Skip to content

Configurations

Jump to bottom
Yuzerion edited this page Oct 4, 2024 · 23 revisions

Configurations

GoDoxy Docker compose example

services:
    frontend:
        image: ghcr.io/yusing/go-proxy-frontend:latest
        container_name: go-proxy-frontend
        restart: unless-stopped
        network_mode: host
        # if you also want to proxy the WebUI and access it via gp.y.z
        # labels:
        #   - proxy.aliases=gp
        #   - proxy.gp.port=3000

        # Uncomment and change this if you have changed below
        #
        # environment:
        #     NEXT_PUBLIC_GOPROXY_API_ADDR: 127.0.0.1:8888
        depends_on:
            - app
    app:
        image: ghcr.io/yusing/go-proxy:latest
        container_name: go-proxy
        restart: always
        network_mode: host
        environment:
            # (Optional) change this to your timezone to get correct log timestamp
            TZ: ETC/UTC

            # Change these if you need
            #
            # GOPROXY_HTTP_ADDR: :80
            # GOPROXY_HTTPS_ADDR: :443
            # GOPROXY_API_ADDR: 127.0.0.1:8888
        volumes:
            - /var/run/docker.sock:/var/run/docker.sock
            - ./config:/app/config

            # (Optional) choose one of below to enable https
            # 1. use existing certificate
            # if your cert is not named `cert.crt` change `cert_path` in `config/config.yml`
            # if your cert key is not named `priv.key` change `key_path` in `config/config.yml`

            # - /path/to/certs:/app/certs

            # 2. use autocert, certs will be stored in ./certs (or other path you specify)

            # - ./certs:/app/certs

🔼Back to top

Config file example

# Autocert (choose one below and uncomment to enable)
#
# 1. use existing cert
#
# autocert:
#   provider: local
#
#   cert_path: certs/cert.crt         # optional, uncomment only if you need to change it
#   key_path: certs/priv.key          # optional, uncomment only if you need to change it
#
# 2. cloudflare
#
# autocert:
#   provider: cloudflare
#   email: [email protected]                            # ACME Email
#   domains:                                        # a list of domains for cert registration
#     - "*.y.z"                                     # remember to use double quotes to surround wildcard domain
#   options:
#     auth_token: c1234565789-abcdefghijklmnopqrst  # your zone API token
#
# 3. other providers, check docs/dns_providers.md for more

providers:
  # include files are standalone yaml files under `config/` directory
  #
  # include:
  #   - file1.yml
  #   - file2.yml

  docker:
    # $DOCKER_HOST implies environment variable `DOCKER_HOST` or unix:///var/run/docker.sock by default
    local: $DOCKER_HOST
    # explicit only mode
    # only containers with explicit aliases will be proxied
    # add "!" after provider name to enable explicit only mode
    #
    # local!: $DOCKER_HOST
    #
    # add more docker providers if needed
    # for value format, see https://docs.docker.com/reference/cli/dockerd/
    #
    # remote-1: tcp://10.0.2.1:2375
    # remote-2: ssh://root:[email protected]
# if match_domains not defined
# any host = alias+[any domain] will match
# i.e. https://app1.y.z       will match alias app1 for any domain y.z
#  but https://app1.node1.y.z will only match alias "app.node1"
#
# if match_domains defined
# only host = alias+[one of match_domains] will match
# i.e. match_domains = [node1.my.app, my.site]
# https://app1.my.app, https://app1.my.net, etc. will not match even if app1 exists
# only https://*.node1.my.app and https://*.my.site will match
#
#
# match_domains:
#   - my.site
#   - node1.my.app

# Below are fixed options (non hot-reloadable)

# timeout for shutdown (in seconds)
#
# timeout_shutdown: 5

# global setting redirect http requests to https (if https available, otherwise this will be ignored)
# proxy.<alias>.middlewares.redirect_http will override this
#
# redirect_to_https: false

🔼Back to top

Include file example

example: # matching `example.y.z`
  scheme: https
  host: 10.0.0.1
  port: 80
  path_patterns: # Check https://pkg.go.dev/net/http#hdr-Patterns-ServeMux for syntax
    - GET / # accept any GET request
    - POST /auth # for /auth and /auth/* accept only POST
    - GET /home/{$} # for exactly /home
  no_tls_verify: false
  middlewares:
    cidr_whitelist:
      allow:
        - 127.0.0.1
        - 10.0.0.0/8
      status_code: 403
      message: "IP not allowed"
  homepage:
    name: Example App
    icon: png/example.png
    description: An example app
    category: example

🔼Back to top

Multi docker nodes setup

On the other node, e.g. server-1 running on 10.0.0.2, run this docker compose

docker-proxy:
  container_name: docker-proxy
  image: tecnativa/docker-socket-proxy
  privileged: true
  environment:
    - ALLOW_START=1
    - ALLOW_STOP=1
    - ALLOW_RESTARTS=1
    - CONTAINERS=1
    - EVENTS=1
    - PING=1
    - POST=1
    - VERSION=1
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock
  restart: always
  ports:
    - 10.0.0.2:2375:2375

    # or less secure way
    # - 2375:2375

Add it into your config.yml

autocert:
  ...

providers:
  include:
    ...
  docker:
    ...
    server-1: tcp://10.0.0.2:2375

🔼Back to top

Clone this wiki locally