From 2ed6934cb228a5f2b151ea3d77ee65b0cc6c6209 Mon Sep 17 00:00:00 2001
From: furyhawk <furyx@hotmail.com>
Date: Tue, 11 Jun 2024 18:01:09 +0800
Subject: [PATCH] Refactor Traefik routing rules in adguardhome.yml

---
 swarm/adguardhome.yml | 38 +++++++++++++++++++++-----------------
 swarm/core.yml        |  5 +++++
 2 files changed, 26 insertions(+), 17 deletions(-)

diff --git a/swarm/adguardhome.yml b/swarm/adguardhome.yml
index 1fb7199..e5215c5 100644
--- a/swarm/adguardhome.yml
+++ b/swarm/adguardhome.yml
@@ -4,23 +4,23 @@ services:
     volumes:
       - /var/data/adguardhome_conf:/opt/adguardhome/conf
       - /var/data/adguardhome_work:/opt/adguardhome/work
-    ports:
-        # DNS
-        - 53:53
-          # # DHCP server
-          # - 67:67/udp
-          # - 68:68/udp
-          # # HTTPS/DNS-over-HTTPS
-          # - 443:443/tcp
-          # # DNS-over-TLS
-          # - 853:853/tcp
-          # # DNS-over-QUIC
-          # - 853:853/udp
-          # # DNSCrypt
-          # - 5443:5443/tcp
-          # - 5443:5443/udp
-          # # WebUI
-          # - 3000:3000/tcp
+    # ports:
+      # DNS
+        # - 53:53
+        # # DHCP server
+        # - 67:67/udp
+        # - 68:68/udp
+        # # HTTPS/DNS-over-HTTPS
+        # - 443:443/tcp
+        # # DNS-over-TLS
+        # - 853:853/tcp
+        # # DNS-over-QUIC
+        # - 853:853/udp
+        # # DNSCrypt
+        # - 5443:5443/tcp
+        # - 5443:5443/udp
+        # # WebUI
+        # - 3000:3000/tcp
     networks:
       - traefik-public
     deploy:
@@ -28,6 +28,10 @@ services:
         - traefik.enable=true
         - traefik.docker.network=traefik-public
         - traefik.constraint-label=traefik-public
+        - traefik.tcp.routers.adguardhome_tcp.entrypoints=dns
+        - traefik.tcp.routers.adguardhome_tcp.rule=HostSNI(`*`)
+        - traefik.tcp.routers.adguardhome_tcp.service=adguardhome_dns_service
+        - traefik.tcp.services.adguardhome_dns_service.loadbalancer.server.port=53
         - traefik.http.routers.adguardhome.entrypoints=https
         - traefik.http.routers.adguardhome.rule=Host(`guard.${DOMAIN}`)
         - traefik.http.routers.adguardhome.tls.certresolver=le
diff --git a/swarm/core.yml b/swarm/core.yml
index 862e982..4cd1656 100644
--- a/swarm/core.yml
+++ b/swarm/core.yml
@@ -4,6 +4,9 @@ services:
     # Use the latest v3.0.x Traefik image available
     image: traefik:latest
     ports:
+      # - target: 53
+      #   published: 53
+      #   mode: host
       - target: 80
         published: 80
         mode: host
@@ -109,6 +112,8 @@ services:
       - --entrypoints.http.http.redirections.entrypoint.to=https
       - --entrypoints.http.http.redirections.entrypoint.scheme=https
       - --entrypoints.http.http.redirections.entrypoint.permanent=true
+      # Create an entrypoint "dns" listening on port 53
+      # - --entrypoints.dns.address=:53
       # Create an entrypoint "postgres-socket" listening on port 5432
       - --entrypoints.postgres-socket.address=:5432
       # Others entrypoints can be created, like a TCP entrypoint