Skip to content
/ get-traefiked Public

Simple compose file for Nextcloud + Vaultwarden + Wireguard + Blog + Crowdsec with traefik reverse proxy

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

crasoke/get-traefiked

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
data
data
 
 
without-crowdsec
without-crowdsec
 
 
.env
.env
 
 
.env.example
.env.example
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

Set Up Nextcloud, Vaultwarden, Wireguard, Blog, Crowdsec with Traefik reverse proxy

This project provides straightforward docker-compose files for setting up:

  1. Nextcloud, Vaultwarden, Wireguard, Crowdsec, and your custom Blog.
  2. Nextcloud, Vaultwarden, Wireguard, and your custom Blog.

These setups use Traefik as a reverse proxy.

Requirements

  • Docker
  • Docker Compose

Quickstart Default (With Crowdsec)

  1. Create a Crowdsec account and go to the console. Copy the enroll key and insert it into the .env file.
  2. Fill in the rest of the information in the .env file. An example is provided in the .env.example file: 
    EMAIL=max.mustermann@example.com
DOMAIN=example.com
VAULTWARDEN_ADMIN_PASSWORD=KDEcaaGUd9kCjmN623U2PMWjUwUqNrLJ
MYSQL_ROOT_PASSWORD=RJnLKLWVT6uCGrVxqzc4bfew2CVUSDP7
MYSQL_PASSWORD=coahwpXuLTRYhbrJY2UVqgrPri9hLJnE
WG_PASSWORD=b2rVHQmvgaNHQDY9jNfRrbzVWKCLDQHy
IPALLOWLIST=172.16.0.0/12
CROWDSEC_LAPI_KEY=2abpGRXqQnq8KSaHgfFtdV/CnVVvWmU8cCZ2CDhgJZH
CROWDSEC_ENROLL_KEY=gxyc3igakixgge23ei3bo4f6i
  3. Insert your custom static blog/website in the blog folder, for example, using Hugo.
  4. Run the following command to start the services: 
    docker-compose up -d

Quickstart (Without Crowdsec)

  1. cd into the without-crowdsec folder.
  2. Fill in the information in the .env file. An example is provided in the .env.example file.
  3. Insert your custom static blog/website in the blog folder, for example, using Hugo.
  4. Run the following command in the without-crowdsec folder to start the services: 
    docker-compose up -d

Remarks

  • For testing, you can uncomment --log.level=DEBUG and --certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory in the docker-compose file. This is useful for debugging and because Let's Encrypt has a rate limit of 50 certificate requests per week. Learn more about rate limits here.
  • For the initial configuration of Vaultwarden and Wireguard, it is recommended to change the IPALLOWLIST environment variable to your public IP address (from where you SSH into) and then change it back after the configuration is complete.
  • For the initial configuration of Nextcloud, it is recommended to add the following labels so that the system can only be accessed from your IP address: 
    - "traefik.http.middlewares.test-ipallowlist.ipallowlist.sourcerange=your_public_ip"
- "traefik.http.routers.nextcloud.middlewares=test-ipallowlist@docker"
  • Consider disabling signups in Vaultwarden after creating your account by setting "signups_allowed": false in the data/vaultwarden/config.json or visiting the admin page (bitwarden.example.com/admin).
  • It is recommended to use the version with Crowdsec to enhance security.

About

Simple compose file for Nextcloud + Vaultwarden + Wireguard + Blog + Crowdsec with traefik reverse proxy

Topics

docker-compose nextcloud traefik wireguard bitwarden crowdsec

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Languages