-
Notifications
You must be signed in to change notification settings - Fork 10
/
docker-compose.traefik.yml
50 lines (47 loc) · 1.6 KB
/
docker-compose.traefik.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
version: "3.2"
networks:
nat:
external: true
internal:
external: false
services:
reverse-proxy:
env_file:
- .env
image: traefik:v2.6.1
command:
- "--defaultentrypoints=http,https"
- "--entrypoints=Name:http Address::80 Redirect.EntryPoint:https"
- "--entrypoints=Name:https Address::443 Compress:true TLS"
- "--retry"
- "--api"
- "--docker"
- "--docker.domain=docker.localhost"
- "--docker.exposedbydefault=false"
- "--loglevel=DEBUG"
- "--acme=true"
- "--acme.acmelogging=true"
- "--acme.storage=/traefik/acme.json"
- "--acme.entryPoint=https"
- "--acme.httpchallenge"
- "--acme.httpchallenge.entryPoint=http"
- "--acme.onHostRule=true"
- "[email protected]" # changeme!
- "--acme.caServer=https://acme-v02.api.letsencrypt.org/directory"
- "--acme.domains=${APP_HOSTNAME},${LANDING_HOSTNAME},${DEV_HOSTNAME},${CONSOLE_HOSTNAME}"
restart: unless-stopped
ports:
- "80:80" # The HTTP port, should be 80 outside (does not collide on empty box)
- "443:443" # The HTTPS port, ditto.
- "8080:8080" # Traefik port
networks:
- nat
- internal
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./services/traefik:/traefik # this is where traefik creates SSL certificate exportable using share.sh
labels:
- "traefik.port=8080"
- "traefik.backend=traefik"
# - "traefik.frontend.auth.basic.users=traefik:$$apr1$$JVrTyD7r$DwX82aghrfYFJXh.kFfbU."
- "traefik.frontend.rule=Host:${DEV_HOSTNAME}"