Add ttyd

remote/ttyd/compose.yml

@@ -0,0 +1,45 @@
+services:
+  ttyd:
+    build:
+      context: .
+      network: host
+    image: ttyd:alpine
+    container_name: ttyd
+    hostname: ttyd
+    restart: unless-stopped
+    command: ["ttyd", "-W", "-o", "-u", "1000", "-g", "1000", "bash"]
+    stdin_open: true
+    tty: true
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.$SUBDOMAIN.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
+      - traefik.http.routers.$SUBDOMAIN.tls=true
+      - traefik.http.routers.$SUBDOMAIN.entrypoints=web,websecure
+      - traefik.http.routers.$SUBDOMAIN.tls.certresolver=cloudflare
+      - traefik.http.middlewares.$SUBDOMAIN.headers.SSLRedirect=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.STSSeconds=315360000
+      - traefik.http.middlewares.$SUBDOMAIN.headers.browserXSSFilter=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.contentTypeNosniff=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.forceSTSHeader=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.SSLHost=${DOMAIN_NAME}
+      - traefik.http.middlewares.$SUBDOMAIN.headers.STSIncludeSubdomains=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.STSPreload=true
+      - traefik.http.middlewares.$SUBDOMAIN.headers.frameDeny=true
+      - traefik.http.routers.$SUBDOMAIN.middlewares=authentik-forwardauth@docker
+      # - traefik.http.routers.$SUBDOMAIN.middlewares=$SUBDOMAIN@docker
+      - traefik.http.services.$SUBDOMAIN.loadbalancer.server.port=7681
+      - traefik.docker.network=jump
+    env_file:
+      - .env
+    # volumes:
+    networks:
+      jump:
+      lan:
+        ipv4_address: $IP_ADDRESS
+    user: "1000:1000"
+# volumes:
+networks:
+  jump:
+    external: true
+  lan:
+    external: true