-
Notifications
You must be signed in to change notification settings - Fork 1
/
docker-compose.traefik.yml
48 lines (47 loc) · 2.06 KB
/
docker-compose.traefik.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
services:
reverse-proxy:
# The official v2 Traefik docker image
image: traefik:v2.3
# Enables the web UI and tells Traefik to listen to docker
ports:
# The HTTP port
- "80:80"
- "443:443"
volumes:
# So that Traefik can listen to the Docker events
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./traefik/:/traefik/"
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker
- --api
- --providers.docker.exposedbydefault=false
- "--certificatesresolvers.cloudflare.acme.dnschallenge=true"
- "--certificatesresolvers.cloudflare.acme.dnschallenge.provider=cloudflare"
- "--certificatesresolvers.cloudflare.acme.email=${ACME_EMAIL_ADDRESS}"
- "--certificatesresolvers.cloudflare.acme.storage=/traefik/acme.json"
#- "--log.level=DEBUG"
#- "--certificatesresolvers.cloudflare.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
labels:
- traefik.enable=true
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
- "traefik.http.routers.traefik.rule=Host(`${TRAEFIK_HOSTNAME}`)"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.middlewares=admin"
- "traefik.http.middlewares.admin.basicauth.usersfile=/traefik/passwords"
- "traefik.http.routers.traefik.entrypoints=websecure"
- "traefik.http.routers.traefik.tls.certresolver=cloudflare"
environment:
- "CF_DNS_API_TOKEN=$CF_DNS_API_TOKEN"
restart: always
app:
labels:
- traefik.enable=true
- "traefik.http.routers.app.rule=Host(`${APPLICATION_HOSTNAME}`)"
- traefik.http.services.app.loadbalancer.server.port=3000
- traefik.http.routers.app.entrypoints=websecure
- traefik.http.routers.app.tls.certresolver=cloudflare