add new s3

compute-vel/traefik/docker-compose.yml

@@ -0,0 +1,108 @@
+services:
+  traefik:
+    image: "traefik:v3.3"
+    container_name: "traefik"
+    depends_on:
+      tracs3:
+        condition: service_completed_successfully
+    command:
+      - "--log.level=info"
+      - "--log.maxsize=100"
+      - "--log.maxage=3"
+
+      - "--metrics.prometheus=true"
+
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
+
+      - "--entryPoints.web.address=:80"
+      - "--entryPoints.name.allowACMEByPass=true"
+      - "--entryPoints.websecure.address=:443"
+      - "--entryPoints.websecure.http3"
+      - "--entryPoints.websecure.http.tls=true"
+      - "--entryPoints.ssh.address=:2222"
+      - "--entryPoints.sshgitlab.address=:2223"
+
+      - "--providers.docker=true"
+      - "--providers.file.directory=/traefik"
+      - "--providers.redis.endpoints=${TRAEFIK_KOP_REDIS_ADDR}"
+      - "--providers.redis.password=${TRAEFIK_KOP_REDIS_PASS}"
+    ports:
+      - target: 80
+        published: 80
+        protocol: tcp
+        mode: host
+      - target: 443
+        published: 443
+        protocol: tcp
+        mode: host
+      - target: 443
+        published: 443
+        protocol: udp
+        mode: host
+      - target: 2222
+        published: 2222
+        protocol: tcp
+        mode: host
+      - target: 2223
+        published: 2223
+        protocol: tcp
+        mode: host
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - "/etc/traefik/sites:/traefik"
+      - "certificates:/certificates"
+    networks:
+      - traefik_internal
+  
+  epee: 
+    image: "git.gnous.eu/enpls/epee-service:stable"
+    container_name: "epee"
+    ports:
+      - "5900:5900"
+    networks:
+      - traefik_internal
+
+  tracs3:
+    image: ghcr.io/outout14/traefik-acme-s3:main
+    env_file:
+      - tracs3.env
+    command:
+      - "sync"
+    volumes:
+      - "/etc/traefik/sites:/configs"
+      - "certificates:/certificates"
+    network_mode: "host"
+
+  tracs3-certificate-sync:
+    image: mcuadros/ofelia:latest
+    restart: always
+    depends_on:
+      tracs3:
+        condition: service_completed_successfully
+    command: daemon --docker
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    labels:
+      ofelia.job-run.example-key-rotation.schedule: "@every 10m"
+      ofelia.job-run.example-key-rotation.command:  "sh -c 'docker restart traefik-tracs3-1'"
+      ofelia.job-run.example-key-rotation.image:  "docker:cli"
+      ofelia.job-run.example-key-rotation.volume:  "/var/run/docker.sock:/var/run/docker.sock"
+    environment:
+      - AWS_REGION=${TRACS_AWS_REGION}
+      - AWS_DEFAULT_REGION=${TRACS_AWS_REGION}
+      - AWS_ENDPOINT_URL=${TRACS_S3_ENDPOINT}
+      - AWS_S3_ENDPOINT=${TRACS_S3_ENDPOINT}
+      - AWS_S3API_ENDPOINT=${TRACS_S3_ENDPOINT}
+
+      - AWS_ACCESS_KEY_ID=${TRACS_S3_ACCESS_KEY_ID}
+      - AWS_SECRET_ACCESS_KEY=${TRACS_S3_SECRET}
+
+      - CLOSET_BUCKET=${TRACS_CLOSET_BUCKET}
+      - CLOSET_PASSWORD=${TRACS_CLOSET_PASSWORD}
+
+volumes:
+  certificates:
+networks:
+  traefik_internal:
+    enable_ipv6: true

compute-vel/traefik/tracs3.env

@@ -0,0 +1,6 @@
+AWS_CONFIGURE_PLUGINS=awscli_plugin_endpoint
+AWS_REQUEST_CHECKSUM_CALCULATION=WHEN_REQUIRED
+AWS_S3_SIGNATURE_VERSION=s3v4
+TRAEFIK_LOCAL_STORE=/certificates/
+TRAEFIK_OUTPUT_FILE=/configs/certificates.toml
+TRAEFIK_CERTIFICATE_DIR=/certificates/