Refactor docker-compose.yml to remove commented out port mapping for PostgreSQL

Refactor compose/apps.yml to update URL with dynamic domain name

Refactor traefik.yml to update routing rules for neo4j-bolt-router

Refactor traefik.yml to fix routing rules for resume and blog subdomains

Refactor makefile to use 'always' flag when running docker compose

Refactor docker-compose.yml to update second volume path for custom configuration file

Refactor docker-compose.yml to update MINIO_SERVER_URL and NEO4J_dbms.default_advertised_address

Refactor traefik.yml to enable routing for neo4j subdomains

Refactor traefik.yml to fix routing rules for resume and blog subdomains

compose/apps.yml

@@ -90,7 +90,7 @@ services:
     depends_on:
       - ghost-db
     environment:
-      url: https://ghost.furyhawk.lol
+      url: https://ghost.${DOMAINNAME}
       database__client: mysql
       database__connection__host: ghost-db
       database__connection__user: root
@@ -183,7 +183,7 @@ services:
     volumes:
       - privatebin_data:/srv/data # data volume for pastes allows pastes
       # to persist after container stop or restart
-      - './config/conf.php:/srv/cfg/conf.php:ro' # second volume for custom configuration file
+      - "~/config/conf.php:/srv/cfg/conf.php:ro" # second volume for custom configuration file
     expose:
       - 8080
     restart: unless-stopped

compose/services.yml

@@ -35,7 +35,7 @@ services:
 
   postgres:
     image: postgres
-    container_name: postgres
+    # container_name: postgres
     environment:
       POSTGRES_DB: ${POSTGRES_DB}
       POSTGRES_USER: ${POSTGRES_USER}
@@ -63,10 +63,10 @@ services:
       - "traefik.enable=true"
     #   - "traefik.tcp.middlewares.test-inflightconn.inflightconn.amount=10"
       - "traefik.tcp.routers.postgres.entrypoints=postgres-socket"
-      - "traefik.tcp.routers.postgres.rule=HostSNI(`*`)"
+      # - "traefik.tcp.routers.postgres.rule=HostSNI(`*`)"
+      - "traefik.tcp.routers.postgres.rule=HostSNIRegexp(`^.+\\.furyhawk\\.lol$`)"
       - "traefik.tcp.routers.postgres.tls=true"
       - "traefik.tcp.routers.postgres.tls.certresolver=letsencrypt"
-      # - "traefik.tcp.routers.postgres.rule=HostSNIRegexp(`^.+\\.furyhawk\\.lol$`)"
     #   - "traefik.tcp.routers.postgres.middlewares=test-inflightconn"
       - "traefik.tcp.routers.postgres.service=postgres_service"
       - "traefik.tcp.services.postgres_service.loadbalancer.server.port=5432"
@@ -110,7 +110,7 @@ services:
       MINIO_ROOT_USER: "${MINIO_ROOT_USER:-minioadmin}"
       MINIO_ROOT_PASSWORD: "${MINIO_ROOT_PASSWORD:-minioadmin}"
       MINIO_OPTS: "--console-address :9001"
-      MINIO_SERVER_URL: https://drive.furyhawk.lol
+      MINIO_SERVER_URL: https://minio.${DOMAINNAME}
       DOMAINNAME: ${DOMAINNAME}
     # user: "1000:1000"
     restart: unless-stopped
@@ -145,19 +145,19 @@ services:
   neo4j_server:
     # Docker image to be used
     image: ${NEO4J_DOCKER_IMAGE:-neo4j:latest}
-    container_name: neo4j_server
     restart: unless-stopped
     # Environment variables
     environment:
       NEO4J_AUTH: neo4j/${NEO4J_PASSWORD:-12345678}
       NEO4J_dbms.default_listen_address: "0.0.0.0"
-      NEO4J_dbms.default_advertised_address: "neo4j.furyhawk.lol"
+      NEO4J_dbms.default_advertised_address: "neo4j.${DOMAINNAME}"
       NEO4J_dbms.connector.bolt.advertised_address: ":443"
       NEO4J_PLUGINS: '["apoc"]'
       NEO4J_dbms_security_procedures_unrestricted: "apoc.*"
       NEO4J_dbms_security_procedures_allowlist: "apoc.*"
       NEO4J_server_memory_pagecache_size: 512M
       NEO4J_server_memory_heap_max__size: 2G
+      DOMAINNAME: ${DOMAINNAME}
     user: "1000:1000"
     depends_on:
       - traefik
@@ -170,6 +170,26 @@ services:
       - 7687
     networks:
       - net
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.neo4j-router.entrypoints=web-secure"
+      - "traefik.http.routers.neo4j-router.rule=Host(`neo4j.${DOMAINNAME}`) && PathPrefix(`/neo4j`)||PathPrefix(`/browser`)"
+      - "traefik.http.routers.neo4j-router.middlewares=csrf@file, neo4j_strip@file"
+      - "traefik.http.routers.neo4j-router.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.neo4j-router.service=neo4j_browser"
+      - "traefik.http.services.neo4j_browser.loadbalancer.server.port=7474"
+      - "traefik.http.routers.neo4j-bolt-router.entrypoints=web-secure"
+      - "traefik.http.routers.neo4j-bolt-router.rule=Host(`neo4j.${DOMAINNAME}`)"
+      - "traefik.http.routers.neo4j-bolt-router.middlewares=csrf@file"
+      - "traefik.http.routers.neo4j-bolt-router.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.neo4j-bolt-router.service=neo4j_bolt"
+      - "traefik.http.services.neo4j_bolt.loadbalancer.server.port=7687"
+      - "traefik.tcp.routers.neo4j-bolt-router.entrypoints=bolt-socket"
+      - "traefik.tcp.routers.neo4j-bolt-router.rule=HostSNIRegexp(`^.+\\.furyhawk\\.lol$`)"
+      - "traefik.tcp.routers.neo4j-bolt-router.tls=true"
+      - "traefik.tcp.routers.neo4j-bolt-router.tls.certresolver=letsencrypt"
+      - "traefik.tcp.routers.neo4j-bolt-router.service=neo4j_bolt"
+      - "traefik.tcp.services.neo4j_bolt.loadbalancer.server.port=7687"
 
   syncthing:
     image: syncthing/syncthing
@@ -265,7 +285,7 @@ services:
   #         tasks:
   #           tmp-dir:
   #             path: /tmp/kestra-wd/tmp
-  #         url: http://kestra.furyhawk.lol/
+  #         url: http://kestra.${DOMAINNAME}/
   #   volumes:
   #     - kestra_data:/app/storage
   #     - /var/run/docker.sock:/var/run/docker.sock

compose/traefik/traefik.yml

@@ -51,13 +51,13 @@ certificatesResolvers:
 
 tcp:
   routers:
-    neo4j-bolt-router:
+    # neo4j-bolt-router:
-      entryPoints:
+    #   entryPoints:
-        - bolt-socket
+    #     - bolt-socket
-      rule: "HostSNIRegexp(`^.+\\.furyhawk\\.lol$`)"
+    #   rule: "HostSNIRegexp(`^.+\\.furyhawk\\.lol$`)"
-      tls:
+    #   tls:
-        certResolver: letsencrypt
+    #     certResolver: letsencrypt
-      service: neo4j-bolt
+    #   service: neo4j-bolt
 
     emqx-web-socket-router:
       entryPoints:
@@ -76,10 +76,10 @@ tcp:
     #     passthrough: true
 
   services:
-    neo4j-bolt:
+    # neo4j-bolt:
-      loadBalancer:
+    #   loadBalancer:
-        servers:
+    #     servers:
-          - address: "neo4j_server:7687"
+    #       - address: "neo4j_server:7687"
     emqx-web-socket-service:
       loadBalancer:
         servers:
@@ -136,26 +136,15 @@ http:
         certResolver: letsencrypt
       service: plane_app
 
-    neo4j-router:
+    # graph-router:
-      entryPoints:
+    #   entryPoints:
-        - web-secure
+    #     - web-secure
-      rule: "Host(`neo4j.furyhawk.lol`) && PathPrefix(`/neo4j`)||PathPrefix(`/browser`)"
+    #   rule: "Host(`neo4j.furyhawk.lol`)"
-      middlewares:
+    #   middlewares:
-        - csrf
+    #     - csrf
-        - neo4j_strip
+    #   tls:
-      tls:
+    #     certResolver: letsencrypt
-        certResolver: letsencrypt
+    #   service: neo4j-bolt
-      service: neo4j-browser
-
-    graph-router:
-      entryPoints:
-        - web-secure
-      rule: "Host(`neo4j.furyhawk.lol`)"
-      middlewares:
-        - csrf
-      tls:
-        certResolver: letsencrypt
-      service: neo4j-bolt
 
     mqtt-http-router:
       entryPoints:
@@ -201,40 +190,6 @@ http:
         certResolver: letsencrypt
       service: mqttx-web
 
-    # info-router:
-    #   entryPoints:
-    #     - web-secure
-    #   rule: "Host(`furyhawk.lol`) || Host(`www.furyhawk.lol`) || Host(`info.furyhawk.lol`) || Host(`124c41.furyhawk.lol`)"
-    #   middlewares:
-    #     - csrf
-    #     - no-www
-    #   tls:
-    #     certResolver: letsencrypt
-    #   service: site_server
-
-    # resume-router:
-    #   entryPoints:
-    #     - web-secure
-    #   rule: "Host(`resume.furyhawk.lol`)"
-    #   # redirect to resume
-    #   middlewares:
-    #     - csrf
-    #     - redirect-resume
-    #   tls:
-    #     certResolver: letsencrypt
-    #   service: resume_server
-
-    # blog-router:
-    #   entryPoints:
-    #     - web-secure
-    #   rule: "Host(`blog.furyhawk.lol`)"
-    #   # redirect to external blog
-    #   middlewares:
-    #     - redirect-blog
-    #   tls:
-    #     certResolver: letsencrypt
-    #   service: blog
-
   middlewares:
     auth:
       basicAuth:
@@ -317,14 +272,10 @@ http:
       loadBalancer:
         servers:
           - url: http://LibreChat:3080
-    neo4j-browser:
+    # neo4j-bolt:
-      loadBalancer:
+    #   loadBalancer:
-        servers:
+    #     servers:
-          - url: http://neo4j_server:7474
+    #       - url: http://neo4j_server:7687
-    neo4j-bolt:
-      loadBalancer:
-        servers:
-          - url: http://neo4j_server:7687
     plane_app:
       loadBalancer:
         servers:
@@ -351,14 +302,6 @@ http:
       loadBalancer:
         servers:
           - url: http://mqttx_web:80
-    # resume_server:
-    #   loadBalancer:
-    #     servers:
-    #       - url: http://site_server:80
-    # blog:
-    #   loadBalancer:
-    #     servers:
-    #       - url: https://furyhawk.github.io/124c41/
 
 providers:
   # https://docs.traefik.io/master/providers/file/

makefile

@@ -3,10 +3,9 @@
 # Variables
 
 # Commands
-serve: down
+serve: pull
 	@echo "Serving the project..."
-	docker compose -f compose.yml up -d --build traefik
+	docker compose -f compose.yml up -d --build --pull always
-	docker compose -f compose.yml up -d
 down: pull
 	@echo "Stopping the project..."
 	docker compose -f compose.yml down --remove-orphans