From b661ff1db73f71e119a23c83367ade3df0a8fc6b Mon Sep 17 00:00:00 2001
From: Doug Masiero <doug@moeny.ai>
Date: Fri, 23 May 2025 11:00:09 -0400
Subject: [PATCH] Init running

---
 docker-compose.yaml | 59 +++++++++++++++++++++++++++++++++++++++++++++
 traefik.yml         | 15 ++++++++++++
 2 files changed, 74 insertions(+)
 create mode 100644 docker-compose.yaml
 create mode 100644 traefik.yml

diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 0000000..62b8a21
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,59 @@
+services:
+  traefik:
+    image: traefik:v2.10
+    restart: always
+    networks:
+      - seq_default
+    command:
+      - --api.insecure=false
+      - --providers.docker=true
+      - --providers.docker.exposedbydefault=false
+      - --entrypoints.web.address=:80
+      - --entrypoints.web.http.redirections.entryPoint.to=https
+      - --entrypoints.web.http.redirections.entryPoint.scheme=https
+      - --entrypoints.https.address=:443
+      - --certificatesresolvers.le_seq.acme.dnschallenge=true
+      - --certificatesresolvers.le_seq.acme.dnschallenge.provider=rfc2136
+      - --certificatesresolvers.le_seq.acme.dnschallenge.resolvers=8.8.8.8,8.8.4.4
+      - --certificatesresolvers.le_seq.acme.email=seq.letsencrypt@moeny.ai
+      - --certificatesresolvers.le_seq.acme.storage=/letsencrypt/acme.json
+      - --log.level=DEBUG
+    environment:
+      - RFC2136_TSIG_KEY=${TSIG_KEY}
+      - RFC2136_TSIG_SECRET=${TSIG_SECRET}
+      - RFC2136_NAMESERVER=${DNS_SERVER}
+      - RFC2136_ZONE=${DNS_ZONE}
+      - RFC2136_TSIG_ALGORITHM=hmac-sha256
+      - RFC2136_DEBUG=true
+      - RFC2136_TIMEOUT=60
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - traefik_moeny_seq:/letsencrypt:rw
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+  seq:
+    image: datalust/seq
+    container_name: seq
+    restart: always
+    networks:
+      - seq_default
+    environment:
+      - ACCEPT_EULA=Y
+      - SEQ_API_CANONICALURI=https://seq.moeny.ai
+      - SEQ_FIRSTRUN_ADMINPASSWORDHASH=${SEQ_ADMIN_PASSWORD_HASH}
+    volumes:
+      - ./data:/data
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.seq.rule=Host(`seq.moeny.ai`)"
+      - "traefik.http.routers.seq.entrypoints=https"
+      - "traefik.http.routers.seq.tls.certresolver=le_seq"
+      - "traefik.http.services.seq.loadbalancer.server.port=80"
+
+volumes:
+  traefik_moeny_seq: { driver: local }
+
+networks:
+  seq_default:
+    name: seq_default
diff --git a/traefik.yml b/traefik.yml
new file mode 100644
index 0000000..f04f43f
--- /dev/null
+++ b/traefik.yml
@@ -0,0 +1,15 @@
+log:
+  level: INFO
+api:
+  insecure: true
+entryPoints:
+  web:
+    address: ":80"
+  websecure:
+    address: ":443"
+providers:
+  docker:
+    exposedByDefault: false
+  file:
+    directory: /etc/traefik/conf
+    watch: true