michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(deployment): update Semaphore stack and Traefik configuration

Browse Source 
- Add QUICKSTART.md and SETUP_REPOSITORY.md for Semaphore stack
- Add playbooks directory for Semaphore deployment
- Update Semaphore docker-compose.yml, env.example, and README
- Add Traefik local configuration files
- Disable semaphore.yml in Traefik dynamic config
- Update docker-compose.local.yml and build-image workflow
This commit is contained in:
Michael Schiemer
2025-11-02 22:55:51 +01:00
parent 0c4ff1283c
commit 77c656af62
15 changed files with 1280 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
deployment/stacks/traefik/README.md
View File

@@ -16,6 +16,63 @@ Traefik acts as the central reverse proxy for all services, handling:
- Zus?tzlich durch BasicAuth gesch?tzt
- ?ffentlicher Zugriff ist blockiert
## Local Development
For local development, use the separate local configuration to avoid port conflicts and Let's Encrypt errors:
### Quick Start (Local Development)
```bash
# Ensure Docker network exists
docker network create traefik-public 2>/dev/null || true
# Start Traefik with local configuration
cd deployment/stacks/traefik
docker compose -f docker-compose.local.yml up -d
# Check logs
docker compose -f docker-compose.local.yml logs -f
# Access dashboard at http://localhost:8080/dashboard/
```
### Local Development Configuration
The local configuration (`docker-compose.local.yml` and `traefik.local.yml`) differs from production:
- **Bridge network** instead of `host` mode (avoids port conflicts)
- **Port mappings**: `8080:80` only (HTTP-only for local development)
- Note: HTTPS not needed locally - avoids port conflicts with web container (8443:443)
- **HTTP-only** (no ACME/Let's Encrypt) for local development
- **Dashboard**: Accessible at `http://localhost:8080/dashboard/` (HTTP, no authentication)
- Also available: `http://localhost:8080/api/rawdata` and `http://localhost:8080/api/http/routers`
- **No `acme.json`** required
- **Console logging** (human-readable) instead of JSON file logs
### Local Development vs Production
| Feature | Local (`docker-compose.local.yml`) | Production (`docker-compose.yml`) |
|---------|-----------------------------------|----------------------------------|
| Network Mode | Bridge | Host |
| Ports | 8080:80 (HTTP only) | Direct binding (80, 443) |
| SSL/TLS | HTTP-only | HTTPS with Let's Encrypt |
| Dashboard | `http://localhost:8080/dashboard/` | `https://traefik.michaelschiemer.de` |
| Authentication | None (local dev) | VPN + BasicAuth |
| Logging | Console (human-readable) | JSON files |
| ACME | Disabled | Enabled |
### Troubleshooting Local Development
**Container restarts in loop:**
- Check if port 8080 is already in use: `netstat -tlnp | grep ':8080' || ss -tlnp | grep ':8080'`
- Verify Docker network exists: `docker network ls | grep traefik-public`
- Check logs: `docker compose -f docker-compose.local.yml logs -f traefik`
**Services not accessible through Traefik:**
- Ensure services are on `traefik-public` network
- Verify Traefik labels are correctly configured
- Check that services are running: `docker compose ps`
## Prerequisites
1. **Docker Network**