Added ssh for gitea

2025-07-02 16:38:28 +02:00 · 2025-07-02 16:38:28 +02:00 · 4ae1752f90
commit 4ae1752f90
parent 5bf5a49983
3 changed files with 31 additions and 13 deletions
--- a/conf.d/config.yaml
+++ b/conf.d/config.yaml
@ -4,12 +4,10 @@ http:
      rule: "Host(`hemlabb.uk`)"
      entrypoints:
        - websecure
-      service: "uptime-kuma@docker"
+      service: "kuma@docker"
      tls:
        certresolver: cloudflare
        domains:
          - main: "hemlabb.uk"
            sans:
              - "*.hemlabb.uk"
--- a/conf.d/gitea.yaml
+++ b/conf.d/gitea.yaml
@ -1,12 +1,35 @@
 tcp:
  routers:
    gitea-ssh:
      entryPoints:
        - ssh
      rule: "HostSNI(`*`)"
      service: gitea-ssh
  services:
    gitea-ssh:
      loadBalancer:
        servers:
          - address: "gitea.lab:22"
 http:
  routers:
    gitea:
      rule: "Host(`gitea.hemlabb.uk`)"
      service: gitea
      entryPoints:
        - websecure
      service: gitea
      tls:
        certResolver: cloudflare
  services:
    gitea:
      loadBalancer:
        servers:
-          - url: "https://gitea.lab:3000" # Replace with your service's address
+          - url: "http://gitea.lab:3000"
  middlewares:
    redirect-to-https:
      redirectScheme:
        scheme: https
        permanent: true
--- a/traefik.yaml
+++ b/traefik.yaml
@ -17,7 +17,9 @@ entryPoints:
    address: ':443'
    http:
      tls:
-        certResolver: letsencrypt
+        certResolver: cloudflare
  ssh:
    address: ':2222'
  traefik:
    address: ':8080'
@ -27,7 +29,7 @@ certificatesResolvers:
      email: s.nilsson@me.com
      storage: /etc/traefik/ssl/acme.json
      #caServer: https://acme-v02.api.letsencrypt.org/directory # prod (default)
-      caServer: https://acme-staging-v02.api.letsencrypt.org/directory # staging
+      #caServer: https://acme-staging-v02.api.letsencrypt.org/directory # staging
      dnsChallenge:
        provider: cloudflare
        #disablePropagationCheck: true # uncomment this if you have issues pulling certificates through cloudflare, By setting this flag to true disables the need to wait for the propagation of the TXT record to all authoritative name servers.
@ -35,11 +37,6 @@ certificatesResolvers:
        resolvers:
          - "1.1.1.1:53"
          - "1.0.0.1:53"
            #  letsencrypt:
            #    acme:
            #      email: "foo@bar.com"
            #      storage: /etc/traefik/ssl/acme.json
            #      tlsChallenge: {}
 api:
  dashboard: true