Tellsanguis/Infra_ansible_dockercompose
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Commit initial : infrastructure Ansible pour homeserver

Browse source 
- Playbooks Ansible avec rôles (common, cockpit, docker, services)
- 30+ stacks Docker Compose avec reverse proxy Traefik
- Ansible Vault pour gestion secrets
- Intégration CrowdSec pour détection intrusions
- Versions images Docker fixées pour reproductibilité
This commit is contained in:
Tellsanguis 2025-11-23 19:40:17 +01:00
commit fd01ea59ee
125 changed files with 4768 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

25
stacks/traefik/dynamic-private/cockpit.yml Normal file
View file

@ -0,0 +1,25 @@
http:
routers:
cockpit-rtr:
rule: "Host(`cockpit.local.tellserv.fr`)"
entryPoints:
- local
service: cockpit-svc
tls:
certResolver: cloudflare-local
middlewares:
- cockpit-headers
services:
cockpit-svc:
loadBalancer:
passHostHeader: true
servers:
- url: "http://host.docker.internal:9090"
middlewares:
cockpit-headers:
headers:
customRequestHeaders:
X-Forwarded-Proto: "https"
X-Forwarded-Port: "443"

23
stacks/traefik/dynamic-private/middlewares.yml Normal file
View file

@ -0,0 +1,23 @@
http:
middlewares:
ratelimit:
rateLimit:
average: 100
burst: 50
period: 1s
secheaders:
headers:
stsSeconds: 31536000
forceSTSHeader: true
evasive:
rateLimit:
average: 3
burst: 5
period: 1s
localonly:
ipWhiteList:
sourceRange:
- "127.0.0.1/32"
- "192.168.1.0/24"
- "100.64.0.0/10"
- "172.18.0.0/16"

25
stacks/traefik/dynamic-private/proxmox.yml Normal file
View file

@ -0,0 +1,25 @@
http:
routers:
proxmox-rtr:
rule: "Host(`proxmox.local.tellserv.fr`)"
entryPoints:
- local
service: proxmox-svc
tls:
certResolver: cloudflare-local
middlewares:
- proxmox-headers
services:
proxmox-svc:
loadBalancer:
passHostHeader: true
servers:
- url: "https://192.168.1.29:8006"
middlewares:
proxmox-headers:
headers:
customRequestHeaders:
X-Forwarded-Proto: "https"
X-Forwarded-Port: "443"