER_DATABASE_PLUGIN}
-            - TSSERVER_DATABASE_SQL_CREATE_PATH=create_mariadb
-            - TSSERVER_DATABASE_HOST={TSSERVER_DATABASE_SQL_CREATE_PATH}
-            - TSSERVER_DATABASE_PORT=${TSSERVER_DATABASE_PORT}
-            - TSSERVER_DATABASE_NAME=${MYSQL_DATABASE}
-            - TSSERVER_DATABASE_USERNAME=${MYSQL_USER}
-            - TSSERVER_DATABASE_PASSWORD=${MYSQL_PASSWORD}
-        volumes:
-            - ./data:/var/tsserver
-        depends_on:
-            mariadb:
-                condition: service_healthy
-
-    mariadb:
-        image: mariadb:latest
-        container_name: mariadb
-        environment:
-            - MYSQL_ROOT_PASSWORD={MYSQL_ROOT_PASSWORD}
-            - MYSQL_DATABASE=${MYSQL_DATABASE}
-            - MYSQL_USER=${MYSQL_USER}
-            - MYSQL_PASSWORD=${MYSQL_PASSWORD}
-        volumes:
-            - mariadb-data:/var/lib/mysql
-        restart: unless-stopped
-        healthcheck:
-            test: ["CMD", "healthcheck.sh", "--connect", "--innodb_initialized"]
-            start_period: 10s
-            interval: 10s
-            timeout: 5s
-            retries: 3
-        networks:
-            - teamspeak6

dist/traefik/.env.template

@@ -0,0 +1,4 @@
+BASE_DOMAIN=example.com
+SERVICE_DOMAIN=traefik.example.com
+# admin:admin
+DASHBOARD_HTPASSWORD=admin:$2b$10$1DxaLIdVmJVNcQUmMxdfiOjlnp2gDKiMQjpTNxagVJEoTGTUOfVnG

dist/traefik/compose.yaml

@@ -0,0 +1,42 @@
+networks:
+  traefik-network:
+
+services:
+  traefik:
+    image: traefik:v3.6.4
+    container_name: traefik
+    restart: unless-stopped
+    dns:
+      - 1.1.1.1
+      - 8.8.8.8
+    ports:
+      - 80:80
+      - 443:443
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.dashboard.rule=Host(`${SERVICE_DOMAIN}`)"
+      - "traefik.http.routers.dashboard.entrypoints=https"
+      - "traefik.http.routers.dashboard.service=api@internal"
+      - "traefik.http.routers.dashboard.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.dashboard.middlewares=dashboard-auth"
+      - "traefik.http.middlewares.dashboard-auth.basicauth.users=${DASHBOARD_HTPASSWORD}"
+    command:
+      - "--log.level=DEBUG"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./traefik.yaml:/traefik.yaml:ro
+      - ./acme.json:/acme.json
+      - ./certs:/certs
+    networks:
+      - traefik-network
+
+  traefik-certs-dumper:
+    image: ldez/traefik-certs-dumper:v2.9.3
+    container_name: traefik-certs-dumper
+    restart: unless-stopped
+    volumes:
+      - ./acme.json:/acme.json:ro
+      - ./certs:/output
+    environment:
+      - DOMAIN=${BASE_DOMAIN}
+    command: "file --version v2 --watch --source /acme.json --dest /output"

dist/traefik/traefik.yaml

@@ -0,0 +1,26 @@
+api:
+  insecure: false
+  dashboard: true
+
+entryPoints:
+  http:
+    address: ":80"
+    http:
+      redirections:
+        entryPoint:
+          to: https
+          scheme: https
+  https:
+    address: ":443"
+
+providers:
+  docker:
+    exposedByDefault: false
+
+certificatesResolvers:
+  letsencrypt:
+    acme:
+      email: YOUR_EMAIL@example.com
+      storage: /acme.json
+      httpChallenge:
+        entryPoint: web