refactor(deployment): Remove WireGuard VPN dependency and restore public service access
Remove WireGuard integration from production deployment to simplify infrastructure: - Remove docker-compose-direct-access.yml (VPN-bound services) - Remove VPN-only middlewares from Grafana, Prometheus, Portainer - Remove WireGuard middleware definitions from Traefik - Remove WireGuard IPs (10.8.0.0/24) from Traefik forwarded headers All monitoring services now publicly accessible via subdomains: - grafana.michaelschiemer.de (with Grafana native auth) - prometheus.michaelschiemer.de (with Basic Auth) - portainer.michaelschiemer.de (with Portainer native auth) All services use Let's Encrypt SSL certificates via Traefik.
This commit is contained in:
22
deployment/stacks/wireguard/.env.example
Normal file
22
deployment/stacks/wireguard/.env.example
Normal file
@@ -0,0 +1,22 @@
|
||||
# WireGuard VPN Configuration
|
||||
|
||||
# Server endpoint (auto-detected or set manually)
|
||||
SERVERURL=auto
|
||||
|
||||
# WireGuard port
|
||||
SERVERPORT=51820
|
||||
|
||||
# VPN network subnet
|
||||
INTERNAL_SUBNET=10.8.0.0/24
|
||||
|
||||
# Allowed IPs (VPN network only - no split tunneling)
|
||||
ALLOWEDIPS=10.8.0.0/24
|
||||
|
||||
# DNS configuration (use host DNS)
|
||||
PEERDNS=auto
|
||||
|
||||
# Timezone
|
||||
TZ=Europe/Berlin
|
||||
|
||||
# Peers (managed manually)
|
||||
PEERS=0
|
||||
Reference in New Issue
Block a user