Improve restart en failure

Signed-off-by: Bensuperpc <bensuperpc@gmail.com>
Use json format
2025-01-05 07:14:25 +01:00 · 2024-05-12 12:00:12 +02:00 · 2024-05-12 11:45:44 +02:00 · 2024-05-12 11:11:53 +02:00
14 changed files with 41 additions and 31 deletions
--- a/2
+++ b/2
@ -13,7 +13,7 @@

 DOCKER := docker

-PROFILES := caddy wordpress adminer uptime-kuma qbittorrent gitea jellyfin watchtower backup syncthing openssh
+PROFILES := caddy wordpress gitea adminer uptime-kuma qbittorrent jellyfin watchtower backup syncthing openssh
 PROFILE_CMD := $(addprefix --profile ,$(PROFILES))

 COMPOSE_FILES :=  $(shell find docker-compose*.yml | sed -e 's/^/--file /')
--- a/caddy/Caddyfile
+++ b/caddy/Caddyfile
@ -4,12 +4,12 @@

 	log {
 		output file /data/logs/access.log
-		format console
+		format json
 	}
 }

-import bensuperpc.org/Caddyfile
-import bensuperpc.com/Caddyfile
-import bensuperpc.net/Caddyfile
-import bensuperpc.ovh/Caddyfile
-import bensuperpc.fr/Caddyfile
+import bensuperpc.org/*
+import bensuperpc.com/*
+import bensuperpc.net/*
+import bensuperpc.ovh/*
+import bensuperpc.fr/*
--- a/caddy/bensuperpc.net/Caddyfile
+++ b/caddy/bensuperpc.net/Caddyfile
@ -5,3 +5,15 @@ bensuperpc.net {
 www.bensuperpc.net {
 	redir https://www.bensuperpc.org{uri} permanent
 }
+
+git.bensuperpc.net {
+	redir https://git.bensuperpc.org{uri} permanent
+}
+
+jellyfin.bensuperpc.net {
+	redir https://jellyfin.bensuperpc.org{uri} permanent
+}
+
+uptimekuma.bensuperpc.net {
+	redir https://uptimekuma.bensuperpc.org{uri} permanent
+}
--- a/docker-compose.adminer.yml
+++ b/docker-compose.adminer.yml
@ -7,7 +7,7 @@ services:
    container_name: adminer
    profiles:
      - adminer
-    restart: on-failure
+    restart: on-failure:5
    env_file: 
      - env/adminer.env
    depends_on:
--- a/docker-compose.backup.yml
+++ b/docker-compose.backup.yml
@ -7,7 +7,7 @@ services:
    container_name: backup
    profiles:
      - backup
-    restart: on-failure
+    restart: on-failure:5
    env_file:
      - env/backup.env
    volumes:
--- a/docker-compose.caddy.yml
+++ b/docker-compose.caddy.yml
@ -7,7 +7,7 @@ services:
    container_name: caddy
    profiles:
      - caddy
-    restart: on-failure
+    restart: on-failure:5
    ports:
      - 80:80
      - 443:443
@ -20,19 +20,17 @@ services:
      - infra-network
    env_file:
      - env/caddy.env
-    cap_add:
-      - NET_ADMIN
    security_opt:
      - no-new-privileges:true
-    #    cap_drop:
-    #      - ALL
-    #    cap_add:
-    #      - CHOWN
-    #      - FOWNER
-    #      - DAC_OVERRIDE
-    #      - SETGID
-    #      - SETUID
-    #      - NET_BIND_SERVICE
+    cap_drop:
+      - ALL
+    cap_add:
+#      - CHOWN
+#      - FOWNER
+#      - DAC_OVERRIDE
+#      - SETGID
+#      - SETUID
+      - NET_BIND_SERVICE
    healthcheck:
      test: pidof caddy || exit 1
      interval: 120s
--- a/docker-compose.gitea.yml
+++ b/docker-compose.gitea.yml
@ -7,7 +7,7 @@ services:
    container_name: gitea
    profiles:
      - gitea
-    restart: on-failure
+    restart: on-failure:5
    depends_on:
      - caddy
    env_file:
@ -31,7 +31,7 @@ services:
      - gitea
    depends_on:
      - gitea
-    restart: on-failure
+    restart: on-failure:5
    volumes:
      - gitea_db:/var/lib/mysql:rw
    env_file:
--- a/docker-compose.jellyfin.yml
+++ b/docker-compose.jellyfin.yml
@ -7,7 +7,7 @@ services:
    container_name: jellyfin
    profiles:
      - jellyfin
-    restart: on-failure
+    restart: on-failure:5
    depends_on:
      - caddy
    volumes:
--- a/docker-compose.openssh.yml
+++ b/docker-compose.openssh.yml
@ -7,7 +7,7 @@ services:
    container_name: openssh
    profiles:
      - openssh
-    restart: on-failure
+    restart: on-failure:5
    env_file:
      - env/openssh.env
    volumes:
--- a/docker-compose.qbittorrent.yml
+++ b/docker-compose.qbittorrent.yml
@ -7,7 +7,7 @@ services:
    container_name: qbittorrent
    profiles:
      - qbittorrent
-    restart: on-failure
+    restart: on-failure:5
    depends_on:
      - caddy
    env_file:
--- a/docker-compose.syncthing.yml
+++ b/docker-compose.syncthing.yml
@ -7,7 +7,7 @@ services:
    container_name: syncthing
    profiles:
      - syncthing
-    restart: on-failure
+    restart: on-failure:5
    env_file:
      - env/syncthing.env
    volumes:
--- a/docker-compose.uptime-kuma.yml
+++ b/docker-compose.uptime-kuma.yml
@ -9,7 +9,7 @@ services:
      - uptime-kuma
    volumes:
      - uptimekuma_data:/app/data
-    restart: on-failure
+    restart: on-failure:5
    networks:
      - infra-network
    security_opt:
--- a/docker-compose.watchtower.yml
+++ b/docker-compose.watchtower.yml
@ -7,7 +7,7 @@ services:
    container_name: watchtower
    profiles:
      - watchtower
-    restart: on-failure
+    restart: on-failure:5
    networks:
      - infra-network
    volumes:
--- a/docker-compose.wordpress.yml
+++ b/docker-compose.wordpress.yml
@ -7,7 +7,7 @@ services:
    container_name: wordpress
    profiles:
      - wordpress
-    restart: on-failure
+    restart: on-failure:5
    depends_on:
      - wordpress_db
      - caddy
@ -30,7 +30,7 @@ services:
      - wordpress
    depends_on:
      - caddy
-    restart: on-failure
+    restart: on-failure:5
    volumes:
      - wordpress_db:/var/lib/mysql:rw
    env_file:
Author	SHA1	Message	Date
Bensuperpc	b101480a01	Improve restart en failure Signed-off-by: Bensuperpc <bensuperpc@gmail.com>	2024-05-12 12:00:12 +02:00
Bensuperpc	f11ca40a94	Use json format Signed-off-by: Bensuperpc <bensuperpc@gmail.com>	2024-05-12 11:45:44 +02:00
Bensuperpc	340c1a1438	Improve security Signed-off-by: Bensuperpc <bensuperpc@gmail.com>	2024-05-12 11:11:53 +02:00