first steps on my docker host...

README.md

@@ -82,3 +82,46 @@ Check, wer gebanned ist:
 ```bash
 # apt install git
 ```
+
+## Backup Server
+
+```bash
+# apt install restic
+# mkdir /backup
+# mkdir /backup-restic
+# restic init --repo /backup-restic/restic-repo-$(hostname --short)      # Passwort in Keepass
+
+Restic Script:
+
+/usr/local/bin/backup-to-disk.sh
+#!/bin/bash
+# Backup der wichtigsten Verzeichnisse nach einem Verzeichnis
+#
+# Es wird restic verwendet.
+#
+PATH=$PATH:/usr/local/bin
+export RESTIC_PASSWORD="$(hostname --short)7355"
+restic backup --quiet --repo /backup-restic/restic-repo-$(hostname --short) /etc /var /opt /var/lib/docker/volumes /usr/local/bin /backup --exclude=/var/log
+
+if [ $? -eq 0 ]; then
+  restic forget --quiet --repo /backup-restic/restic-repo-$(hostname --short) --keep-daily 7 --keep-weekly 5 --keep-monthly 12 --keep-yearly 20 --prune
+else
+  >&2 echo "Problem with restic Backup $(hostname --short)"
+fi
+
+/etc/cron.d/backup-to-disk: 
+#
+# Backup important Files to Disk
+#
+55 5 * * * root /usr/local/bin/backup-to-disk.sh >/dev/null
+
+Backup auf Storag Box:
+
+# cat > /etc/cron.d/rsync-backup-to-other-host <<HERE
+#
+# Rsync /backup-restic to backup space
+#
+20 6 * * * root /usr/bin/rsync -avzH --delete --numeric-ids -e 'ssh -p23' /backup-restic u152662@u152662.your-storagebox.de:moby-backup-restic-rsync >/dev/null
+HERE
+```
+

docker-compose/traefik/docker-compose.yml

@@ -1,26 +0,0 @@
-version: "3.3"
-
-services:
-
-  traefik:
-    image: "traefik:v2.4"
-    container_name: "traefik"
-    command:
-      #- "--log.level=DEBUG"
-      - "--api.insecure=true"
-      - "--providers.docker=true"
-      - "--providers.docker.exposedbydefault=false"
-      - "--entrypoints.web.address=:80"
-    ports:
-      - "80:80"
-      - "8080:8080"
-    volumes:
-      - "/var/run/docker.sock:/var/run/docker.sock:ro"
-
-  whoami:
-    image: "traefik/whoami"
-    container_name: "simple-service"
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.whoami.rule=Host(`moby.nbit.ch`) && Path(`/whoami`)"
-      - "traefik.http.routers.whoami.entrypoints=web"

nbit-websites/docker-compose.yml

@@ -0,0 +1,17 @@
+version: "3.5"
+
+services:
+
+  simpleservice:
+    image: "traefik/whoami"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.whoami2.rule=Host(`moby.nbit.ch`) && Path(`/whoami2`)"
+      - "traefik.http.routers.whoami2.entrypoints=websecure"
+      - "traefik.http.routers.whoami2.tls.certresolver=myresolver"
+
+networks:
+  default:
+    external: true
+    name: proxy_default
+

proxy/docker-compose.yml

@@ -0,0 +1,37 @@
+version: "3.5"
+
+services:
+
+  traefik:
+    image: "traefik:v2.4"
+    command:
+      #- "--log.level=DEBUG"
+      - "--api.insecure=true"
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
+      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
+      - "--entrypoints.websecure.address=:443"
+      - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
+      #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
+      - "--certificatesresolvers.myresolver.acme.email=postmaster@nbit.ch"
+      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
+    ports:
+      - "80:80"
+      - "443:443"
+      - "8080:8080"
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      - "data-volume:/letsencrypt"
+
+  simpleservice:
+    image: "traefik/whoami"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.whoami.rule=Host(`moby.nbit.ch`) && Path(`/whoami`)"
+      - "traefik.http.routers.whoami.entrypoints=websecure"
+      - "traefik.http.routers.whoami.tls.certresolver=myresolver"
+
+volumes:
+  data-volume: