Add ttyd

remote/ttyd/.env.example

@@ -0,0 +1,6 @@
+DOMAIN_NAME=
+SUBDOMAIN=
+TAG=
+GENERIC_TIMEZONE=
+IP_ADDRESS=
+TERM=xterm-256color

remote/ttyd/Dockerfile

@@ -0,0 +1,20 @@
+FROM tsl0922/ttyd:alpine
+
+# Install ping and ssh client
+RUN apk update && apk add --no-cache \
+    iputils \
+    openssh-client \
+    curl \
+    bind-tools \
+    bash-completion \
+    coreutils
+
+RUN rm -rf /var/cache/apk/*
+
+RUN addgroup -g 1000 ttyd && \
+    adduser -D -u 1000 -G ttyd tty
+
+USER 1000:1000
+
+# Set default command to start ttyd with bash
+CMD ["ttyd", "/bin/bash"]

remote/ttyd/compose.yml

@@ -0,0 +1,45 @@
+services:
+  ttyd:
+    build:
+      context: .
+      network: host
+    image: ttyd:alpine
+    container_name: ttyd
+    hostname: ttyd
+    restart: unless-stopped
+    command: ["ttyd", "-W", "-o", "-u", "1000", "-g", "1000", "bash"]
+    stdin_open: true
+    tty: true
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.$SUBDOMAIN.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
+      - traefik.http.routers.$SUBDOMAIN.tls=true
+      - traefik.http.routers.$SUBDOMAIN.entrypoints=web,websecure
+      - traefik.http.routers.$SUBDOMAIN.tls.certresolver=cloudflare
+      - traefik.http.middlewares.$SUBDOMAIN.headers.SSLRedirect=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.STSSeconds=315360000
+      - traefik.http.middlewares.$SUBDOMAIN.headers.browserXSSFilter=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.contentTypeNosniff=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.forceSTSHeader=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.SSLHost=${DOMAIN_NAME}
+      - traefik.http.middlewares.$SUBDOMAIN.headers.STSIncludeSubdomains=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.STSPreload=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.frameDeny=true
+      - traefik.http.routers.$SUBDOMAIN.middlewares=authentik-forwardauth@docker
+      # - traefik.http.routers.$SUBDOMAIN.middlewares=$SUBDOMAIN@docker
+      - traefik.http.services.$SUBDOMAIN.loadbalancer.server.port=7681
+      - traefik.docker.network=jump
+    env_file:
+      - .env
+    # volumes:
+    networks:
+      jump:
+      lan:
+        ipv4_address: $IP_ADDRESS
+    user: "1000:1000"
+# volumes:
+networks:
+  jump:
+    external: true
+  lan:
+    external: true