Michael Schiemer
95147ff23e
Remove WireGuard integration from production deployment to simplify infrastructure: - Remove docker-compose-direct-access.yml (VPN-bound services) - Remove VPN-only middlewares from Grafana, Prometheus, Portainer - Remove WireGuard middleware definitions from Traefik - Remove WireGuard IPs (10.8.0.0/24) from Traefik forwarded headers All monitoring services now publicly accessible via subdomains: - grafana.michaelschiemer.de (with Grafana native auth) - prometheus.michaelschiemer.de (with Basic Auth) - portainer.michaelschiemer.de (with Portainer native auth) All services use Let's Encrypt SSL certificates via Traefik.
23 lines
373 B
Plaintext
23 lines
373 B
Plaintext
# WireGuard VPN Configuration
|
|
|
|
# Server endpoint (auto-detected or set manually)
|
|
SERVERURL=auto
|
|
|
|
# WireGuard port
|
|
SERVERPORT=51820
|
|
|
|
# VPN network subnet
|
|
INTERNAL_SUBNET=10.8.0.0/24
|
|
|
|
# Allowed IPs (VPN network only - no split tunneling)
|
|
ALLOWEDIPS=10.8.0.0/24
|
|
|
|
# DNS configuration (use host DNS)
|
|
PEERDNS=auto
|
|
|
|
# Timezone
|
|
TZ=Europe/Berlin
|
|
|
|
# Peers (managed manually)
|
|
PEERS=0
|