From c5c1fda4d2f51c06156afec646c53208e343991f Mon Sep 17 00:00:00 2001 From: Simon Milvert Date: Mon, 13 Feb 2023 12:06:00 +0100 Subject: [PATCH] Updated docker version --- .env | 4 ++ docker-compose.home.yml | 11 ++-- docker-compose.nextclouod.yml | 2 +- docker-compose.service.yml | 70 ++++++++++++++++++++----- docker-compose.web.yml | 25 +++++++++ docker-compose.yml | 3 ++ mosquitto/mosquitto.conf | 25 +++------ static_config.yml | 8 +-- traefik.yml | 33 +++++++----- zigbee2mqtt/configuration.yaml | 18 ++++--- zigbee_home_2/configuration_home_2.yaml | 56 ++++++++++++++------ 11 files changed, 182 insertions(+), 73 deletions(-) mode change 100644 => 100755 mosquitto/mosquitto.conf diff --git a/.env b/.env index 9180157..fa0512f 100644 --- a/.env +++ b/.env @@ -21,6 +21,10 @@ PGADMIN_DEFAULT_PASSWORD=bajsa INFLUX_ADMIN=simon INFLUX_ADMIN_PASSWORD=bajsa123 +LIBRESPEED_PW=NDVlMzA0MzQ0YmM3NTA0OGIxMzEzMjk4 + +PIHOLE_PW=NmE4Njc4Y2RjMmUxZmIxMWZkOTg1NTZj + UUID=1000 PGID=1000 TZ=Europe/Stockholm diff --git a/docker-compose.home.yml b/docker-compose.home.yml index a37bc78..7d869cc 100644 --- a/docker-compose.home.yml +++ b/docker-compose.home.yml @@ -3,8 +3,9 @@ version: '3' services: node-red: - # image: nodered/node-red:2.2.2 - image: nodered/node-red-dev:3.0.0-beta.4-14 + image: nodered/node-red:3.0.2 + + # image: nodered/node-red-dev:3.0.0-beta.4-14 container_name: "node-red" logging: driver: "json-file" @@ -14,7 +15,7 @@ services: networks: - backend environment: - - TZ=Europe/Stockholm + - TZ=${TZ} ports: - "1881:1880" #devices: @@ -29,7 +30,7 @@ services: - "traefik.http.services.node-red-service.loadbalancer.server.port=1880" - "traefik.http.routers.node-red-secure.entrypoints=web-secure" - "traefik.http.routers.node-red-secure.rule=Host(`nodered.${DOMAIN}`)" - - "traefik.http.routers.node-red-secure.tls.certresolver=milvert_cert" + - "traefik.http.routers.node-red-secure.tls.certresolver=milvert_dns" - "traefik.http.routers.node-red-secure.tls=true" landet_domo: @@ -57,7 +58,7 @@ services: - "traefik.http.services.landet_domo-service.loadbalancer.server.port=8080" - "traefik.http.routers.landet_domo-secure.entrypoints=web-secure" - "traefik.http.routers.landet_domo-secure.rule=Host(`landet.${DOMAIN}`)" - - "traefik.http.routers.landet_domo-secure.tls.certresolver=milvert_cert" + - "traefik.http.routers.landet_domo-secure.tls.certresolver=milvert_dns" - "traefik.http.routers.landet_domo-secure.tls=true" diff --git a/docker-compose.nextclouod.yml b/docker-compose.nextclouod.yml index c2594e8..7dc2b27 100644 --- a/docker-compose.nextclouod.yml +++ b/docker-compose.nextclouod.yml @@ -24,7 +24,7 @@ services: - "traefik.enable=true" - "traefik.http.routers.nextcloud.entrypoints=web-secure" - "traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect" - - "traefik.http.routers.nextcloud.tls.certresolver=milvert_cert" + - "traefik.http.routers.nextcloud.tls.certresolver=milvert_dns" - "traefik.http.routers.nextcloud.rule=Host(`moln.${DOMAIN}`)" - "traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue=ALLOW-FROM https://milvert.com" - "traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy=frame-ancestors 'self' milvert.com" diff --git a/docker-compose.service.yml b/docker-compose.service.yml index 86538ed..2d544af 100644 --- a/docker-compose.service.yml +++ b/docker-compose.service.yml @@ -28,7 +28,7 @@ services: - "traefik.http.services.zighome-service.loadBalancer.server.port=8080" - "traefik.http.routers.zighome-secure.entrypoints=web-secure" - "traefik.http.routers.zighome-secure.rule=Host(`zig2.${DOMAIN}`)" - - "traefik.http.routers.zighome-secure.tls.certresolver=milvert_cert" + - "traefik.http.routers.zighome-secure.tls.certresolver=milvert_dns" - "traefik.http.routers.zighome-secure.middlewares=auth@file" - "traefik.http.routers.zighome-secure.tls=true" @@ -59,12 +59,12 @@ services: - "traefik.http.services.zig1-service.loadBalancer.server.port=8081" - "traefik.http.routers.zig1-secure.entrypoints=web-secure" - "traefik.http.routers.zig1-secure.rule=Host(`zig1.${DOMAIN}`)" - - "traefik.http.routers.zig1-secure.tls.certresolver=milvert_cert" + - "traefik.http.routers.zig1-secure.tls.certresolver=milvert_dns" - "traefik.http.routers.zig1-secure.middlewares=auth@file" - "traefik.http.routers.zig1-secure.tls=true" grafana: - image: grafana/grafana:8.5.15 + image: grafana/grafana:9.3.6 container_name: grafana logging: driver: "json-file" @@ -84,7 +84,7 @@ services: - "traefik.enable=true" - "traefik.http.routers.grafana-secure.entrypoints=web-secure" - "traefik.http.routers.grafana-secure.rule=Host(`data.${DOMAIN}`)" - - "traefik.http.routers.grafana-secure.tls.certresolver=milvert_cert" + - "traefik.http.routers.grafana-secure.tls.certresolver=milvert_dns" - "traefik.http.routers.grafana-secure.tls=true" influx: @@ -108,6 +108,7 @@ services: - INFLUXDB_DB=db0 - INFLUXDB_ADMIN_USER=${INFLUX_ADMIN} - INFLUXDB_ADMIN_PASSWORD=${INFLUX_ADMIN_PASSWORD} + - INFLUXD_LOG_LEVEL=ERROR #- DOCKER_INFLUXDB_INIT_MODE=upgrade #- DOCKER_INFLUXDB_INIT_PASSWORD=${INFLUX_ADMIN_PASSWORD} #- DOCKER_INFLUXDB_INIT_USERNAME=${INFLUX_ADMIN} @@ -122,7 +123,7 @@ services: #- "traefik.http.routers.influx.entryPoints=influx" - "traefik.http.routers.influx-secure.rule=host(`influx.${DOMAIN}`)" - "traefik.http.routers.influx-secure.entryPoints=web-secure" - - "traefik.http.routers.influx-secure.tls.certresolver=milvert_cert" + - "traefik.http.routers.influx-secure.tls.certresolver=milvert_dns" - "traefik.http.routers.influx-secure.tls=true" #- "traefik.http.middlewares.webpg-mid.ipwhitelist.sourcerange=127.0.0.1/32, 10.0.0.1/24" - "traefik.http.routers.influx-secure.middlewares=localNetwork@file" @@ -185,12 +186,13 @@ services: - "traefik.http.services.gitea-service.loadbalancer.server.port=3000" - "traefik.http.routers.gitea-secure.entrypoints=web-secure" - "traefik.http.routers.gitea-secure.rule=Host(`gitea.${DOMAIN}`)" - - "traefik.http.routers.gitea-secure.tls.certresolver=milvert_cert" + - "traefik.http.routers.gitea-secure.tls.certresolver=milvert_dns" - "traefik.http.routers.gitea-secure.tls=true" mqtt: - image: eclipse-mosquitto:1.6.13 + # image: eclipse-mosquitto:1.6.13 + image: eclipse-mosquitto:2.0 container_name: mqtt logging: driver: "json-file" @@ -209,7 +211,7 @@ services: - PGID=1000 - TZ=Europe/Stockholm volumes: - - ./mosquitto/mosquitto.conf:/mqtt/mosquitto.conf + - ./mosquitto/mosquitto.conf:/mosquitto/config/mosquitto.conf - ${DIR}/mqtt/data:/mqtt/data - ${DIR}/mqtt/log:/mqtt/log labels: @@ -217,14 +219,14 @@ services: - diun.enable=true #- "traefik.http.routers.mqtt.entrypoints=mqtt_http" #- "traefik.http.routers.mqtt.rule=Host(`mqtt.${DOMAIN}`)" - #- "traefik.http.routers.mqtt.tls.certresolver=milvert_cert" + #- "traefik.http.routers.mqtt.tls.certresolver=milvert_dns" #- "traefik.http.routers.mqtt.tls=false" #- "traefik.http.services.mqtt_http.loadBalancer.server.port=9001" #- "traefik.http.routers.mqtt.middlewares=localNetwork@file" #- "traefik.tcp.routers.mqtt_tcp.entrypoints=mqtt_stcp" #- "traefik.tcp.routers.mqtt_tcp.rule=HostSNI(`mqtt.milvert.com`)" #- "traefik.tcp.routers.mqtt_tcp.tls=true" - #- "traefik.tcp.routers.mqtt_tcp.tls.certresolver=milvert_cert" + #- "traefik.tcp.routers.mqtt_tcp.tls.certresolver=milvert_dns" #- "traefik.tcp.routers.mqtt_tcp.service=mqtt_tcp" #- "traefik.tcp.services.mqtt_tcp.loadBalancer.server.port=1883" @@ -253,7 +255,7 @@ services: - ${DIR}/mqtt_landet/log:/mosquitto/log diun: - image: ghcr.io/crazy-max/diun:edge + image: ghcr.io/crazy-max/diun:4 container_name: diun networks: - backend @@ -268,9 +270,53 @@ services: labels: - diun.enable=true + pihole: + image: pihole/pihole:2023.01 + container_name: pihole + ports: + - "53:53/tcp" + - "53:53/udp" + - "8001:80" + dns: + - 127.0.0.1 + - 9.9.9.9 + environment: + - TZ=${TZ} + - WEBPASSWORD=${PIHOLE_PW} + - ServerIP=10.0.201 + - PIHOLE_DNS_=127.0.0.1;9.9.9.9;149.112.112.112;1.1.1.1 + - DNSSEC='true' + - VIRTUAL_HOST=pihole.milvert.com # Same as port traefik config + - WEBTHEME=default-dark + - PIHOLE_DOMAIN=milvert.com + volumes: + - ${DIR}/pihole/etc:/etc/pihole + - ${DIR}/pihole/dns:/etc/dnsmasq.d + restart: unless-stopped + networks: + backend: + backend_macvlan: + ipv4_address: 10.0.0.201 + labels: + - diun.enable=true + - "traefik.enable=true" + - "traefik.http.middlewares.pihole-admin.addprefix.prefix=/admin" + - "traefik.http.services.pihole.loadbalancer.server.port=80" + - "traefik.http.routers.pihole-secure.middlewares=localNetwork@file" + - "traefik.http.routers.pihole-secure.entrypoints=web-secure" + - "traefik.http.routers.pihole-secure.rule=Host(`pihole.${DOMAIN}`)" + - "traefik.http.routers.pihole-secure.tls.certresolver=milvert_dns" + - "traefik.http.routers.pihole-secure.tls=true" + networks: frontend: external: true backend: external: false - + backend_macvlan: + driver: macvlan + driver_opts: + parent: eno1 + ipam: + config: + - subnet: 10.0.0.200/27 diff --git a/docker-compose.web.yml b/docker-compose.web.yml index 4af6efc..a3fa42b 100644 --- a/docker-compose.web.yml +++ b/docker-compose.web.yml @@ -153,6 +153,31 @@ services: - "traefik.http.routers.torrent-secure.tls.certresolver=milvert_cert" - "traefik.http.routers.torrent-secure.tls=true" + + librespeed: + image: ghcr.io/linuxserver/librespeed + container_name: librespeed + environment: + - PUID=${UUID} + - PGID=${PGID} + - TZ=${TZ} + - PASSWORD=${LIBRESPEED_PW} + - CUSTOM_RESULTS=false + - DB_TYPE=sqlite + volumes: + - ./librespeed/config:/config + restart: unless-stopped + networks: + - backend + labels: + - diun.enable=true + - "traefik.enable=true" + - "traefik.http.routers.librespeed.entrypoints=web-secure" + - "traefik.http.routers.librespeed.rule=Host(`librespeed.${DOMAIN}`)" + - "traefik.http.routers.librespeed.tls.certresolver=milvert_dns" + - "traefik.http.routers.librespeed.tls=true" + + networks: frontend: external: true diff --git a/docker-compose.yml b/docker-compose.yml index 08b1782..d271c6f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -34,6 +34,9 @@ services: #- ./acme.json:/acme.json - ./letsencrypt/acme.json:/letsencrypt/acme.json - ${DIR}/traefik/log:/log + environment: + CF_API_EMAIL: simon@milvert.com + CF_API_KEY: 48d9ae3752afb6e73d99d23c432ba8e38b24c labels: - diun.enable=true dns: diff --git a/mosquitto/mosquitto.conf b/mosquitto/mosquitto.conf old mode 100644 new mode 100755 index b983dd9..4d406f4 --- a/mosquitto/mosquitto.conf +++ b/mosquitto/mosquitto.conf @@ -1,20 +1,11 @@ -pid_file /var/run/mosquitto.pid - -persistence true -persistence_location /mqtt/data/ - -user mosquitto - -# Port to use for the default listener. -port 1883 - - -log_dest file /mqtt/log/mosquitto.log -log_dest stdout - -include_dir /mqtt/config +allow_anonymous false +connection_messages true +password_file /mqtt/data/mqtt_pw listener 1883 -listener 9001 -protocol websockets +persistence true +persistence_location /mqtt/data + +log_dest file /mqtt/log/mosquitto.log +log_dest stdout diff --git a/static_config.yml b/static_config.yml index b0c135f..502ce0b 100644 --- a/static_config.yml +++ b/static_config.yml @@ -8,7 +8,7 @@ http: entryPoints: - web-secure tls: - certResolver: milvert_cert + certResolver: milvert_dns lampa-router: rule: "Host(`lampa.milvert.com`)" @@ -16,7 +16,7 @@ http: entryPoints: - web-secure tls: - certResolver: milvert_cert + certResolver: milvert_dns bitwarden-router: rule: "Host(`bitwarden.milvert.com`)" @@ -24,7 +24,7 @@ http: entryPoints: - web-secure tls: - certResolver: milvert_cert + certResolver: milvert_dns dashboard: rule: "Host(`tra.milvert.com`)" @@ -32,7 +32,7 @@ http: entryPoints: - web-secure tls: - certResolver: milvert_cert + certResolver: milvert_dns middlewares: - auth diff --git a/traefik.yml b/traefik.yml index aa3d9c9..7fbf0d5 100644 --- a/traefik.yml +++ b/traefik.yml @@ -11,9 +11,10 @@ providers: watch: true log: - level: info - # filePath: /etc/traefik/log.json - # format: json + level: error + #filePath: "/log/info.log" + # format: json + accessLog: filePath = "/log/access.log" bufferingSize = 100 @@ -24,14 +25,14 @@ accessLog: #retryAttempts: true #minDuration: "10ms" -metrics: - influxDB: - address: 'telegraf:8081' - protocol: http - database: traefik - pushInterval: 60s - addEntryPointsLabels: true - addServicesLabels: true +#metrics: + #influxDB: + #address: 'telegraf:8081' + #protocol: http + #database: traefik + #pushInterval: 60s + #addEntryPointsLabels: true + #addServicesLabels: true certificatesResolvers: milvert_cert: @@ -48,7 +49,15 @@ certificatesResolvers: httpChallenge: entryPoint: web tlsChallenge: {} - + milvert_dns: + acme: + email: simon@milvert.com + storage: "/letsencrypt/acme_milvert_dns.json" + dnsChallenge: + provider: cloudflare + resolvers: + - "1.1.1.1:53" + - "8.8.8.8:53" http: middlewares: diff --git a/zigbee2mqtt/configuration.yaml b/zigbee2mqtt/configuration.yaml index caf6e6c..e22a46e 100644 --- a/zigbee2mqtt/configuration.yaml +++ b/zigbee2mqtt/configuration.yaml @@ -2,9 +2,15 @@ homeassistant: false permit_join: false mqtt: base_topic: zigbee2mqtt - server: mqtt://10.0.0.3:1883 + server: mqtt://mqtt + keepalive: 60 + password: bajsa123 + reject_unauthorized: true + user: simon + version: 4 + client_id: zig1 advanced: - log_level: info + log_level: error ikea_ota_use_test_url: false log_syslog: app_name: Zigbee2MQTT @@ -24,7 +30,7 @@ frontend: host: 0.0.0.0 devices: '0xd0cf5efffeffa12e': - friendly_name: motion_2 + friendly_name: sensor/inne/garage/m001 retain: false '0x0017880106fca5e2': friendly_name: Philips Lily 1 @@ -66,9 +72,9 @@ devices: '0x0017880106fc9e16': friendly_name: '0x0017880106fc9e16' '0x00158d0004889e4a': - friendly_name: TempHum_3 + friendly_name: sensor/inne/matrum/th003 '0x00158d0004889e47': - friendly_name: TempHum_4 + friendly_name: sensor/out/garage/th004 '0x680ae2fffeb15687': friendly_name: Garage '0x588e81fffe14100f': @@ -86,7 +92,7 @@ devices: '0x0017880109c0930e': friendly_name: Philips Lily 6 '0x00158d000484f134': - friendly_name: TempHum_2 + friendly_name: sensor/inne/ada/th002 '0x90fd9ffffe6e8fe2': friendly_name: arum gullampa groups: diff --git a/zigbee_home_2/configuration_home_2.yaml b/zigbee_home_2/configuration_home_2.yaml index 8f65b9f..259e01d 100644 --- a/zigbee_home_2/configuration_home_2.yaml +++ b/zigbee_home_2/configuration_home_2.yaml @@ -3,6 +3,12 @@ permit_join: false mqtt: base_topic: zigbee_home_2 server: mqtt://mqtt + keepalive: 60 + password: bajsa123 + reject_unauthorized: true + user: simon + version: 4 + client_id: zig2 advanced: log_level: error pan_id: 6755 @@ -58,11 +64,11 @@ devices: '0xbc33acfffea0d682': friendly_name: vrum_tak '0x00158d000588bb44': - friendly_name: TempHum_5 + friendly_name: sensor/inne/arum/th005 '0x00158d00058a6526': - friendly_name: TempHum_6 + friendly_name: sensor/ute/outside/th006 '0x00158d00058a2ad5': - friendly_name: TempHum_7 + friendly_name: sensor/ute/vind/th007 '0x086bd7fffe38fe88': friendly_name: uppe_poppie '0xbc33acfffe0cdce3': @@ -76,38 +82,38 @@ devices: '0xec1bbdfffe9cd2ef': friendly_name: Vrum taklampa 5 '0x847127fffebe9e0d': - friendly_name: Motion_3 + friendly_name: sensor/m003 '0x00158d0006795697': - friendly_name: TempHum_8 + friendly_name: sensor/inne/hall/th008 '0x00158d000678e562': - friendly_name: TempHum_9 + friendly_name: sensor/inne/sovrum/th009 '0x00158d00068b3df4': - friendly_name: TempHum_10 + friendly_name: sensor/inne/oscar/th010 '0x00158d000678e1bc': - friendly_name: TempHum_11 + friendly_name: sensor/inne/badrum/th011 '0x00158d0005888dfa': - friendly_name: TempHum_12 + friendly_name: sensor/ute/garden_house/th012 '0x842e14fffe496484': friendly_name: Kök_svart_1 '0x680ae2fffe6d374c': friendly_name: Kök_svart_2 '0x086bd7fffe05e8ad': - friendly_name: '0x086bd7fffe05e8ad' + friendly_name: Julstjärna röd '0xb4e3f9fffe6c3642': friendly_name: Växtlampa '0x54ef4410003e9419': - friendly_name: air_measure_1 + friendly_name: sensor/inne/vrum/aq001 '0x00158d0007bcafb4': - friendly_name: motion_4 + friendly_name: sensor/inne/kitchen/mt004 temperature_precision: 1 '0x00158d0007e11e38': - friendly_name: door_1 + friendly_name: sensor/inne/vrum/dt001 '0x00158d0007bcaa68': - friendly_name: motion_5 + friendly_name: sensor/inne/arum/mt005 '0x00158d0007e0c4cb': - friendly_name: door_2 + friendly_name: sensor/inne/tvattstuga/dt002 '0x00158d0007e03d98': - friendly_name: door_3 + friendly_name: sensor/inne/arum/dt003 '0x000d6ffffe126f71': friendly_name: Oscar tak '0x90fd9ffffe92b069': @@ -116,6 +122,18 @@ devices: friendly_name: Vib_1 '0xb4e3f9fffec8b2bb': friendly_name: Oscar Skrivbord + '0x385b44fffe1cb234': + friendly_name: Ute_garage_slinga + '0x1c34f1fffe7b1d6c': + friendly_name: mormor_malla_1 + '0x1c34f1fffed69863': + friendly_name: mormor_malla_2 + '0x1c34f1fffed1d1ea': + friendly_name: mormor_malla_3 + '0x385b44fffe117342': + friendly_name: 'Julgran ' + '0x040d84fffe8b00b0': + friendly_name: matrum_fönster_2 groups: '0': friendly_name: default_0 @@ -138,3 +156,9 @@ groups: devices: - 0x680ae2fffe6d374c/1 - 0x842e14fffe496484/1 + '4': + friendly_name: mormor_malla_dimmer + devices: + - 0x1c34f1fffe7b1d6c/1 + - 0x1c34f1fffed69863/1 + - 0x1c34f1fffed1d1ea/1