-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose-prod.yml
60 lines (56 loc) · 2.32 KB
/
docker-compose-prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
services:
traefik:
image: "traefik:v3.1"
container_name: "traefik"
command:
#- "--log.level=DEBUG"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.web.http.redirections.entrypoint.permanent=true"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.certificadofront.acme.caserver=${LE_ACME_URL}"
- "--certificatesresolvers.certificadofront.acme.httpchallenge=true"
- "--certificatesresolvers.certificadofront.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.certificadofront.acme.email=${LE_EMAIL}"
- "--certificatesresolvers.certificadofront.acme.storage=/letsencrypt/acme.json"
networks:
- traefik-net
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- "traefik-data:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
frontend:
build:
context: .
image: agenda2030:latest
networks:
- traefik-net
restart: always
volumes:
- nginx-cache:/var/cache/nginx
labels:
- "traefik.enable=true"
- "traefik.http.routers.frontend.entrypoints=websecure"
- "traefik.http.routers.frontend.rule=(Host(`${HOST_NAME}`) || Host(`www.${HOST_NAME}`))"
- "traefik.http.routers.frontend.tls.certresolver=certificadofront"
- "traefik.http.routers.frontend.tls=true"
- "traefik.http.routers.frontend.tls.domains[0].main=${HOST_NAME}"
- "traefik.http.routers.frontend.tls.domains[1].main=www.${HOST_NAME}"
- "traefik.http.services.frontend.loadbalancer.server.port=80"
- "traefik.http.routers.frontend.middlewares=frontend-ratelimit,rewrite-www"
- "traefik.http.middlewares.frontend-ratelimit.ratelimit.average=1000"
- "traefik.http.middlewares.frontend-ratelimit.ratelimit.period=10s"
- "traefik.http.middlewares.frontend-ratelimit.ratelimit.burst=500"
- "traefik.http.middlewares.rewrite-www.redirectregex.regex=^https://(www.)?(.*)"
- "traefik.http.middlewares.rewrite-www.redirectregex.replacement=https://$$2"
networks:
traefik-net:
volumes:
traefik-data:
nginx-cache: