diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml deleted file mode 100644 index 2993b58..0000000 --- a/docker-compose.prod.yml +++ /dev/null @@ -1,115 +0,0 @@ -services: - frontend: - container_name: ca-lose-frontend - hostname: lose-verkaufen - build: ./frontend - networks: - ca-lose-internal: - ipv4_address: 172.25.0.2 - proxynet: - ipv4_address: 172.20.0.61 - restart: unless-stopped - - backend: - container_name: ca-lose-backend - hostname: backend - build: ./backend - environment: - NODE_ENV: production - DB_HOST: ca-lose-mysql - DB_USER: root - DB_PASSWORD: ${DB_PASSWORD} - DB_NAME: ca_lose - depends_on: - - database - networks: - ca-lose-internal: - ipv4_address: 172.25.0.3 - restart: unless-stopped - - database: - container_name: ca-lose-mysql - hostname: database - image: mysql:8.0 - restart: unless-stopped - environment: - MYSQL_ROOT_PASSWORD: ${DB_PASSWORD} - MYSQL_DATABASE: ca_lose - TZ: Europe/Berlin - volumes: - - ca-lose_mysql:/var/lib/mysql - - ./mysql-timezone.cnf:/etc/mysql/conf.d/timezone.cnf:ro - networks: - ca-lose-internal: - ipv4_address: 172.25.0.4 - proxynet: - ipv4_address: 172.20.0.60 - - # DNS Server für Hostname-Auflösung innerhalb des VPN - dnsmasq: - container_name: ca-lose-dns - image: andyshinn/dnsmasq:latest - restart: unless-stopped - cap_add: - - NET_ADMIN - command: > - --no-daemon - --log-queries - --address=/lose-verkaufen/172.25.0.2 - --address=/frontend/172.25.0.2 - --address=/backend/172.25.0.3 - --address=/database/172.25.0.4 - --address=/wg-admin/172.25.0.10 - networks: - ca-lose-internal: - ipv4_address: 172.25.0.53 - - # WireGuard VPN mit Web-UI (wg-easy) - wireguard: - image: ghcr.io/wg-easy/wg-easy:latest - container_name: ca-lose-wireguard - cap_add: - - NET_ADMIN - - SYS_MODULE - environment: - LANG: de - WG_HOST: dus3.the1s.de - WG_PORT: "51830" - PORT: "51821" - WG_DEFAULT_ADDRESS: 10.14.14.x - WG_DEFAULT_DNS: "172.25.0.53" - WG_ALLOWED_IPS: 172.25.0.0/24 - WG_PERSISTENT_KEEPALIVE: "25" - WG_POST_UP: "iptables -t nat -A POSTROUTING -s 10.14.14.0/24 -o eth0 -j MASQUERADE; iptables -A FORWARD -i wg0 -o eth0 -j ACCEPT; iptables -A FORWARD -i eth0 -o wg0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -A FORWARD -i wg0 -d 172.25.0.2 -j ACCEPT; iptables -A FORWARD -i wg0 -d 172.25.0.53 -j ACCEPT; iptables -A FORWARD -i wg0 -j DROP" - WG_POST_DOWN: "iptables -t nat -D POSTROUTING -s 10.14.14.0/24 -o eth0 -j MASQUERADE; iptables -D FORWARD -i wg0 -o eth0 -j ACCEPT; iptables -D FORWARD -i eth0 -o wg0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -D FORWARD -i wg0 -d 172.25.0.2 -j ACCEPT; iptables -D FORWARD -i wg0 -d 172.25.0.53 -j ACCEPT; iptables -D FORWARD -i wg0 -j DROP" - volumes: - - wireguard-data:/etc/wireguard - - /lib/modules:/lib/modules:ro - ports: - - "51830:51830/udp" - sysctls: - - net.ipv4.ip_forward=1 - - net.ipv4.conf.all.src_valid_mark=1 - restart: unless-stopped - depends_on: - - dnsmasq - - frontend - networks: - ca-lose-internal: - ipv4_address: 172.25.0.10 - proxynet: - ipv4_address: 172.20.0.50 - -volumes: - ca-lose_mysql: - wireguard-data: - -networks: - ca-lose-internal: - driver: bridge - ipam: - config: - - subnet: 172.25.0.0/24 - gateway: 172.25.0.1 - proxynet: - external: true