From e9ffa62630240e4c87cf740512c93adeec96245f Mon Sep 17 00:00:00 2001 From: LRVT Date: Fri, 3 Mar 2023 09:33:56 +0100 Subject: [PATCH 1/6] adjust label order --- 0_skeleton/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/0_skeleton/docker-compose.yml b/0_skeleton/docker-compose.yml index c7a1112..4f87a14 100644 --- a/0_skeleton/docker-compose.yml +++ b/0_skeleton/docker-compose.yml @@ -32,7 +32,7 @@ services: # - traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000 # optional, only necessary for enabled file uploads # - traefik.docker.network=proxy # # Part for optional traefik middlewares - # - traefik.http.routers.CHANGEME.middlewares=authelia@file,local-ipwhitelist@file,basic-auth@file + # - traefik.http.routers.CHANGEME.middlewares=local-ipwhitelist@file,authelia@file,basic-auth@file #networks: # proxy: From 5cd9dcbdd628f42d748f1e908eb7d3b6249817ba Mon Sep 17 00:00:00 2001 From: LRVT <21357789+l4rm4nd@users.noreply.github.com> Date: Fri, 3 Mar 2023 17:00:22 +0100 Subject: [PATCH 2/6] Update README.md add some cool projects currently missing --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 6e375da..3fbf604 100644 --- a/README.md +++ b/README.md @@ -54,9 +54,12 @@ docker compose up - [Traefik](examples/traefik) - Traefik is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease. It supports several backends (Docker, Swarm, Mesos/Marathon, …) to manage its configuration automatically and dynamically. - [Nginx Proxy Manager](examples/nginx-proxy-manager) - Nginx Proxy Manager is an easy way to accomplish reverse proxying hosts with SSL termination. - [Caddy](examples/caddy) - The Caddy web server is an extensible, cross-platform, open-source web server written in Go. Caddy obtains and renews TLS certificates for your sites automatically. +- ~~[oauth2-proxy](https://github.com/oauth2-proxy/oauth2-proxy)~~ - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers. ### Identity Providers / Single Sign On (SSO) / 2FA - [Authelia](examples/authelia) - Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for reverse proxies by allowing, denying, or redirecting requests. Recommended to combine with [Traefik](examples/traefik). +- ~~[Authentik](https://goauthentik.io/docs/providers/proxy/forward_auth#traefik)~~ - authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols. authentik is also a great solution for implementing signup/recovery/etc in your application, so you don't have to deal with it. +- ~~[Keycloak](https://github.com/keycloak/keycloak)~~ - Keycloak is an open-source Identity and Access Management (IAM) solution for modern applications and services. ### Virtual Private Network (VPN) - [wg-easy](examples/wg-easy) - The easiest way to install & manage WireGuard on any Linux host. All-in-one deployment of a WireGuard VPN network service + web management UI. From 01278d423a46a7e9145fd26226a688bab09a9f79 Mon Sep 17 00:00:00 2001 From: LRVT <21357789+l4rm4nd@users.noreply.github.com> Date: Sat, 4 Mar 2023 18:18:43 +0100 Subject: [PATCH 3/6] Update README.md --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3fbf604..4d3dec4 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,9 @@ - +

+ Buy Me A Coffee + ## ✨ Requirements From 4263768d231ad3b33ebcc0fc6ee93bb43054f9a8 Mon Sep 17 00:00:00 2001 From: LRVT <21357789+l4rm4nd@users.noreply.github.com> Date: Sun, 5 Mar 2023 16:07:52 +0100 Subject: [PATCH 4/6] Update configuration.yml add pw policy --- examples/authelia/config/configuration.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/examples/authelia/config/configuration.yml b/examples/authelia/config/configuration.yml index a59d32b..bed8b35 100644 --- a/examples/authelia/config/configuration.yml +++ b/examples/authelia/config/configuration.yml @@ -23,6 +23,16 @@ totp: # # This secret can also be set using the env variables AUTHELIA_DUO_API_SECRET_KEY_FILE # secret_key: 1234567890abcdefghifjkl +password_policy: + standard: + enabled: true + min_length: 16 + max_length: 0 + require_uppercase: true + require_lowercase: true + require_number: true + require_special: true + authentication_backend: file: path: /config/users_database.yml From 3330f3499b5c88bab0b4dac45bb84193b7b64cc8 Mon Sep 17 00:00:00 2001 From: L4RM4ND <21357789+l4rm4nd@users.noreply.github.com> Date: Tue, 7 Mar 2023 00:16:46 +0100 Subject: [PATCH 5/6] add forte --- README.md | 1 + examples/forte/README.md | 9 +++++ examples/forte/docker-compose.yml | 58 +++++++++++++++++++++++++++++++ 3 files changed, 68 insertions(+) create mode 100644 examples/forte/README.md create mode 100644 examples/forte/docker-compose.yml diff --git a/README.md b/README.md index 4d3dec4..48c17dd 100644 --- a/README.md +++ b/README.md @@ -109,6 +109,7 @@ docker compose up - [Stash](examples/stash) - Stash is a self-hosted webapp written in Go which organizes and serves your porn. - [Raveberry](examples/raveberry) - A multi-user music server with a focus on participation. - [Deemix](examples/deemix) - deemix is a barebone deezer downloader library built from the ashes of Deezloader Remix. +- [Forte](examples/forte) - Self-hosted, music streaming platform. - [MeTube](examples/metube) - Web GUI for youtube-dl (using the yt-dlp fork) with playlist support. Allows you to download videos and audio only from YouTube and dozens of other sites. - [Syncthing](examples/syncthing) - Syncthing is a continuous file synchronization program. It synchronizes files between two or more computers. - [Transmission](examples/transmission) - Transmission is a fast, easy, and free BitTorrent client. diff --git a/examples/forte/README.md b/examples/forte/README.md new file mode 100644 index 0000000..11021c5 --- /dev/null +++ b/examples/forte/README.md @@ -0,0 +1,9 @@ +# References + +- https://github.com/kaangiray26/forte + +# Notes + +After deploying, the forte admin dashboard will be available on TCP/3000. You can log into the web dashboard using `forte` as username and `alternative` as password. Please change those default credentials. Use a reverse proxy like Traefik if you plan on exposing the forte instance, as HTTPS is required to stream flawlessly. + +After creating a user account via the forte web dashboard, you can browse https://forte.buzl.uk/ and use your own server to stream music from. Specify your created user account and the automatically created password token. \ No newline at end of file diff --git a/examples/forte/docker-compose.yml b/examples/forte/docker-compose.yml new file mode 100644 index 0000000..522be04 --- /dev/null +++ b/examples/forte/docker-compose.yml @@ -0,0 +1,58 @@ +version: '3' + +services: + app: + image: kaangiray26/forte:2.8 + container_name: forte + restart: on-failure + #ports: + # - "3000:3000" + depends_on: + postgres: + condition: service_healthy + environment: + mode: public + port: 3000 + NODE_ENV: production # Set Node Environment + POSTGRES_HOST: postgres # Postgres Host/IP + POSTGRES_PORT: 5432 # Postgres Database Port + POSTGRES_DB: forte # Set Postgres Database Name + POSTGRES_USER: forte # Set Postgres Username + POSTGRES_PASSWORD: forte # Set Postgres Password + volumes: + - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/forte/library:/library # your music library to import from + #networks: + # - proxy + #labels: + # - traefik.enable=true + # - traefik.http.routers.forte.rule=Host(`forte.example.com`) + # - traefik.http.services.forte.loadbalancer.server.port=3000 + # - traefik.docker.network=proxy + # # Part for optional traefik middlewares + # - traefik.http.routers.forte.middlewares=local-ipwhitelist@file + # - traefik.http.middlewares.cors.headers.customResponseHeaders.Access-Control-Allow-Origin=https://forte.buzl.uk + # - traefik.http.middlewares.cors.headers.customFrameOptionsValue=forte.buzl.uk + # - traefik.http.middlewares.cors.headers.customResponseHeaders.Cross-Origin-Resource-Policy=cross-origin + # - traefik.http.routers.forte.middlewares=cors + + postgres: + image: kaangiray26/postgres:2.0 + container_name: forte-db + restart: always + environment: + POSTGRES_DB: forte # Set Postgres Database Name + POSTGRES_USER: forte # Set Postgres Username + POSTGRES_PASSWORD: forte # Set Postgres Password + volumes: + - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/forte/db:/var/lib/postgresql/data + healthcheck: + test: [ "CMD-SHELL", "pg_isready -U forte" ] + interval: 10s + timeout: 5s + retries: 5 + #networks: + # - proxy + +#networks: +# proxy: +# external: true From 2ffaf15e99f4c8e3bf36abe7f6afaf54b6ab45eb Mon Sep 17 00:00:00 2001 From: L4RM4ND <21357789+l4rm4nd@users.noreply.github.com> Date: Tue, 7 Mar 2023 00:22:51 +0100 Subject: [PATCH 6/6] fix traefik middleware labels --- examples/forte/docker-compose.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/examples/forte/docker-compose.yml b/examples/forte/docker-compose.yml index 522be04..b24aeb7 100644 --- a/examples/forte/docker-compose.yml +++ b/examples/forte/docker-compose.yml @@ -28,12 +28,10 @@ services: # - traefik.http.routers.forte.rule=Host(`forte.example.com`) # - traefik.http.services.forte.loadbalancer.server.port=3000 # - traefik.docker.network=proxy - # # Part for optional traefik middlewares - # - traefik.http.routers.forte.middlewares=local-ipwhitelist@file # - traefik.http.middlewares.cors.headers.customResponseHeaders.Access-Control-Allow-Origin=https://forte.buzl.uk # - traefik.http.middlewares.cors.headers.customFrameOptionsValue=forte.buzl.uk # - traefik.http.middlewares.cors.headers.customResponseHeaders.Cross-Origin-Resource-Policy=cross-origin - # - traefik.http.routers.forte.middlewares=cors + # - traefik.http.routers.forte.middlewares=cors,local-ipwhitelist@file postgres: image: kaangiray26/postgres:2.0