ei/mtg - Gitea: Git with a cup of tea

目錄樹: 22b207f422

作者	SHA1	備註	提交日期
Alexey Dolotov	3d0899dcca	contrib/sni-router: split MTG_SECRET assignment from envsubst in examples `MTG_SECRET=<placeholder> envsubst < ...` was shell-broken on literal copy-paste — bash parses `<placeholder>` as redirection from a non-existent file. Two-line `export MTG_SECRET=...` + plain envsubst form removes the ambiguity. Applies to README, docker-compose.yml, and the .example header.	1 月之前
Alexey Dolotov	3fc3e51e47	contrib/sni-router: render mtg-config.toml from a tracked .example Track `mtg-config.toml.example` with `secret = "${MTG_SECRET}"`; the rendered `mtg-config.toml` and local `.env` are gitignored, so the secret never lands in a tracked file. Quick start switches from "paste the secret into mtg-config.toml" to either `envsubst < mtg-config.toml.example > mtg-config.toml` or `cp` + hand-edit `${MTG_SECRET}` for users without envsubst. After #502 made DOMAIN env-driven, the secret was the last hand-edit of a tracked file in the example. Follow-up to #506.	1 月之前
Andrey Butirsky	01b1fa4b56	fixup docker-compose: add :master tag and comment	1 月之前
Andrey Butirsky	224b1d1f0d	compose: fix non-functional 'host' option Fix #512	1 月之前
Alexey Dolotov	b293a33d99	contrib/sni-router: switch env alias to merge key Lets downstreams add per-service env vars (e.g. HOST for Caddy's Dynu DNS-01 challenge) without breaking the shared DOMAIN alias.	1 月之前
Alexey Dolotov	f90f415c92	contrib/sni-router: deduplicate DOMAIN env via YAML anchor	1 月之前
Alexey Dolotov	1606afe3b1	contrib/sni-router: read $DOMAIN from env in haproxy.cfg Closes #501. Before: the SNI hostname had to be edited in haproxy.cfg, plus DOMAIN had to be set in .env for Caddy. Two places to keep in sync. After: DOMAIN is the single source — set it once in .env (or export), docker-compose forwards it into both haproxy and caddy containers, and HAProxy interpolates ${DOMAIN} into the SNI ACL at startup. mtg-config.toml's secret still embeds the domain in its bytes (generated once with `mtg generate-secret <domain>`), so that one remains a one-time edit at install — the README is updated to reflect this. HAProxy has supported environment-variable substitution in config strings since 1.6.	1 月之前
Andrey Butirsky	faaa75612f	compose: mtg: add hostname for host access from container Might be needed for local chained proxy setup.	1 月之前
Andrey Butirsky	d87f91fe8c	add support for unprivileged podman container Fix SELinux-related permission denied error for containerized apps reading configs exposed via volumes. Also make it possible to use port 80 in the fronted.	1 月之前
dolonet	d0412b21f6	Fix ACME HTTP-01 passthrough in HAProxy config Add an ACL that routes /.well-known/acme-challenge/ requests on :80 to Caddy instead of redirecting to HTTPS, so Let's Encrypt certificate issuance works out of the box. Also simplify Caddyfile to use Caddy's http_port/https_port directives.	2 月之前
dolonet	0c1d001949	Add docker-compose example with HAProxy SNI router Turnkey deployment: HAProxy on :443 peeks at the TLS SNI and routes Telegram clients to mtg while forwarding everything else (including DPI probes) to a real Caddy web server with automatic HTTPS. This is the setup recommended in BEST_PRACTICES.md, packaged so that operators can clone and run it with minimal configuration. Refs: #458	2 月之前

13 次程式碼提交 (22b207f422f851a2107440ea64ffa626fbdaae84)