theis.gaedigk/ca-lose
3
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Compare commits

base: theis.gaedigk/ca-lose:2aa9a968f51e05af88bf11245cb2f4ec17f1103b
Branches Tags
theis.gaedigk/ca-lose:dev theis.gaedigk/ca-lose:prod theis.gaedigk/ca-lose:dev_tanstack theis.gaedigk/ca-lose:dev_new-frontend theis.gaedigk/ca-lose:prod_docker
theis.gaedigk/ca-lose:v2.1 theis.gaedigk/ca-lose:v2.0 theis.gaedigk/ca-lose:v1.0
..
compare: theis.gaedigk/ca-lose:prod_docker
Branches Tags
theis.gaedigk/ca-lose:prod theis.gaedigk/ca-lose:dev theis.gaedigk/ca-lose:dev_tanstack theis.gaedigk/ca-lose:dev_new-frontend theis.gaedigk/ca-lose:prod_docker
theis.gaedigk/ca-lose:v2.1 theis.gaedigk/ca-lose:v2.0 theis.gaedigk/ca-lose:v1.0

8 Commits
2aa9a968f5 .. prod_docker

Author SHA1 Message Date
theis.gaedigk cf2df0aaac edited code design 2026-05-09 21:46:01 +02:00
theis.gaedigk 1199d6468f noted out public web-ui port 2026-05-09 21:45:19 +02:00
theis.gaedigk 7cd958c31e edited ip adresses 2026-05-09 21:43:12 +02:00
theis.gaedigk f89cf84a38 edited docker config 2026-05-09 21:38:56 +02:00
theis.gaedigk e3fc1d8659 edited again 2026-05-09 21:30:59 +02:00
theis.gaedigk 060f8d01c6 edited again 2026-05-09 21:27:47 +02:00
theis.gaedigk 667609d70c fixed docker config 2026-05-09 21:24:42 +02:00
theis.gaedigk b05f19acd9 edited docker compose 2026-05-09 21:22:28 +02:00
1 changed files with 11 additions and 25 deletions
Expand all files Collapse all files
docker-compose.yml
+11 -25
View File
@@ -3,11 +3,11 @@ services:
container_name: ca-lose-frontend container_name: ca-lose-frontend
hostname: lose-verkaufen hostname: lose-verkaufen
build: ./frontend build: ./frontend
depends_on:
- backend
networks: networks:
ca-lose-internal: ca-lose-internal:
ipv4_address: 172.25.0.2 ipv4_address: 172.25.0.2
proxynet:
ipv4_address: 172.20.0.61
restart: unless-stopped restart: unless-stopped
backend: backend:
@@ -37,13 +37,11 @@ services:
MYSQL_DATABASE: ca_lose MYSQL_DATABASE: ca_lose
TZ: Europe/Berlin TZ: Europe/Berlin
volumes: volumes:
- ca-lose_mysql:/var/lib/mysql - ../docker/volumes/ca-lose_mysql:/var/lib/mysql
- ./mysql-timezone.cnf:/etc/mysql/conf.d/timezone.cnf:ro - ./mysql-timezone.cnf:/etc/mysql/conf.d/timezone.cnf:ro
networks: networks:
ca-lose-internal: ca-lose-internal:
ipv4_address: 172.25.0.4 ipv4_address: 172.25.0.4
proxynet:
ipv4_address: 172.20.0.60
# DNS Server für Hostname-Auflösung innerhalb des VPN # DNS Server für Hostname-Auflösung innerhalb des VPN
dnsmasq: dnsmasq:
@@ -59,10 +57,10 @@ services:
--address=/frontend/172.25.0.2 --address=/frontend/172.25.0.2
--address=/backend/172.25.0.3 --address=/backend/172.25.0.3
--address=/database/172.25.0.4 --address=/database/172.25.0.4
--address=/wg-admin/172.25.0.10 --address=/wireguard/172.25.0.6
networks: networks:
ca-lose-internal: ca-lose-internal:
ipv4_address: 172.25.0.53 ipv4_address: 172.25.0.5
# WireGuard VPN mit Web-UI (wg-easy) # WireGuard VPN mit Web-UI (wg-easy)
wireguard: wireguard:
@@ -75,34 +73,24 @@ services:
LANG: de LANG: de
WG_HOST: dus3.the1s.de WG_HOST: dus3.the1s.de
WG_PORT: "51830" WG_PORT: "51830"
PORT: "51821" WG_DEFAULT_DNS: "172.25.0.5"
WG_DEFAULT_ADDRESS: 10.14.14.x PORT: "80" # Web-UI Port
WG_DEFAULT_DNS: "172.25.0.53" PASSWORD_HASH: ${WIREGUARD_PASSWORD_HASH}
WG_ALLOWED_IPS: 172.25.0.0/24
WG_PERSISTENT_KEEPALIVE: "25"
WG_POST_UP: "iptables -t nat -A POSTROUTING -s 10.14.14.0/24 -o eth0 -j MASQUERADE; iptables -A FORWARD -i wg0 -o eth0 -j ACCEPT; iptables -A FORWARD -i eth0 -o wg0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -A FORWARD -i wg0 -d 172.25.0.2 -j ACCEPT; iptables -A FORWARD -i wg0 -d 172.25.0.53 -j ACCEPT; iptables -A FORWARD -i wg0 -j DROP"
WG_POST_DOWN: "iptables -t nat -D POSTROUTING -s 10.14.14.0/24 -o eth0 -j MASQUERADE; iptables -D FORWARD -i wg0 -o eth0 -j ACCEPT; iptables -D FORWARD -i eth0 -o wg0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -D FORWARD -i wg0 -d 172.25.0.2 -j ACCEPT; iptables -D FORWARD -i wg0 -d 172.25.0.53 -j ACCEPT; iptables -D FORWARD -i wg0 -j DROP"
volumes: volumes:
- wireguard-data:/etc/wireguard - ../docker/volumes/ca-lose-wireguard:/etc/wireguard
- /lib/modules:/lib/modules:ro - /lib/modules:/lib/modules:ro
ports: ports:
- "51830:51830/udp" - "51830:51830/udp"
# - "51831:80/tcp" # only for short configuration access - remove in production - external: 51831 internal: 80
sysctls: sysctls:
- net.ipv4.ip_forward=1 - net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1 - net.ipv4.conf.all.src_valid_mark=1
restart: unless-stopped restart: unless-stopped
depends_on: depends_on:
- dnsmasq - dnsmasq
- frontend
networks: networks:
ca-lose-internal: ca-lose-internal:
ipv4_address: 172.25.0.10 ipv4_address: 172.25.0.6
proxynet:
ipv4_address: 172.20.0.50
volumes:
ca-lose_mysql:
wireguard-data:
networks: networks:
ca-lose-internal: ca-lose-internal:
@@ -111,5 +99,3 @@ networks:
config: config:
- subnet: 172.25.0.0/24 - subnet: 172.25.0.0/24
gateway: 172.25.0.1 gateway: 172.25.0.1
proxynet:
external: true