updated bash_aliases for socket_proxy. Added socket_proxy. Moved sens…

…itve information to secrets. Added watchtower to obsolete.

.bash_aliases.example

@@ -18,7 +18,7 @@ alias fixsecrets='sudo chown -R root:root /home/USER/docker/secrets ; sudo chmod
 alias 1down='cd /home/USER/docker ; dcdown1v ; dcdown1'
 alias 1up='cd /home/USER/docker ; sudo docker network create t1_proxy ; dcrec1 plexms ; dcup1 ; dcup1v'
 alias 2down='cd /home/USER/docker ; dcdown2v ; dcdown2'
-alias 2up='cd /home/USER/docker ; sudo docker network create --gateway 192.168.90.1 --subnet 192.168.90.0/24 t2_proxy ; dcrec2 plexms ; dcup2 ; dcup2v'
+alias 2up='cd /home/USER/docker ; sudo docker network create --gateway 192.168.91.1 --subnet 192.168.91.0/24 socket_proxy ; sudo docker network create --gateway 192.168.90.1 --subnet 192.168.90.0/24 t2_proxy ; dcrec2 plexms ; dcup2 ; dcup2v'
 
 # DOCKER TRAEFIK 1
 alias dcrun1='cd /home/USER/docker ; sudo docker-compose -f /home/USER/docker/docker-compose-t1.yml '
@@ -92,4 +92,4 @@ alias servicestart='sudo synoservicecfg --start'
 alias servicehstart='sudo synoservicecfg --hard-start'
 alias servicerestart='sudo synoservice --restart'
 alias servicerestart2='sudo synoservicectl --restart'
-alias restartdocker='sudo synoservice --restart pkgctl-Docker'
+alias restartdocker='sudo synoservice --restart pkgctl-Docker'

CHANGELOG.md

@@ -4,11 +4,15 @@
 
 ## Planned:
 
-- Add projectsend, embystat, nextcloud, nut-upsd, HealthChecks, FileRun, smtp-to-telegram, fail2ban
-- tecnative docker proxy
+- Add projectsend, embystat, nextcloud, nut-upsd, HealthChecks, FileRun, smtp-to-telegram, fail2ban, ofelia
 - traefik custom error pages https://github.com/guillaumebriday/traefik-custom-error-pages
 - improvements from https://github.com/jamescurtin/traefik-proxy
-- implement secrets
+- implement secrets and remove variables from .env
+- Replace Ouroboros (stopped development + requires POST permissions on Socket Proxy) with Watchtower
+
+## July 22, 2020
+
+- Implemented socket proxy - Traefik, Portainer, Dozzle, Glances, cf-Companion, Docker-GC, WatchTower. Exception: ha-dockermon.
 
 ## July 16, 2020
 
@@ -17,7 +21,7 @@
 - Partially implemented Docker secrets
 - passHostHeader is true by default. Removed from rules.
 - Moved from toml to yml. Included examples for both in repo.
-- Added $SECRETSDIR env variable
+- Added \$SECRETSDIR env variable
 - Expanded bash_aliases
 
 ## July 14, 2020

docker-compose-t2-obsolete.yml

@@ -291,3 +291,34 @@ services:
       ## HTTP Services
       - "traefik.http.routers.homeassistant-rtr.service=homeassistant-svc"
       - "traefik.http.services.homeassistant-svc.loadbalancer.server.port=8123"
+
+  # Watchtower - Automatic Docker Container Updates
+  # creating config.json https://github.com/containrrr/watchtower/issues/99
+  watchtower:
+    image: containrrr/watchtower
+    container_name: watchtower
+    restart: unless-stopped
+    networks:
+      - socket_proxy
+      - t2_proxy
+    # depends_on:
+    #  - socket-proxy
+    volumes:
+      # - /var/run/docker.sock:/var/run/docker.sock # Use Docker Socket Proxy instead for improved security
+      - $DOCKERDIR/watchtower/config.json:/config.json # Only needed for private registries
+    environment:
+      - TZ=$TZ
+      # - WATCHTOWER_CLEANUP=true # Cleanup old images
+      - DOCKER_HOST=tcp://socket-proxy:2375
+      # - WATCHTOWER_INCLUDE_STOPPED=false
+      - WATCHTOWER_NOTIFICATIONS_LEVEL=info # panic, fatal, error, warn, info (default), debug or trace
+      # - WATCHTOWER_POLL_INTERVAL=60 # 1 week in seconds 604800
+      # - WATCHTOWER_SCHEDULE=0 0 1 * * SUN # Every Sunday at 1 am
+      - WATCHTOWER_RUN_ONCE=true
+      - WATCHTOWER_MONITOR_ONLY=true
+      # - WATCHTOWER_LABEL_ENABLE=true
+      - WATCHTOWER_DEBUG=true
+      # - WATCHTOWER_NOTIFICATIONS=shoutrrr
+      # - WATCHTOWER_NOTIFICATION_URL="telegram://$TGRAM_BOT_TOKEN@$TGRAM_CHAT_ID"
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true" # Add this to services to enable updates