From 9b41dbdcb2c810804417b9ffc4e74a7b3e534ac2 Mon Sep 17 00:00:00 2001 From: Daniel Weipert Date: Tue, 14 Nov 2023 13:33:14 +0100 Subject: initial commit --- Applications/Services/traefik/.env.example | 6 +++ Applications/Services/traefik/docker-compose.yml | 50 ++++++++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 Applications/Services/traefik/.env.example create mode 100644 Applications/Services/traefik/docker-compose.yml (limited to 'Applications') diff --git a/Applications/Services/traefik/.env.example b/Applications/Services/traefik/.env.example new file mode 100644 index 0000000..f68b9ba --- /dev/null +++ b/Applications/Services/traefik/.env.example @@ -0,0 +1,6 @@ +DOMAIN=traefik.example.org +ADMIN_USER=admin +ADMIN_PASSWORD=123456 +LETSENCRYPT_EMAIL=le@example.org +VOLUME_LETSENCRYPT=traefik-letsencrypt +NETWORK=traefik-public diff --git a/Applications/Services/traefik/docker-compose.yml b/Applications/Services/traefik/docker-compose.yml new file mode 100644 index 0000000..9a04d83 --- /dev/null +++ b/Applications/Services/traefik/docker-compose.yml @@ -0,0 +1,50 @@ +version: "3" + +services: + traefik: + image: traefik + container_name: "traefik" + restart: always + command: + #- "--log.level=DEBUG" + - "--api.insecure=true" + - "--entrypoints.web.address=:80" + - "--entrypoints.websecure.address=:443" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--certificatesresolvers.letsencrypt.acme.email=${LETSENCRYPT_EMAIL}" + - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json" + - "--certificatesresolvers.letsencrypt.acme.httpchallenge=true" + - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web" + ports: + - "80:80" + - "443:443" + labels: + - "traefik.enable=true" + # Dashboard + - "traefik.http.services.traefik.loadbalancer.server.port=8080" + - "traefik.http.routers.traefik.rule=Host(`${DOMAIN}`)" + - "traefik.http.routers.traefik.entrypoints=websecure" + - "traefik.http.routers.traefik.tls.certresolver=letsencrypt" + # Dashboard Auth + - "traefik.http.routers.traefik.middlewares=dashboardauth" + - "traefik.http.middlewares.dashboardauth.basicauth.users=${ADMIN_USER}:${ADMIN_PASSWORD}" + # HTTPS redirect + - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" + - "traefik.http.routers.http-catchall.entrypoints=web" + - "traefik.http.routers.http-catchall.middlewares=redirect-to-https@docker" + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + volumes: + - "/var/run/docker.sock:/var/run/docker.sock" + - "traefik-letsencrypt:/letsencrypt" + networks: + - traefik + +volumes: + traefik-letsencrypt: + name: "${VOLUME_LETSENCRYPT}" + +networks: + traefik: + name: "${NETWORK}" + external: true -- cgit v1.2.3