-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.reverse-proxy.yml
39 lines (36 loc) · 1.73 KB
/
docker-compose.reverse-proxy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
services:
reverse-proxy:
image: traefik:latest
command:
- '--providers.docker=true'
- '--providers.docker.exposedbydefault=false'
- '--entrypoints.websecure.address=:443'
- '--certificatesresolvers.myresolver.acme.tlsChallenge=true'
- '--certificatesresolvers.myresolver.acme.email=${RPROXY_LETS_ENCRYPT_EMAIL}'
- '--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json'
# uncomment for debugging
# - '--log.level=DEBUG'
# uncomment to issue test cert instead of real cert
# - '--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory'
# uncomment for dashboard
# - '--api.insecure=true'
ports:
- '443:443'
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- type: bind
source: ${PWD}/letsencrypt
target: /letsencrypt
mgmt-server:
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.mgmt-server.rule=Host(`${RPROXY_HOST}`)'
- 'traefik.http.routers.mgmt-server.entrypoints=websecure'
- 'traefik.http.routers.mgmt-server.service=mgmt-server-service'
- 'traefik.http.routers.mgmt-server.tls.certresolver=myresolver'
- 'traefik.http.services.mgmt-server-service.loadbalancer.server.port=${MGMT_SERVER_PORT}'
- 'traefik.http.routers.mgmt-server-ws.rule=Host(`${RPROXY_HOST}`) && PathPrefix(`/operation/`)'
- 'traefik.http.routers.mgmt-server-ws.entrypoints=websecure'
- 'traefik.http.routers.mgmt-server-ws.service=mgmt-server-ws-service'
- 'traefik.http.routers.mgmt-server-ws.tls.certresolver=myresolver'
- 'traefik.http.services.mgmt-server-ws-service.loadbalancer.server.port=${MGMT_SERVER_WS_PORT}'