-
-
Save 19wolf/03ee31886faf9e15ecd32e062a7d2533 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Traefik: | |
command: | |
- "traefik" | |
container_name: "Traefik" | |
entrypoint: | |
- "/entrypoint.sh" | |
environment: | |
- "CF_DNS_API_TOKEN=xxxxx" | |
- "TZ=America/New_York" | |
hostname: "ebda72ce72cf" | |
image: "traefik" | |
ipc: "private" | |
labels: | |
traefik.enable: "true" | |
traefik.http.routers.api.entryPoints: "https" | |
traefik.http.routers.api.rule: "Host(`traefik.domain.com`)" | |
traefik.http.routers.api.service: "api@internal" | |
logging: | |
driver: "json-file" | |
options: | |
max-file: "1" | |
max-size: "50m" | |
mac_address: "02:42:ac:11:00:04" | |
network_mode: "bridge" | |
ports: | |
- "443:443/tcp" | |
- "80:80/tcp" | |
- "8081:8080/tcp" | |
volumes: | |
- "/var/run/docker.sock:/var/run/docker.sock" | |
- "/opt/docker/traefik:/etc/traefik" | |
# HTTPS endpoint, with domain wildcard | |
https: | |
address: :443 | |
#forwardedHeaders: | |
# Reuse list of Cloudflare Trusted IP's above for HTTPS requests | |
# trustedIPs: *trustedIps | |
http: | |
tls: | |
# Generate a wildcard domain certificate | |
certResolver: letsencrypt | |
domains: | |
- main: domain.com | |
sans: | |
- '*.domain.com' | |
#middlewares: | |
# - securityHeaders@file |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
global: | |
checkNewVersion: true | |
sendAnonymousUsage: false | |
serversTransport: | |
insecureSkipVerify: true | |
entryPoints: | |
# Not used in apps, but redirect everything from HTTP to HTTPS | |
http: | |
address: :80 | |
forwardedHeaders: | |
trustedIPs: &trustedIps | |
# Start of Clouflare public IP list for HTTP requests, remove this if you don't use it | |
- 173.245.48.0/20 | |
- 103.21.244.0/22 | |
- 103.22.200.0/22 | |
- 103.31.4.0/22 | |
- 141.101.64.0/18 | |
- 108.162.192.0/18 | |
- 190.93.240.0/20 | |
- 188.114.96.0/20 | |
- 197.234.240.0/22 | |
- 198.41.128.0/17 | |
- 162.158.0.0/15 | |
- 104.16.0.0/12 | |
- 104.24.0.0/14 | |
- 172.64.0.0/13 | |
- 131.0.72.0/22 | |
- 2400:cb00::/32 | |
- 2606:4700::/32 | |
- 2803:f800::/32 | |
- 2405:b500::/32 | |
- 2405:8100::/32 | |
- 2a06:98c0::/29 | |
- 2c0f:f248::/32 | |
# End of Cloudlare public IP list | |
http: | |
redirections: | |
entryPoint: | |
to: https | |
scheme: https | |
providers: | |
providersThrottleDuration: 2s | |
# File provider for connecting things that are outside of docker / defining middleware | |
file: | |
filename: /etc/traefik/fileConfig.yml | |
watch: true | |
# Docker provider for connecting all apps that are inside of the docker network | |
docker: | |
watch: true | |
network: bridge # Add Your Docker Network Name Here | |
# Default host rule to containername.domain.example | |
defaultRule: "Host(`{{ lower (trimPrefix `/` .Name )}}.domain.com`)" # Replace with your domain | |
swarmModeRefreshSeconds: 15s | |
# Enable traefik ui | |
api: | |
dashboard: true | |
insecure: true | |
# Log level INFO|DEBUG|ERROR | |
log: | |
level: INFO | |
# Use letsencrypt to generate ssl serficiates | |
certificatesResolvers: | |
letsencrypt: | |
acme: | |
email: traefik@domain.com | |
storage: /etc/traefik/acme.json | |
dnsChallenge: | |
provider: cloudflare | |
# Used to make sure the dns challenge is propagated to the rights dns servers | |
resolvers: | |
- "1.1.1.1:53" | |
- "1.0.0.1:53" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment