From cb9a8fa46bdef5ab54f7101fc7d4d3bfd084be6c Mon Sep 17 00:00:00 2001 From: knight Date: Wed, 21 Jan 2026 14:52:04 -0500 Subject: [PATCH] Add uplink.tel and sequela.tel routing via ubuntu-prod proxy - Add uplink.yml: Routes nitter, invidious, searx, freshrss, rsshub, radio through ubuntu-prod to docker-public backend - Add sequela.yml: Routes wiki and matomo through ubuntu-prod to docker-public - Update traefik.yml: Add proxyProtocol insecure:true for VPS HAProxy send-proxy compatibility Co-Authored-By: Claude Opus 4.5 --- stacks/traefik/conf.d/sequela.yml | 33 ++++++++++++++ stacks/traefik/conf.d/uplink.yml | 75 +++++++++++++++++++++++++++++++ stacks/traefik/traefik.yml | 4 ++ 3 files changed, 112 insertions(+) create mode 100644 stacks/traefik/conf.d/sequela.yml create mode 100644 stacks/traefik/conf.d/uplink.yml diff --git a/stacks/traefik/conf.d/sequela.yml b/stacks/traefik/conf.d/sequela.yml new file mode 100644 index 0000000..bda0ac5 --- /dev/null +++ b/stacks/traefik/conf.d/sequela.yml @@ -0,0 +1,33 @@ +http: + routers: + # Wiki.js + wikijs: + entrypoints: + - http + - https + rule: "Host(`wiki.sequela.tel`) || Host(`wiki.sequela.uk`)" + service: docker-public + tls: + certResolver: http + + # Matomo Analytics + matomo: + entrypoints: + - http + - https + rule: "Host(`matomo.sequela.tel`) || Host(`matomo.sequela.uk`)" + service: docker-public + tls: + certResolver: http + + services: + docker-public: + loadBalancer: + passHostHeader: true + serversTransport: insecure-transport + servers: + - url: "https://192.168.5.46:443" + + serversTransports: + insecure-transport: + insecureSkipVerify: true diff --git a/stacks/traefik/conf.d/uplink.yml b/stacks/traefik/conf.d/uplink.yml new file mode 100644 index 0000000..34af4c1 --- /dev/null +++ b/stacks/traefik/conf.d/uplink.yml @@ -0,0 +1,75 @@ +http: + routers: + # Nitter - Twitter frontend + nitter: + entrypoints: + - https + rule: "Host(`nitter.uplink.tel`)" + service: docker-public + tls: + certResolver: http + + # Invidious - YouTube frontend + invidious-uplink: + entrypoints: + - https + rule: "Host(`invidious.uplink.tel`)" + service: docker-public + tls: + certResolver: http + + # SearXNG - Search engine + searx: + entrypoints: + - https + rule: "Host(`searx.uplink.tel`)" + service: docker-public + tls: + certResolver: http + + # FreshRSS - RSS reader + freshrss: + entrypoints: + - https + rule: "Host(`freshrss.uplink.tel`)" + service: docker-public + tls: + certResolver: http + + # RSSHub + rsshub: + entrypoints: + - https + rule: "Host(`rsshub.uplink.tel`)" + service: docker-public + tls: + certResolver: http + + # Radio (wunder - currently offline) + radio: + entrypoints: + - https + rule: "Host(`radio.uplink.tel`)" + service: radio-wunder + tls: + certResolver: http + + services: + # Proxy to docker-public's traefik (HTTPS) + docker-public: + loadBalancer: + passHostHeader: true + serversTransport: insecure-transport + servers: + - url: "https://192.168.5.46:443" + + # Radio points to wunder (offline) + radio-wunder: + loadBalancer: + passHostHeader: true + servers: + - url: "http://100.64.0.8:3000" + + serversTransports: + insecure-transport: + insecureSkipVerify: true diff --git a/stacks/traefik/traefik.yml b/stacks/traefik/traefik.yml index 06312a4..612f8b3 100644 --- a/stacks/traefik/traefik.yml +++ b/stacks/traefik/traefik.yml @@ -8,8 +8,12 @@ api: entryPoints: http: address: ":80" + proxyProtocol: + insecure: true https: address: ":443" + proxyProtocol: + insecure: true providers: providersThrottleDuration: 2s