From 35c9947204633be854ddeb4f73de7e86666be4e1 Mon Sep 17 00:00:00 2001
From: josedario87 <jodarioel87@gmail.com>
Date: Fri, 17 Oct 2025 05:04:30 -0600
Subject: [PATCH] fix

---
 docker-compose.yml | 177 ++++++++++++++++++++++-----------------------
 1 file changed, 85 insertions(+), 92 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 2989f1a..e9322ad 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,101 +1,94 @@
-version: "3.9"
+  version: "3.9"
 
-services:
-  radiusnucleo-node:
-    build:
-      context: .
-      dockerfile: node-api/Dockerfile
-    image: gitea.nucleoriofrio.com/nucleo000/radiusnucleo:latest
-    container_name: radiusnucleo-node-1
-    environment:
-      - VLAN_ID=2
-      - MAX_UP=10000000
-      - MAX_DOWN=10000000
-      - RADIUS_HOST=freeradius
-      - RADIUS_AUTH_PORT=1812
-      - RADIUS_SECRET=${RADIUS_SHARED_SECRET:-tamosbien}
-      - PGHOST=postgres
-      - PGPORT=5432
-      - PGDATABASE=radius
-      - PGUSER=radius
-      - PGPASSWORD=radius
-    networks:
-      - principal
-      - radiusnucleo_radius_net
-    labels:
-      # Habilitar Traefik
-      - "traefik.enable=true"
-      - "traefik.docker.network=principal"
+  services:
+    radiusnucleo-node:
+      build:
+        context: .
+        dockerfile: node-api/Dockerfile
+      image: gitea.nucleoriofrio.com/nucleo000/radiusnucleo:latest
+      container_name: radiusnucleo-node-1
+      environment:
+        - VLAN_ID=2
+        - MAX_UP=10000000
+        - MAX_DOWN=10000000
+        - RADIUS_HOST=freeradius
+        - RADIUS_AUTH_PORT=1812
+        - RADIUS_SECRET=${RADIUS_SHARED_SECRET:-tamosbien}
+        - PGHOST=postgres
+        - PGPORT=5432
+        - PGDATABASE=radius
+        - PGUSER=radius
+        - PGPASSWORD=radius
+      networks:
+        - principal
+        - radiusnucleo_radius_net
+      labels:
+        # Habilitar Traefik
+        - "traefik.enable=true"
+        - "traefik.docker.network=principal"
 
-      # Service - Puerto y configuraciones SSE (compartido por ambos routers)
-      - "traefik.http.services.wifi-nucleoriofrio-service.loadbalancer.server.port=3000"
-      - "traefik.http.services.wifi-nucleoriofrio-service.loadbalancer.passhostheader=true"
-      - "traefik.http.services.wifi-nucleoriofrio-service.loadbalancer.responseforwarding.flushinterval=1ms"
-      - "traefik.http.services.wifi-nucleoriofrio-service.loadbalancer.serverstransport=wifi-transport@docker"
+        # Service - Puerto y configuraciones SSE (compartido por ambos routers)
+        - "traefik.http.services.wifi-nucleoriofrio-service.loadbalancer.server.port=3000"
+        - "traefik.http.services.wifi-nucleoriofrio-service.loadbalancer.passhostheader=true"
+        - "traefik.http.services.wifi-nucleoriofrio-service.loadbalancer.responseforwarding.flushinterval=1ms"
+        - "traefik.http.services.wifi-nucleoriofrio-service.loadbalancer.serverstransport=wifi-transport@file"
 
-      # Router 1: Público (assets estáticos, manifest, icons) - SIN autenticación - ALTA PRIORIDAD
-      - "traefik.http.routers.wifi-nucleoriofrio-public.rule=Host(`wifi.nucleoriofrio.com`) && (PathPrefix(`/assets`) || PathPrefix(`/.well-known`) || PathPrefix(`/icons`) || Path(`/manifest.webmanifest`) || Path(`/favicon.ico`) || Path(`/vite.svg`))"
-      - "traefik.http.routers.wifi-nucleoriofrio-public.entrypoints=websecure"
-      - "traefik.http.routers.wifi-nucleoriofrio-public.tls.certresolver=letsencrypt"
-      - "traefik.http.routers.wifi-nucleoriofrio-public.service=wifi-nucleoriofrio-service"
-      - "traefik.http.routers.wifi-nucleoriofrio-public.priority=100"
-      - "traefik.http.routers.wifi-nucleoriofrio-public.middlewares=wifi-headers@docker"
+        # Router 1: Público (assets estáticos, manifest, icons) - SIN autenticación - ALTA PRIORIDAD
+        - "traefik.http.routers.wifi-nucleoriofrio-public.rule=Host(`wifi.nucleoriofrio.com`) && (PathPrefix(`/assets`) || PathPrefix(`/.well-known`) || PathPrefix(`/icons`) || Path(`/manifest.webmanifest`) ||Path(`/favicon.ico`) || Path(`/vite.svg`))"
+        - "traefik.http.routers.wifi-nucleoriofrio-public.entrypoints=websecure"
+        - "traefik.http.routers.wifi-nucleoriofrio-public.tls.certresolver=letsencrypt"
+        - "traefik.http.routers.wifi-nucleoriofrio-public.service=wifi-nucleoriofrio-service"
+        - "traefik.http.routers.wifi-nucleoriofrio-public.priority=100"
+        - "traefik.http.routers.wifi-nucleoriofrio-public.middlewares=wifi-headers@docker"
 
-      # Router 2: Principal (todo lo demás) - CON autenticación - BAJA PRIORIDAD
-      - "traefik.http.routers.wifi-nucleoriofrio.rule=Host(`wifi.nucleoriofrio.com`)"
-      - "traefik.http.routers.wifi-nucleoriofrio.entrypoints=websecure"
-      - "traefik.http.routers.wifi-nucleoriofrio.tls.certresolver=letsencrypt"
-      - "traefik.http.routers.wifi-nucleoriofrio.service=wifi-nucleoriofrio-service"
-      - "traefik.http.routers.wifi-nucleoriofrio.priority=10"
-      - "traefik.http.routers.wifi-nucleoriofrio.middlewares=authentik-forward-auth@file,wifi-headers@docker"
+        # Router 2: Principal (todo lo demás) - CON autenticación - BAJA PRIORIDAD
+        - "traefik.http.routers.wifi-nucleoriofrio.rule=Host(`wifi.nucleoriofrio.com`)"
+        - "traefik.http.routers.wifi-nucleoriofrio.entrypoints=websecure"
+        - "traefik.http.routers.wifi-nucleoriofrio.tls.certresolver=letsencrypt"
+        - "traefik.http.routers.wifi-nucleoriofrio.service=wifi-nucleoriofrio-service"
+        - "traefik.http.routers.wifi-nucleoriofrio.priority=10"
+        - "traefik.http.routers.wifi-nucleoriofrio.middlewares=authentik-forward-auth@file,wifi-headers@docker"
 
-      # Middleware: wifi-headers
-      - "traefik.http.middlewares.wifi-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
-      - "traefik.http.middlewares.wifi-headers.headers.customrequestheaders.X-Forwarded-Scheme=https"
+        # Middleware: wifi-headers
+        - "traefik.http.middlewares.wifi-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
+        - "traefik.http.middlewares.wifi-headers.headers.customrequestheaders.X-Forwarded-Scheme=https"
 
-      # ServersTransport para SSE/WebSocket
-      - "traefik.http.serverstransports.wifi-transport.servername=radiusnucleo-node-1"
-      - "traefik.http.serverstransports.wifi-transport.insecureskipverify=false"
-      - "traefik.http.serverstransports.wifi-transport.forwardingtimeouts.dialtimeout=30s"
-      - "traefik.http.serverstransports.wifi-transport.forwardingtimeouts.responseheadertimeout=0s"
-      - "traefik.http.serverstransports.wifi-transport.forwardingtimeouts.idleconntimeout=90s"
+    freeradius:
+      build: ./freeradius
+      image: gitea.nucleoriofrio.com/nucleo000/radiusnucleo-freeradius:latest
+      depends_on:
+        - radiusnucleo-node
+        - postgres
+      restart: unless-stopped
+      ports:
+        - "1812:1812/udp"
+        - "1813:1813/udp"
+        - "3799:3799/udp"
+      environment:
+        - RADIUS_CLIENTS_CIDR=${RADIUS_CLIENTS_CIDR:-192.168.87.0/24}
+        - RADIUS_SHARED_SECRET=${RADIUS_SHARED_SECRET:-tamosbien}
+      networks:
+        - radiusnucleo_radius_net
+        - principal
 
-  freeradius:
-    build: ./freeradius
-    image: gitea.nucleoriofrio.com/nucleo000/radiusnucleo-freeradius:latest
-    depends_on:
-      - radiusnucleo-node
-      - postgres
-    restart: unless-stopped
-    ports:
-      - "1812:1812/udp"
-      - "1813:1813/udp"
-      - "3799:3799/udp"
-    environment:
-      - RADIUS_CLIENTS_CIDR=${RADIUS_CLIENTS_CIDR:-192.168.87.0/24}
-      - RADIUS_SHARED_SECRET=${RADIUS_SHARED_SECRET:-tamosbien}
-    networks:
-      - radiusnucleo_radius_net
-      - principal
+    postgres:
+      image: postgres:16-alpine
+      environment:
+        - POSTGRES_DB=radius
+        - POSTGRES_USER=radius
+        - POSTGRES_PASSWORD=radius
+      volumes:
+        - postgres_data:/var/lib/postgresql/data
+        - ./postgres/init:/docker-entrypoint-initdb.d:ro
+      networks:
+        - radiusnucleo_radius_net
+        - principal
 
-  postgres:
-    image: postgres:16-alpine
-    environment:
-      - POSTGRES_DB=radius
-      - POSTGRES_USER=radius
-      - POSTGRES_PASSWORD=radius
-    volumes:
-      - postgres_data:/var/lib/postgresql/data
-      - ./postgres/init:/docker-entrypoint-initdb.d:ro
-    networks:
-      - radiusnucleo_radius_net
-      - principal
+  networks:
+    principal:
+      external: true
+    radiusnucleo_radius_net:
+      external: true
 
-networks:
-  principal:
-    external: true
-  radiusnucleo_radius_net:
-    external: true
-
-volumes:
-  postgres_data:
+  volumes:
+    postgres_data: