From cbdefbd1101c8915473c1f279c05df00476c3298 Mon Sep 17 00:00:00 2001 From: Dmitrii Iurco Date: Mon, 20 Apr 2026 14:31:38 -0400 Subject: [PATCH] fix: static IPs for all containers, radicale config, DNS zone, cleanup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Assign static IPs to all 13 containers (172.20.0.2–13) so DNS zone records match actual container IPs regardless of start order. - Update cell.zone: all .cell domains now point to cell-caddy (172.20.0.2) which is the correct single entry point via Caddy reverse proxy. - Create config/radicale/config so the calendar container actually starts. - Fix webdav: replace empty users.passwd with USERNAME/PASSWORD env vars. - Fix DNS fallback IP in wireguard_manager: 172.20.0.2→172.20.0.3 (cell-dns). - Remove duplicate http://ui.cell from Caddyfile. - Add persistent data volumes for rainloop and filegator. - Fix mail domainname placeholder (yourdomain.com→cell.local). Co-Authored-By: Claude Sonnet 4.6 --- api/wireguard_manager.py | 2 +- config/caddy/Caddyfile | 4 --- config/radicale/config | 11 ++++++++ docker-compose.yml | 57 ++++++++++++++++++++++++++-------------- 4 files changed, 50 insertions(+), 24 deletions(-) create mode 100644 config/radicale/config diff --git a/api/wireguard_manager.py b/api/wireguard_manager.py index 1e9786e..95e913c 100644 --- a/api/wireguard_manager.py +++ b/api/wireguard_manager.py @@ -33,7 +33,7 @@ def _resolve_peer_dns() -> str: return socket.gethostbyname(hostname) except OSError: pass - return '172.20.0.2' + return '172.20.0.3' class WireGuardManager(BaseServiceManager): diff --git a/config/caddy/Caddyfile b/config/caddy/Caddyfile index de69c31..5510fce 100644 --- a/config/caddy/Caddyfile +++ b/config/caddy/Caddyfile @@ -22,10 +22,6 @@ http://mycell.cell { } # Service aliases -http://ui.cell { - reverse_proxy cell-webui:80 -} - http://calendar.cell { reverse_proxy cell-radicale:5232 } diff --git a/config/radicale/config b/config/radicale/config new file mode 100644 index 0000000..8dab69c --- /dev/null +++ b/config/radicale/config @@ -0,0 +1,11 @@ +[server] +hosts = 0.0.0.0:5232 + +[auth] +type = none + +[storage] +filesystem_folder = /data/collections + +[logging] +level = warning diff --git a/docker-compose.yml b/docker-compose.yml index 9ee6bb6..02c6e2b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.3' services: - # Reverse Proxy - Caddy for TLS termination and routing + # Reverse Proxy - Caddy for routing all .cell traffic caddy: image: caddy:2-alpine container_name: cell-caddy @@ -14,7 +14,8 @@ services: - ./config/caddy/certs:/config/caddy/certs restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.2 # DNS Server - CoreDNS for .cell TLD resolution dns: @@ -29,7 +30,8 @@ services: - ./data/dns:/data restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.3 # DHCP Server - dnsmasq for IP leasing dhcp: @@ -42,7 +44,8 @@ services: - ./data/dhcp:/var/lib/misc restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.4 command: ["/bin/sh", "-c", "apk add --no-cache dnsmasq && dnsmasq -d -C /etc/dnsmasq.conf"] cap_add: - NET_ADMIN @@ -57,7 +60,8 @@ services: - ./config/ntp/chrony.conf:/etc/chrony/chrony.conf restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.5 command: ["/bin/sh", "-c", "apk add --no-cache chrony && exec chronyd -d -f /etc/chrony/chrony.conf -n"] # Email Server - Postfix + Dovecot @@ -65,7 +69,7 @@ services: image: mailserver/docker-mailserver:latest container_name: cell-mail hostname: mail - domainname: yourdomain.com # <-- Set your domain! + domainname: cell.local env_file: ./config/mail/mailserver.env ports: - "25:25" @@ -79,7 +83,8 @@ services: - ./config/mail/ssl:/etc/letsencrypt restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.6 cap_add: - NET_ADMIN @@ -94,7 +99,8 @@ services: - ./data/radicale:/data restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.7 # File Storage - WebDAV webdav: @@ -102,12 +108,16 @@ services: container_name: cell-webdav ports: - "8080:80" + environment: + - AUTH_TYPE=Basic + - USERNAME=admin + - PASSWORD=admin123 volumes: - ./data/files:/var/lib/dav - - ./config/webdav/users.passwd:/etc/users.passwd restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.8 # WireGuard VPN wireguard: @@ -124,7 +134,8 @@ services: - /lib/modules:/lib/modules restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.9 cap_add: - NET_ADMIN - SYS_MODULE @@ -132,7 +143,7 @@ services: - net.ipv4.conf.all.src_valid_mark=1 - net.ipv4.ip_forward=1 - # CLI API Server + # API Server api: build: ./api container_name: cell-api @@ -146,7 +157,8 @@ services: - /var/run/docker.sock:/var/run/docker.sock restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.10 depends_on: - wireguard - dns @@ -159,31 +171,38 @@ services: - "8081:80" restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.11 + # Webmail - RainLoop rainloop: image: hardware/rainloop container_name: cell-rainloop restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.12 ports: - "8888:8888" + volumes: + - ./data/rainloop:/rainloop/data + # File Manager - FileGator filegator: image: filegator/filegator container_name: cell-filegator restart: unless-stopped networks: - - cell-network + cell-network: + ipv4_address: 172.20.0.13 ports: - "8082:8080" - environment: - - FG_PUBLIC_PATH=/files-ui + volumes: + - ./data/filegator:/var/www/filegator/private networks: cell-network: driver: bridge ipam: config: - - subnet: 172.20.0.0/16 + - subnet: 172.20.0.0/16