From fa00790e957574159ae3f44d50989b15fb2f8887 Mon Sep 17 00:00:00 2001
From: Damien De Paoli <ddp@depaoli.id.au>
Date: Wed, 24 Jan 2024 00:48:25 +1100
Subject: [PATCH] moved several services to *.ddp.net, this adds
 influx.ddp.net, fixes piholes crazy URL rewrites, and simplifies a few ruls -
 needed for influxs api and traefiks api routes to coexist.  Also had to go
 back to network_mode: host for myth - not sure why as yet

---
 docker-compose.yml | 68 +++++++++++++++++++++-------------------------
 1 file changed, 31 insertions(+), 37 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index ac95228..2de0f3b 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -26,10 +26,7 @@ services:
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
       - "traefik.enable=true"
-      - "traefik.http.routers.dashboard.rule=PathPrefix(`/traefik`) || PathPrefix(`/api`) || PathPrefix(`/dashboard`)"
-      - "traefik.http.middlewares.dashboard.replacepathregex.regex=^/traefik/(.*)"
-      - "traefik.http.middlewares.dashboard.replacepathregex.replacement=/dashboard/$$1"
-      - "traefik.http.routers.dashboard.middlewares=dashboard"
+      - "traefik.http.routers.dashboard.rule=Host(`traefik.ddp.net`)"
       - "traefik.http.routers.dashboard.entrypoints=web"
       # need to ensure incoming traffic for traefik goes to port 8080 inside
       # the container, too many other ports (80, 443) so we have to be explicit
@@ -77,10 +74,8 @@ services:
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
       - "traefik.enable=true"
-      - "traefik.http.routers.lidarr.rule=PathPrefix(`/lidarr/`)"
+      - "traefik.http.routers.lidarr.rule=Host(`lidarr.ddp.net`)"
       - "traefik.http.routers.lidarr.entrypoints=web"
-    ports:
-      - "8686:8686"
     depends_on:
       - pihole
     volumes:
@@ -122,7 +117,7 @@ services:
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
       - "traefik.enable=true"
-      - "traefik.http.routers.readarr.rule=PathPrefix(`/readarr/`)"
+      - "traefik.http.routers.readarr.rule=Host(`readarr.ddp.net`)"
       - "traefik.http.routers.readarr.entrypoints=web"
     depends_on:
       - pihole
@@ -146,14 +141,14 @@ services:
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
       - "traefik.enable=true"
-#      - "traefik.http.routers.calibre.rule=PathPrefix(`/calibre/`)"
-#      - "traefik.http.services.calibre.loadbalancer.server.port=8080"
-#      - "traefik.http.middlewares.stripprefix-calibre.stripprefix.prefixes=/calibre"
-#      - "traefik.http.routers.calibre.entrypoints=web"
-#      - "traefik.http.routers.calibreweb.rule=PathPrefix(`/calibreweb/`)"
-#      - "traefik.http.services.calibreweb.loadbalancer.server.port=8081"
-#      - "traefik.http.middlewares.stripprefix-calibreweb.stripprefix.prefixes=/calibreweb"
-#      - "traefik.http.routers.calibreweb.entrypoints=web"
+      - "traefik.http.routers.calibre.service=calibre"
+      - "traefik.http.routers.calibre.rule=Host(`calibre.ddp.net`)"
+      - "traefik.http.services.calibre.loadbalancer.server.port=8080"
+      - "traefik.http.routers.calibre.entrypoints=web"
+      - "traefik.http.routers.calibreweb.service=calibreweb"
+      - "traefik.http.routers.calibreweb.rule=Host(`calibreweb.ddp.net`)"
+      - "traefik.http.services.calibreweb.loadbalancer.server.port=8081"
+      - "traefik.http.routers.calibreweb.entrypoints=web"
     depends_on:
       - pihole
     volumes:
@@ -227,9 +222,7 @@ services:
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
       - "traefik.enable=true"
-      - "traefik.http.routers.mail.rule=PathPrefix(`/rspamd/`)"
-      - "traefik.http.middlewares.stripprefix-mail.stripprefix.prefixes=/rspamd"
-      - "traefik.http.routers.mail.middlewares=stripprefix-mail@docker"
+      - "traefik.http.routers.mail.rule=Host(`rspamd.ddp.net`)"
       - "traefik.http.services.mail.loadbalancer.server.port=11334"
       - "traefik.http.routers.mail.entrypoints=web"
     depends_on:
@@ -381,10 +374,7 @@ services:
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
       - "traefik.enable=true"
-      - "traefik.http.routers.portainer.rule=PathPrefix(`/portainer/`)"
-      - "traefik.http.middlewares.stripprefix-portainer.stripprefix.prefixes=/portainer"
-      - "traefik.http.routers.portainer.middlewares=stripprefix-portainer@docker"
-      - "traefik.http.routers.portainer.entrypoints=web"
+      - "traefik.http.routers.portainer.rule=Host(`portainer.ddp.net`)"
       # need to be explicit, as it also runs API ports, SSL ports, etc
       - "traefik.http.services.portainer.loadbalancer.server.port=9000"
 
@@ -475,8 +465,6 @@ services:
       - "traefik.http.routers.esphome.middlewares=stripprefix-esphome@docker"
     restart: always
     privileged: true
-    ports:
-      - "6052:6052"
     
   sabnzbd:
     image: linuxserver/sabnzbd
@@ -496,7 +484,7 @@ services:
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
       - "traefik.enable=true"
-      - "traefik.http.routers.sabnzbd.rule=PathPrefix(`/sabnzbd/`)"
+      - "traefik.http.routers.sabnzbd.rule=Host(`sab.ddp.net`)"
       - "traefik.http.routers.sabnzbd.entrypoints=web"
 
   influxdb:
@@ -519,6 +507,9 @@ services:
       - /etc/localtime:/etc/localtime:ro
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
+      - "traefik.enable=true"
+      - "traefik.http.routers.influxdb.rule=Host(`influx.ddp.net`)"
+      - "traefik.http.routers.influxdb.entrypoints=web"
     restart: always
 
   telegraf:
@@ -597,14 +588,14 @@ services:
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
       - "traefik.enable=true"
-      - "traefik.http.routers.pihole.rule=PathPrefix(`/pihole/`) || PathPrefix(`/admin/`)"
       - "traefik.http.routers.pihole.entrypoints=web"
-      - "traefik.http.middlewares.replaceprefix-pihole.replacepathregex.regex=^/admin/$$"
-      - "traefik.http.middlewares.replaceprefix-pihole.replacepathregex.replacement=/pihole/admin/"
-      - "traefik.http.middlewares.stripprefix-pihole.stripprefix.prefixes=/pihole"
+      - "traefik.http.routers.pihole.rule=Host(`pihole.ddp.net`)"
+      # pihole is a mess, it does not redirect, but requires /admin to login, then it does redirect back to / -- the strip & add fixes this mess
+      - "traefik.http.middlewares.pihole-add.addprefix.prefix=/admin"
+      - "traefik.http.middlewares.pihole-strip.stripprefix.prefixes=/admin"
+      - "traefik.http.routers.pihole.middlewares=pihole-strip,pihole-add"
       # we set this to port 80, pihole has many open ports (e.g. 53), so have to tell traefik which port to send http traffic too
       - "traefik.http.services.pihole.loadbalancer.server.port=80"
-      - "traefik.http.routers.pihole.middlewares=replaceprefix-pihole@docker,stripprefix-pihole@docker"
 
   bookdb_dev:
     container_name: bookdb_dev
@@ -941,16 +932,19 @@ services:
       DBNAME: mythconverg
       # needs to be ip not container name as the host network_mode and DNS dont work together
       # test this as mythdb and remove network_mode host when I can
-      DBSERVER: mythdb
+      DBSERVER: 192.168.0.2
       LANG: en_US.UTF-8
       LANGUAGE: en_US.UTF-8
       LOCALHOSTNAME: mara
       TZ: Australia/Melbourne
-    ports:
-      - "6543:6543"
-      - "6544:6544"
-      - "6549:6549"
-      - "6744:6744"
+    network_mode: host
+#    ports:
+#      - "6543:6543"
+#      - "6544:6544"
+#      - "6549:6549"
+#      - "6744:6744"
+# these are open in network_mode: host
+#      2022/tcp, 5000/udp, 5002/udp, 5004/udp, 65001/tcp, 65001/udp, 6543/tcp, 6544/tcp, 6549/tcp, 6760/tcp
     entrypoint: >
       /bin/bash -c "
         /root/mara-init/fix_uids.sh