diff --git a/services/changedetection/.env b/services/changedetection/.env new file mode 100644 index 0000000..075d2d1 --- /dev/null +++ b/services/changedetection/.env @@ -0,0 +1,8 @@ +#version=1.0 +#url=https://github.com/2Tiny2Scale/tailscale-docker-sidecar-configs +#COMPOSE_PROJECT_NAME= // only use in multiple deployments on the same infra +SERVICE=changedetection +IMAGE_URL=ghcr.io/dgtlmoon/changedetection.io +SERVICEPORT=5000 +TS_AUTHKEY= //Insert Tailscale key here from the Admin Portal +DNS_SERVER=1.1.1.1 diff --git a/services/changedetection/README.md b/services/changedetection/README.md new file mode 100644 index 0000000..3f6b9e1 --- /dev/null +++ b/services/changedetection/README.md @@ -0,0 +1,11 @@ +# ChangeDetection.io with Tailscale Sidecar Configuration + +This Docker Compose configuration sets up [ChangeDetection.io](https://github.com/dgtlmoon/changedetection.io) with Tailscale as a sidecar container to securely monitor and access website changes over a private Tailscale network. By using Tailscale in a sidecar configuration, you can ensure that your ChangeDetection.io instance is only accessible within your Tailscale network, providing enhanced security and privacy. + +## ChangeDetection.io + +[ChangeDetection.io](https://github.com/dgtlmoon/changedetection.io) is an open-source tool for tracking changes on websites. Whether monitoring prices, content updates, or new product launches, it provides an easy-to-use interface for tracking and alerting you to changes. By integrating Tailscale, you can securely connect to your ChangeDetection.io instance, ensuring that your sensitive tracking information and alerts are protected from unauthorized access. + +## Configuration Overview + +In this setup, the `tailscale-changedetection` service runs Tailscale, which manages secure networking for the ChangeDetection.io service. The `changedetection` service uses the Tailscale network stack via Docker's `network_mode: service:` configuration. This setup ensures that ChangeDetection.io’s web interface is only accessible through the Tailscale network (or locally, if preferred), adding an extra layer of security and privacy to your website monitoring setup. diff --git a/services/changedetection/config/serve.json b/services/changedetection/config/serve.json new file mode 100644 index 0000000..a1f9ffd --- /dev/null +++ b/services/changedetection/config/serve.json @@ -0,0 +1,16 @@ +{ + "TCP": { + "443": { + "HTTPS": true + } + }, + "Web": { + "${TS_CERT_DOMAIN}:443": { + "Handlers": { + "/": { + "Proxy": "http://127.0.0.1:5000" + } + } + } + } +} diff --git a/services/changedetection/docker-compose.yml b/services/changedetection/docker-compose.yml new file mode 100644 index 0000000..fa316d9 --- /dev/null +++ b/services/changedetection/docker-compose.yml @@ -0,0 +1,53 @@ +services: +# Make sure you have updated/checked the .env file with the correct variables. +# All the ${ xx } need to be defined there. + # Tailscale Sidecar Configuration + tailscale: + image: tailscale/tailscale:latest # Image to be used + container_name: ${SERVICE} # Name for local container management + hostname: ${SERVICE} # Name used within your Tailscale environment + environment: + - TS_AUTHKEY=${TS_AUTHKEY} + - TS_STATE_DIR=/var/lib/tailscale + - TS_SERVE_CONFIG=/config/serve.json # Tailsacale Serve configuration to expose the web interface on your local Tailnet - remove this line if not required + - TS_USERSPACE=false + volumes: + - ${PWD}/${SERVICE}/ts/config:/config # Config folder used to store Tailscale files - you may need to change the path + - ${PWD}/${SERVICE}/ts/state:/var/lib/tailscale # Tailscale requirement - you may need to change the path + - /dev/net/tun:/dev/net/tun # Network configuration for Tailscale to work + cap_add: + - net_admin # Tailscale requirement + - sys_module # Tailscale requirement + #ports: + # - 0.0.0.0:${SERVICEPORT}:${SERVICEPORT} # Binding port ${SERVICE}PORT to the local network - may be removed if only exposure to your Tailnet is required + # If any DNS issues arise, use your preferred DNS provider by uncommenting the config below + # dns: + # - ${DNS_SERVER} + healthcheck: + test: ["CMD", "tailscale", "status"] # Check if Tailscale is running + interval: 1m # How often to perform the check + timeout: 10s # Time to wait for the check to succeed + retries: 3 # Number of retries before marking as unhealthy + start_period: 10s # Time to wait before starting health checks + restart: always + + # ${SERVICE} + application: + image: ${IMAGE_URL} # Image to be used + network_mode: service:tailscale # Sidecar configuration to route ${SERVICE} through Tailscale + container_name: app-${SERVICE} # Name for local container management + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/Amsterdam + volumes: + - ${PWD}/${SERVICE}/datastore:/datastore + depends_on: + - tailscale + healthcheck: + test: ["CMD", "pgrep", "-f", "${SERVICE}"] # Check if ${SERVICE} process is running + interval: 1m # How often to perform the check + timeout: 10s # Time to wait for the check to succeed + retries: 3 # Number of retries before marking as unhealthy + start_period: 30s # Time to wait before starting health checks + restart: always \ No newline at end of file