47 lines
2.1 KiB
YAML
47 lines
2.1 KiB
YAML
# ============================================================
|
|
# docker-compose.yml — WWTP Extreme Switch TLS 1.0 Proxy
|
|
# Deploy via Portainer → Stacks → Add Stack → paste this file
|
|
# ============================================================
|
|
#
|
|
# Port reference (4400 + last octet of switch IP):
|
|
# :4500 → 10.214.0.100 wwtp-offc-sw01 Plant Office
|
|
# :4501 → 10.214.0.101 wwtp-srvr-sw01 Server Room
|
|
# :4502 → 10.214.0.102 wwtp-ecb1-sw01 Elec Ctrl Bldg 1
|
|
# :4503 → 10.214.0.103 wwtp-head-sw01 Head Works
|
|
# :4504 → 10.214.0.104 wwtp-ecb2-sw01 Elec Ctrl Bldg 2
|
|
# :4505 → 10.214.0.105 wwtp-ags1-sw01 AGS Tank 1
|
|
# :4506 → 10.214.0.106 wwtp-ags2-sw01 AGS Tank 2
|
|
# :4507 → 10.214.0.107 wwtp-ags3-sw01 AGS Tank 3
|
|
# :4508 → 10.214.0.108 wwtp-coag-sw01 Coag & Buffer
|
|
# :4509 → 10.214.0.109 wwtp-reuse-sw01 Reuse
|
|
# :4510 → 10.214.0.110 wwtp-ecb3-sw01 Elec Ctrl Bldg 3
|
|
# :4511 → 10.214.0.111 wwtp-yard-sw01 Yard Drain
|
|
# :4512 → 10.214.0.112 wwtp-gate-sw01 Gate ← TESTED/WORKING
|
|
# :4513 → 10.214.0.113 wwtp-ecb1-sw02 Elec Ctrl Bldg 1
|
|
# :4514 → 10.214.0.114 wwtp-ecb2-sw02 Elec Ctrl Bldg 2
|
|
# :4515 → 10.214.0.115 wwtp-uv-sw01 UV
|
|
# :4516 → 10.214.0.116 wwtp-fitr-sw01 Filters
|
|
# :4517 → 10.214.0.117 wwtp-crn-sw01 Crane Room
|
|
# :4518 → 10.214.0.118 wwtp-bst-sw01 Beast
|
|
# :4519 → 10.214.0.119 wwtp-ecb3-sw02 Elec Ctrl Bldg 3
|
|
#
|
|
# Browser usage: https://192.168.16.130:<port>
|
|
# Accept the self-signed cert warning in your browser
|
|
# ============================================================
|
|
|
|
version: "3.8"
|
|
|
|
services:
|
|
stunnel-wwtp:
|
|
image: stunnel-wwtp:latest
|
|
container_name: stunnel-wwtp
|
|
restart: always
|
|
network_mode: host
|
|
# network_mode: host is used so stunnel can reach the
|
|
# 10.214.0.x switch subnet via the host's routing table.
|
|
# Without this, the container would be NAT'd and unable
|
|
# to route to the switches.
|
|
ports: []
|
|
# Ports are bound directly via host networking above —
|
|
# no explicit port mapping needed here.
|