From bd1078d42ef613de8f4f7aaf49f2a740626733dd Mon Sep 17 00:00:00 2001
From: Bensuperpc <bensuperpc@gmail.com>
Date: Sun, 9 Nov 2025 21:14:10 +0100
Subject: [PATCH] Update Caddy and uptimekuma

Signed-off-by: Bensuperpc <bensuperpc@gmail.com>
---
 Makefile                                      |  2 +-
 README.md                                     |  2 +-
 .../services/caddy/config/Caddyfile           | 28 ++++++++++++++++++-
 .../caddy/config/website/header.caddy         |  1 +
 .../caddy/config/website/it-tools.caddy       |  3 ++
 .../caddy/config/website/jellyfin.caddy       |  3 ++
 .../caddy/config/website/uptimekuma.caddy     |  4 +++
 .../forgejo/docker-compose.forgejo.yml        |  2 +-
 .../services/forgejo/env/forgejo.env          |  6 ++--
 .../services/forgejo/env/forgejo_db.env       |  4 +--
 infrastructure/services/minecraft-server      |  2 +-
 .../services/openssh/env/openssh.env          |  2 +-
 .../teamfortress2/env/teamfortress2.env       |  2 +-
 .../docker-compose.uptime-kuma.yml            |  3 +-
 presets/torrent.conf                          |  1 +
 15 files changed, 52 insertions(+), 13 deletions(-)

diff --git a/Makefile b/Makefile
index 259a47f..8120c8e 100644
--- a/Makefile
+++ b/Makefile
@@ -25,7 +25,7 @@
 PROJECT_DIRECTORY := infrastructure
 CONFIG_DIRECTORY := presets
 
-CONFIGS := minecraft
+CONFIGS := minecraft 7dtd
 #DOCKER_PROFILES := 
 
 include DockerCompose.mk
diff --git a/README.md b/README.md
index fdc1225..521d829 100644
--- a/README.md
+++ b/README.md
@@ -310,7 +310,7 @@ You will need to provide the following information:
 ```sh
 https://forgejo.bensuperpc.org/
 <Your Registration Token, in https://forgejo.bensuperpc.org/admin/actions/runners>
-ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-22.04
+ubuntu-22.04:docker://ghcr.io/catthehacker/ubuntu:act-24.04
 main
 ```
 
diff --git a/infrastructure/services/caddy/config/Caddyfile b/infrastructure/services/caddy/config/Caddyfile
index 6cc5b43..608cee6 100644
--- a/infrastructure/services/caddy/config/Caddyfile
+++ b/infrastructure/services/caddy/config/Caddyfile
@@ -12,4 +12,30 @@
 	}
 }
 
-import website/*
+# import website/*
+
+
+# Common settings
+import website/header.caddy
+
+# All website configurations
+import website/main.caddy
+import website/cyberchef.caddy
+import website/forgejo.caddy
+import website/homepage.caddy
+import website/jellyfin.caddy
+import website/memos.caddy
+import website/open-webui.caddy
+import website/privatebin.caddy
+import website/psitransfer.caddy
+import website/stirlingpdf.caddy
+import website/transmission.caddy
+import website/wordpress.caddy
+import website/dufs.caddy
+import website/it-tools.caddy
+import website/omni-tools.caddy
+import website/picoshare.caddy
+import website/projectsend.caddy
+import website/qbittorrent.caddy
+import website/syncthing.caddy
+import website/uptimekuma.caddy
diff --git a/infrastructure/services/caddy/config/website/header.caddy b/infrastructure/services/caddy/config/website/header.caddy
index 68bf659..62b2d67 100644
--- a/infrastructure/services/caddy/config/website/header.caddy
+++ b/infrastructure/services/caddy/config/website/header.caddy
@@ -11,4 +11,5 @@
 	#Cross-Origin-Embedder-Policy: require-corp
 	Cross-Origin-Opener-Policy: same-origin
 	#Cross-Origin-Resource-Policy: same-origin
+	#Content-Security-Policy: default-src 'self'; img-src 'self' data:; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';
 }
diff --git a/infrastructure/services/caddy/config/website/it-tools.caddy b/infrastructure/services/caddy/config/website/it-tools.caddy
index 1b0c170..47ca4ab 100644
--- a/infrastructure/services/caddy/config/website/it-tools.caddy
+++ b/infrastructure/services/caddy/config/website/it-tools.caddy
@@ -6,4 +6,7 @@ it-tools.{$MAIN_DOMAIN} {
 		lb_retries 3
 		lb_try_interval 1s
 	}
+	header {
+		import header_common
+	}
 }
diff --git a/infrastructure/services/caddy/config/website/jellyfin.caddy b/infrastructure/services/caddy/config/website/jellyfin.caddy
index b48e9ba..06265c8 100644
--- a/infrastructure/services/caddy/config/website/jellyfin.caddy
+++ b/infrastructure/services/caddy/config/website/jellyfin.caddy
@@ -1,3 +1,6 @@
 jellyfin.{$MAIN_DOMAIN} {
 	reverse_proxy jellyfin:8096
+	header {
+		import header_common
+	}
 }
diff --git a/infrastructure/services/caddy/config/website/uptimekuma.caddy b/infrastructure/services/caddy/config/website/uptimekuma.caddy
index 809df01..a1d78c5 100644
--- a/infrastructure/services/caddy/config/website/uptimekuma.caddy
+++ b/infrastructure/services/caddy/config/website/uptimekuma.caddy
@@ -1,3 +1,7 @@
 uptimekuma.{$MAIN_DOMAIN} {
 	reverse_proxy uptime-kuma:3001
+	header {
+		Cache-Control "no-store"
+		import header_common
+	}
 }
diff --git a/infrastructure/services/forgejo/docker-compose.forgejo.yml b/infrastructure/services/forgejo/docker-compose.forgejo.yml
index de3b747..f2bfa13 100644
--- a/infrastructure/services/forgejo/docker-compose.forgejo.yml
+++ b/infrastructure/services/forgejo/docker-compose.forgejo.yml
@@ -59,7 +59,7 @@ services:
       - forgejo_certs:/certs
 
   forgejo_runner:
-    image: data.forgejo.org/forgejo/runner:9
+    image: data.forgejo.org/forgejo/runner:12
     networks:
       - infra-network
     profiles:
diff --git a/infrastructure/services/forgejo/env/forgejo.env b/infrastructure/services/forgejo/env/forgejo.env
index c974573..7c6f82e 100644
--- a/infrastructure/services/forgejo/env/forgejo.env
+++ b/infrastructure/services/forgejo/env/forgejo.env
@@ -4,7 +4,7 @@ FORGEJO__database__DB_TYPE=mysql
 FORGEJO__database__HOST=database_forgejo:3306
 FORGEJO__database__NAME=forgejo
 FORGEJO__database__USER=bensuperpc
-FORGEJO__database__PASSWD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j
+FORGEJO__database__PASSWD=ZcuHcM9tnIEM7EEO7R5jCpEt6v1d6r7s
 FORGEJO__APP_NAME=Bensuperpc's Forgejo
 FORGEJO__APP_SLOGAN=Personal Code, Mirrors, and More
 FORGEJO__server__DOMAIN=git.bensuperpc.org
@@ -13,9 +13,9 @@ FORGEJO__server__HTTP_PORT=3000
 FORGEJO__server__SSH_LISTEN_PORT=2222
 FORGEJO__server__SSH_PORT=22
 FORGEJO__server__ROOT_URL=https://git.bensuperpc.org
-FORGEJO__security__SECRET_KEY=ykcZt23an1E4lFHWvrCKdAyt16WAiK9c
+FORGEJO__security__SECRET_KEY=7IWrMh7mC7UMo1SowvUsAT2LOX49eU6P
 #FORGEJO__security__INTERNAL_TOKEN=
-#FORGEJO__security__INSTALL_LOCK=true
+FORGEJO__security__INSTALL_LOCK=true
 FORGEJO__security__MIN_PASSWORD_LENGTH=8
 FORGEJO__actions__ENABLED=true
 FORGEJO__actions__DEFAULT_ACTIONS_URL="https://git.bensuperpc.org"
diff --git a/infrastructure/services/forgejo/env/forgejo_db.env b/infrastructure/services/forgejo/env/forgejo_db.env
index 9dd9bbb..339e340 100644
--- a/infrastructure/services/forgejo/env/forgejo_db.env
+++ b/infrastructure/services/forgejo/env/forgejo_db.env
@@ -1,4 +1,4 @@
-MARIADB_ROOT_PASSWORD=xpc4zIhHZzWKqVHcjBu4aW6aS7jG8d7X
+MARIADB_ROOT_PASSWORD=ZI8Trbot3b8WGqE5AKj1yphKMu4v9qQw
 MARIADB_USER=bensuperpc
-MARIADB_PASSWORD=K7s5yoHknnEd7vsZoxb8I3dK9mjToF1j
+MARIADB_PASSWORD=ZcuHcM9tnIEM7EEO7R5jCpEt6v1d6r7s
 MARIADB_DATABASE=forgejo
\ No newline at end of file
diff --git a/infrastructure/services/minecraft-server b/infrastructure/services/minecraft-server
index eb36841..ee02f78 160000
--- a/infrastructure/services/minecraft-server
+++ b/infrastructure/services/minecraft-server
@@ -1 +1 @@
-Subproject commit eb36841abffa511fd97833c36e72e9dd7d032a2f
+Subproject commit ee02f78a8510b108712290286d312612169923da
diff --git a/infrastructure/services/openssh/env/openssh.env b/infrastructure/services/openssh/env/openssh.env
index f41784f..a84c9ff 100644
--- a/infrastructure/services/openssh/env/openssh.env
+++ b/infrastructure/services/openssh/env/openssh.env
@@ -5,7 +5,7 @@ DOCKER_MODS=linuxserver/mods:openssh-server-rsync
 #PUBLIC_KEY_URL=https://github.com/bensuperpc.keys
 PUBLIC_KEY_DIR=/authorized_ssh_keys
 USER_NAME=admin
-USER_PASSWORD=rdUwf36C11PLmpU9Lvq7tP5pfFBKAuCh
+USER_PASSWORD=fdfdsfsd4585fd5sdf54dsf54f5
 
 #PUBLIC_KEY=yourpublickey
 #PUBLIC_KEY_FILE=/path/to/file
diff --git a/infrastructure/services/teamfortress2-server/teamfortress2-server/teamfortress2/env/teamfortress2.env b/infrastructure/services/teamfortress2-server/teamfortress2-server/teamfortress2/env/teamfortress2.env
index 004ee48..57b0884 100644
--- a/infrastructure/services/teamfortress2-server/teamfortress2-server/teamfortress2/env/teamfortress2.env
+++ b/infrastructure/services/teamfortress2-server/teamfortress2-server/teamfortress2/env/teamfortress2.env
@@ -1,4 +1,4 @@
-SRCDS_TOKEN=
+SRCDS_TOKEN=D3667770288B9CC33B0E526D441FA241
 SRCDS_PW=linuxmasterrace
 SRCDS_PORT=27015
 SRCDS_MAXPLAYERS=32
diff --git a/infrastructure/services/uptime-kuma/docker-compose.uptime-kuma.yml b/infrastructure/services/uptime-kuma/docker-compose.uptime-kuma.yml
index 9f9575c..610fd25 100644
--- a/infrastructure/services/uptime-kuma/docker-compose.uptime-kuma.yml
+++ b/infrastructure/services/uptime-kuma/docker-compose.uptime-kuma.yml
@@ -1,12 +1,13 @@
 services:
   # Uptime Kuma
   uptime-kuma:
-    image: louislam/uptime-kuma:latest
+    image: louislam/uptime-kuma:2
     container_name: uptime-kuma
     profiles:
       - uptime-kuma
     volumes:
       - uptimekuma_data:/app/data
+      - /var/run/docker.sock:/var/run/docker.sock:ro
     restart: on-failure:5
     depends_on:
       - caddy
diff --git a/presets/torrent.conf b/presets/torrent.conf
index 1aac3ef..6be10bf 100644
--- a/presets/torrent.conf
+++ b/presets/torrent.conf
@@ -1,3 +1,4 @@
 DOCKER_PROFILES += main_infrastructure caddy
 DOCKER_PROFILES += qbittorrent openssh
+DOCKER_PROFILES += uptime-kuma
 # transmission