Init dungeon-master traefik instance for testing nested Traefik reverse proxies.

homelab/dungeon-master/.gitignore

@@ -0,0 +1,2 @@
+*_secret.txt
+acme.json

homelab/dungeon-master/README.md

@@ -0,0 +1,3 @@
+# Dungeon Master
+This directory contains homelab stuff related to my desktop. Being the ship of Theseus that it is, I'm not going to include an inxi hardware report.
+

homelab/dungeon-master/local-ai/docker-compose.yml

@@ -0,0 +1,36 @@
+services:
+  traefik:
+    image: traefik:latest
+    container_name: traefik
+    restart: "no"
+    networks:
+      web:
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./traefik.yaml:/traefik.yaml
+      - ./acme.json:/acme.json
+    secrets:
+      - cloudflare_token
+    environment:
+      - CF_DNS_API_TOKEN=/run/secrets/cloudflare_token
+
+  nginx:
+    image: nginx
+    container_name: nginx
+    restart: "no"
+    networks:
+      - web
+    labels:
+      - traefik.http.routers.nginx.rule=Host(`nginx.ai.jafner.net`)
+      - traefik.http.routers.nginx.tls.certresolver=lets-encrypt
+
+networks:
+  web:
+    external: true
+
+secrets:
+  cloudflare_token:
+    file: ./cloudflare_secret.txt

homelab/dungeon-master/local-ai/traefik.yaml

@@ -0,0 +1,29 @@
+entryPoints:
+  web:
+    address: :80
+    http:
+      redirections:
+        entryPoint:
+          to: websecure
+          scheme: https
+  websecure:
+    address: :443
+
+certificatesResolvers:
+  lets-encrypt:
+    acme:
+      email: jafner425@gmail.com
+      storage: acme.json
+      caserver: https://acme-staging-v02.api.letsencrypt.org/directory
+      dnsChallenge: 
+        provider: cloudflare
+        resolvers:
+          - "1.1.1.1:53"
+          - "8.8.8.8:53"
+        # CF_DNS_API_TOKEN 
+
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    watch: true
+    network: web