bMINI

backups/volume-backup-log.txt

@@ -22,3 +22,83 @@
 [2025-04-19_19-44-40] Compressing backup file...
 [2025-04-19_19-44-40] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-04-19_19-44-40.tar.zip
 [2025-04-19_19-44-40] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-04-19_19-44-40.tar.zip
+[2025-04-20_03-06-24] Starting volume backup for gitea-docker_postgres-data...
+[2025-04-20_03-06-24] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-04-20_03-06-24.tar...
+[2025-04-20_03-06-24] Volume backup completed successfully!
+[2025-04-20_03-06-24] Compressing backup file...
+[2025-04-20_03-06-24] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-04-20_03-06-24.tar.zip
+[2025-04-20_03-06-24] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-04-20_03-06-24.tar.zip
+[2025-04-21_03-05-47] Starting volume backup for gitea-docker_postgres-data...
+[2025-04-21_03-05-47] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-04-21_03-05-47.tar...
+[2025-04-21_03-05-47] Volume backup completed successfully!
+[2025-04-21_03-05-47] Compressing backup file...
+[2025-04-21_03-05-47] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-04-21_03-05-47.tar.zip
+[2025-04-21_03-05-47] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-04-21_03-05-47.tar.zip
+[2025-04-21_03-05-47] Removed old volume backup: postgres-volume-backup-2025-03-01_23-23-13.tar.zip
+[2025-04-22_03-27-19] Starting volume backup for gitea-docker_postgres-data...
+[2025-04-22_03-27-19] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-04-22_03-27-19.tar...
+[2025-04-22_03-27-19] Volume backup completed successfully!
+[2025-04-22_03-27-19] Compressing backup file...
+[2025-04-22_03-27-19] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-04-22_03-27-19.tar.zip
+[2025-04-22_03-27-19] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-04-22_03-27-19.tar.zip
+[2025-04-22_03-27-19] Removed old volume backup: postgres-volume-backup-2025-04-19_19-42-55.tar.zip
+[2025-04-23_08-10-53] Starting volume backup for gitea-docker_postgres-data...
+[2025-04-23_08-10-53] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-04-23_08-10-53.tar...
+[2025-04-23_08-10-53] Volume backup completed successfully!
+[2025-04-23_08-10-53] Compressing backup file...
+[2025-04-23_08-10-53] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-04-23_08-10-53.tar.zip
+[2025-04-23_08-10-53] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-04-23_08-10-53.tar.zip
+[2025-04-23_08-10-53] Removed old volume backup: postgres-volume-backup-2025-04-19_19-43-53.tar.zip
+[2025-05-18_01-22-29] Starting volume backup for gitea-docker_postgres-data...
+[2025-05-18_01-22-29] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-18_01-22-29.tar...
+[2025-05-18_01-22-29] Volume backup completed successfully!
+[2025-05-18_01-22-29] Compressing backup file...
+[2025-05-18_01-22-29] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-18_01-22-29.tar.zip
+[2025-05-18_01-22-29] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-05-18_01-22-29.tar.zip
+[2025-05-18_01-22-29] Removed old volume backup: postgres-volume-backup-2025-04-19_19-44-40.tar.zip
+[2025-05-18_03-00-14] Starting volume backup for gitea-docker_postgres-data...
+[2025-05-18_03-00-14] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-18_03-00-14.tar...
+[2025-05-18_03-00-14] Volume backup completed successfully!
+[2025-05-18_03-00-14] Compressing backup file...
+[2025-05-18_03-00-14] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-18_03-00-14.tar.zip
+[2025-05-18_03-00-14] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-05-18_03-00-14.tar.zip
+[2025-05-18_03-00-14] Removed old volume backup: postgres-volume-backup-2025-04-20_03-06-24.tar.zip
+[2025-05-19_03-00-14] Starting volume backup for gitea-docker_postgres-data...
+[2025-05-19_03-00-14] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-19_03-00-14.tar...
+[2025-05-19_03-00-14] Volume backup completed successfully!
+[2025-05-19_03-00-14] Compressing backup file...
+[2025-05-19_03-00-14] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-19_03-00-14.tar.zip
+[2025-05-19_03-00-14] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-05-19_03-00-14.tar.zip
+[2025-05-19_03-00-14] Removed old volume backup: postgres-volume-backup-2025-04-21_03-05-47.tar.zip
+[2025-05-20_03-14-23] Starting volume backup for gitea-docker_postgres-data...
+[2025-05-20_03-14-23] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-20_03-14-23.tar...
+[2025-05-20_03-14-23] Volume backup completed successfully!
+[2025-05-20_03-14-23] Compressing backup file...
+[2025-05-20_03-14-23] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-20_03-14-23.tar.zip
+[2025-05-20_03-14-23] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-05-20_03-14-23.tar.zip
+[2025-05-20_03-14-23] Removed old volume backup: postgres-volume-backup-2025-04-22_03-27-19.tar.zip
+[2025-05-21_03-08-24] Starting volume backup for gitea-docker_postgres-data...
+[2025-05-21_03-08-24] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-21_03-08-24.tar...
+[2025-05-21_03-08-24] Volume backup completed successfully!
+[2025-05-21_03-08-24] Compressing backup file...
+[2025-05-21_03-08-24] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-21_03-08-24.tar.zip
+[2025-05-21_03-08-24] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-05-21_03-08-24.tar.zip
+[2025-05-21_03-08-24] Removed old volume backup: postgres-volume-backup-2025-04-23_08-10-53.tar.zip
+[2025-05-22_03-03-49] Starting volume backup for gitea-docker_postgres-data...
+[2025-05-22_03-03-49] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-22_03-03-49.tar...
+[2025-05-22_03-03-49] Volume backup completed successfully!
+[2025-05-22_03-03-49] Compressing backup file...
+[2025-05-22_03-03-49] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-22_03-03-49.tar.zip
+[2025-05-22_03-03-49] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-05-22_03-03-49.tar.zip
+[2025-05-22_03-03-49] Removed old volume backup: postgres-volume-backup-2025-05-18_01-22-29.tar.zip
+[2025-05-23_08-01-05] Starting volume backup for gitea-docker_postgres-data...
+[2025-05-23_08-01-05] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-05-23_08-01-05.tar...
+[2025-05-23_08-01-05] Volume backup completed successfully!
+[2025-05-23_08-01-05] Compressing backup file...
+[2025-06-09_21-30-15] Starting volume backup for gitea-docker_postgres-data...
+[2025-06-09_21-30-15] Creating backup to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-06-09_21-30-15.tar...
+[2025-06-09_21-30-15] Volume backup completed successfully!
+[2025-06-09_21-30-15] Compressing backup file...
+[2025-06-09_21-30-15] Backup compressed to C:\Users\benne\Projects\gitea-docker\backups\postgres-volume-backup-2025-06-09_21-30-15.tar.zip
+[2025-06-09_21-30-15] Backup copied to redundant location: D:\Pr00jects\gitea-docker\postgres-volume-backup-2025-06-09_21-30-15.tar.zip
+[2025-06-09_21-30-15] Removed old volume backup: postgres-volume-backup-2025-05-18_03-00-14.tar.zip

docker-compose.headscale.yml

@@ -0,0 +1,20 @@
+version: '3.8'
+
+services:
+  headscale:
+    image: headscale/headscale:latest
+    container_name: headscale
+    restart: unless-stopped
+    ports:
+      - "8081:8080"  # Web UI and API (avoiding conflict with Traefik)
+      - "50443:50443"  # gRPC
+    volumes:
+      - ./headscale/config:/etc/headscale
+      - ./headscale/data:/var/lib/headscale
+    command: serve
+    networks:
+      - headscale-net
+
+networks:
+  headscale-net:
+    driver: bridge

docker-compose.yml

@@ -3,6 +3,10 @@ version: "3"
 networks:
   gitea:
     external: false
+  traefik:
+    external: true
+  immich_default:
+    external: true
 
 volumes:
   gitea-data:
@@ -15,18 +19,20 @@ services:
     container_name: traefik
     restart: always
     ports:
-      - "80:80"      # HTTP
-      - "443:443"    # HTTPS
-      - "8080:8080"  # Dashboard
+      - "8080:80"      # HTTP (changed from 80 to 8080 for ISP testing)
+      - "8443:443"     # HTTPS (changed from 443 to 8443 for ISP testing)
+      - "8081:8080"    # Dashboard (changed to avoid conflict)
+
     networks:
       - gitea
+      - traefik
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock:ro
       - traefik-certs:/letsencrypt
     command:
       - "--providers.docker=true"
       - "--providers.docker.exposedbydefault=false"
-      - "--providers.docker.network=gitea-docker_gitea"
+      - "--providers.docker.network=traefik"
       - "--entrypoints.web.address=:80"
       - "--entrypoints.websecure.address=:443"
       - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
@@ -53,7 +59,7 @@ services:
       - GITEA__database__PASSWD=gitea
       # Server Configuration
       - GITEA__server__DOMAIN=bee8333.ddns.net
-      - GITEA__server__ROOT_URL=https://bee8333.ddns.net/
+      - GITEA__server__ROOT_URL=https://bee8333.ddns.net/gitea/
       - GITEA__server__PROTOCOL=http
       - GITEA__server__HTTP_PORT=3000
       - GITEA__server__SSH_DOMAIN=bee8333.ddns.net
@@ -68,30 +74,63 @@ services:
     restart: always
     networks:
       - gitea
+      - traefik
     volumes:
       - gitea-data:/data
-      - /etc/timezone:/etc/timezone:ro
-      - /etc/localtime:/etc/localtime:ro
+#      - /etc/timezone:/etc/timezone:ro
+#      - /etc/localtime:/etc/localtime:ro
     ports:
       - "2224:22"    # SSH: Host port 2224 -> Container port 22
     depends_on:
       - db
     labels:
       - "traefik.enable=true"
-      # HTTP Configuration for HTTPS access
-      - "traefik.http.routers.gitea.rule=Host(`bee8333.ddns.net`)"
+      - "traefik.docker.network=traefik"
+      # HTTPS Configuration for /gitea subpath
+      - "traefik.http.routers.gitea.rule=Host(`bee8333.ddns.net`) && PathPrefix(`/gitea`)"
       - "traefik.http.routers.gitea.entrypoints=websecure"
       - "traefik.http.routers.gitea.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.gitea.priority=10"
       - "traefik.http.services.gitea.loadbalancer.server.port=3000"
+      - "traefik.http.middlewares.gitea-stripprefix.stripprefix.prefixes=/gitea"
       - "traefik.http.middlewares.gitea-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
-      - "traefik.http.routers.gitea.middlewares=gitea-headers@docker"
+      - "traefik.http.routers.gitea.middlewares=gitea-stripprefix@docker,gitea-headers@docker"
       # HTTP Configuration for HTTP -> HTTPS redirection
-      - "traefik.http.routers.gitea-http.rule=Host(`bee8333.ddns.net`)"
+      - "traefik.http.routers.gitea-http.rule=Host(`bee8333.ddns.net`) && PathPrefix(`/gitea`)"
       - "traefik.http.routers.gitea-http.entrypoints=web"
       - "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
       - "traefik.http.middlewares.https-redirect.redirectscheme.permanent=true"
       - "traefik.http.routers.gitea-http.middlewares=https-redirect@docker"
 
+  headscale:
+    image: headscale/headscale:latest
+    container_name: headscale
+    restart: unless-stopped
+    ports:
+      - "3478:3478/udp"  # STUN for DERP relay
+    volumes:
+      - ./headscale/config:/etc/headscale
+      - ./headscale/data:/var/lib/headscale
+    command: serve
+    networks:
+      - gitea
+      - traefik
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=traefik"
+      # HTTPS Configuration for /headscale subpath
+      - "traefik.http.routers.headscale.rule=Host(`bee8333.ddns.net`) && PathPrefix(`/headscale`)"
+      - "traefik.http.routers.headscale.entrypoints=websecure"
+      - "traefik.http.routers.headscale.tls.certresolver=letsencrypt"
+      - "traefik.http.services.headscale.loadbalancer.server.port=8080"
+      - "traefik.http.middlewares.headscale-stripprefix.stripprefix.prefixes=/headscale"
+      - "traefik.http.middlewares.headscale-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
+      - "traefik.http.routers.headscale.middlewares=headscale-stripprefix@docker,headscale-headers@docker"
+      # HTTP Configuration for HTTP -> HTTPS redirection
+      - "traefik.http.routers.headscale-http.rule=Host(`bee8333.ddns.net`) && PathPrefix(`/headscale`)"
+      - "traefik.http.routers.headscale-http.entrypoints=web"
+      - "traefik.http.routers.headscale-http.middlewares=https-redirect@docker"
+
   db:
     image: postgres:14
     container_name: gitea-db

headscale/config/config.yaml

@@ -0,0 +1,54 @@
+server_url: https://bee8333.ddns.net/headscale/
+listen_addr: 0.0.0.0:8080
+metrics_listen_addr: 127.0.0.1:9090
+grpc_listen_addr: 0.0.0.0:50443
+grpc_allow_insecure: false
+
+tls_cert_path: ""
+tls_key_path: ""
+
+private_key_path: /var/lib/headscale/private.key
+noise:
+  private_key_path: /var/lib/headscale/noise_private.key
+
+prefixes:
+  v4: 100.64.0.0/10
+  v6: fd7a:115c:a1e0::/48
+
+derp:
+  server:
+    enabled: true
+    region_id: 900
+    region_code: "homelab"
+    region_name: "Home Lab"
+    stun_listen_addr: "0.0.0.0:3478"
+    private_key_path: /var/lib/headscale/derp_server_private.key
+  urls:
+    - https://controlplane.tailscale.com/derpmap/default
+
+disable_check_updates: false
+ephemeral_node_inactivity_timeout: 30m
+database:
+  type: sqlite3
+  sqlite:
+    path: /var/lib/headscale/db.sqlite
+
+log:
+  format: text
+  level: info
+
+policy:
+  path: ""
+
+dns:
+  override_local_dns: true
+  nameservers:
+    global:
+      - 1.1.1.1
+      - 8.8.8.8
+  search_domains: []
+  magic_dns: true
+  base_domain: headscale.bee8333.local
+
+unix_socket: /var/run/headscale/headscale.sock
+unix_socket_permission: "0770"

immich-https.conf

@@ -0,0 +1,36 @@
+events {
+    worker_connections 1024;
+}
+
+http {
+    upstream immich {
+        server immich_server:2283;
+    }
+
+    server {
+        listen 443 ssl;
+        server_name bee8333.ddns.net;
+
+        # Self-signed SSL certificate (will be generated at startup)
+        ssl_certificate /etc/ssl/certs/immich.crt;
+        ssl_certificate_key /etc/ssl/private/immich.key;
+        ssl_protocols TLSv1.2 TLSv1.3;
+        ssl_ciphers HIGH:!aNULL:!MD5;
+
+        client_max_body_size 50000M;
+
+        # Direct proxy to Immich - NO subpath manipulation
+        location / {
+            proxy_pass http://immich;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto https;
+            
+            # WebSocket support for real-time features
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+        }
+    }
+} 

immich-nginx.conf

@@ -0,0 +1,49 @@
+events {
+    worker_connections 1024;
+}
+
+http {
+    upstream immich {
+        server immich_server:2283;
+    }
+
+    server {
+        listen 80;
+        server_name bee8333.ddns.net;
+
+        client_max_body_size 50000M;
+
+        # Main application - all requests go to Immich
+        location / {
+            proxy_pass http://immich;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            
+            # Critical headers for subpath handling
+            proxy_set_header X-Forwarded-Prefix /immich;
+            proxy_set_header X-Script-Name /immich;
+            
+            # WebSocket support for real-time features
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+            
+            # SPA support - handle client-side routing
+            proxy_intercept_errors on;
+            error_page 404 = @fallback;
+        }
+        
+        # Fallback for SPA routing
+        location @fallback {
+            proxy_pass http://immich;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header X-Forwarded-Prefix /immich;
+            proxy_set_header X-Script-Name /immich;
+        }
+    }
+}