voronenko-p/docker-compose.yaml Secret

## docker-compose.yaml
version: '3.4'
services:
  traefik:
    image: traefik:v2.1.4
# on my notebook traefik serves on default http https ports
# this allows natural urls like https://app.lvh.voronenko.net/
    ports:
      - 80:80
      - 443:443
# setup can be easily transformed into swarm deploy
    deploy:
      replicas: 1
      placement:
        constraints:
          - node.role == manager
        preferences:
          - spread: node.id
      labels: []
# /certs and /conf are dedicated known directories in
# official traefik image.
# in order to allow traefik to expose docker backend we are
# mapping docker socket inside.
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./traefik_certs:/certs
      - ./traefik_conf:/conf
    restart: always
# if traefik supposed to serve real swarm cluster, peram should be specified
#       --docker.swarmmode
    command:
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.watch=true"
      - "--providers.docker.exposedbydefault=false"
      - "--providers.file.directory=/conf/"
      - "--providers.file.watch=true"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--entrypoints.mongo.address=:27017"
      - "--entrypoints.postgres.address=:5432"
      - "--log.level=DEBUG"
      - "--accessLog"
      - "--api"
      - "--metrics"
      - "--metrics.prometheus"
      - "--providers.docker.network=traefik-public"
    networks:
      - default
      - traefik-public
# traefik configuration via labels
# expose traefik dashboard under address https://traefik.lvh.voronenko.net
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.rule=Host(`traefik.lvh.voronenko.net`)"
      - "traefik.http.routers.traefik.entrypoints=websecure"
      - "traefik.http.routers.traefik.tls.certresolver=letsencryptresolver"
      - "traefik.http.routers.traefik.service=api@internal"
      - "traefik.http.routers.traefik.tls=true"
# docker management UI to be exposed under
# https://docker.lvh.voronenko.net
  portainer:
    image: portainer/portainer
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - portainer_data:/data
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.portainer.rule=Host(`docker.lvh.voronenko.net`)"
      - "traefik.http.routers.portainer.entrypoints=web"
      - "traefik.http.routers.portainer-secure.rule=Host(`docker.lvh.voronenko.net`)"
      - "traefik.http.routers.portainer-secure.entrypoints=websecure"
      - "traefik.http.routers.portainer-secure.tls=true"
volumes:
  portainer_data:
networks:
  traefik-public:
    external: true
	version: '3.4'
	services:
	traefik:
	image: traefik:v2.1.4
	# on my notebook traefik serves on default http https ports
	# this allows natural urls like https://app.lvh.voronenko.net/
	ports:
	- 80:80
	- 443:443
	# setup can be easily transformed into swarm deploy
	deploy:
	replicas: 1
	placement:
	constraints:
	- node.role == manager
	preferences:
	- spread: node.id
	labels: []
	# /certs and /conf are dedicated known directories in
	# official traefik image.
	# in order to allow traefik to expose docker backend we are
	# mapping docker socket inside.
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock:ro
	- ./traefik_certs:/certs
	- ./traefik_conf:/conf
	restart: always
	# if traefik supposed to serve real swarm cluster, peram should be specified
	# --docker.swarmmode
	command:
	- "--api.insecure=true"
	- "--providers.docker=true"
	- "--providers.docker.watch=true"
	- "--providers.docker.exposedbydefault=false"
	- "--providers.file.directory=/conf/"
	- "--providers.file.watch=true"
	- "--entrypoints.web.address=:80"
	- "--entrypoints.websecure.address=:443"
	- "--entrypoints.mongo.address=:27017"
	- "--entrypoints.postgres.address=:5432"
	- "--log.level=DEBUG"
	- "--accessLog"
	- "--api"
	- "--metrics"
	- "--metrics.prometheus"
	- "--providers.docker.network=traefik-public"
	networks:
	- default
	- traefik-public
	# traefik configuration via labels
	# expose traefik dashboard under address https://traefik.lvh.voronenko.net
	labels:
	- "traefik.enable=true"
	- "traefik.http.routers.traefik.rule=Host(`traefik.lvh.voronenko.net`)"
	- "traefik.http.routers.traefik.entrypoints=websecure"
	- "traefik.http.routers.traefik.tls.certresolver=letsencryptresolver"
	- "traefik.http.routers.traefik.service=api@internal"
	- "traefik.http.routers.traefik.tls=true"
	# docker management UI to be exposed under
	# https://docker.lvh.voronenko.net
	portainer:
	image: portainer/portainer
	restart: always
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock
	- portainer_data:/data
	labels:
	- "traefik.enable=true"
	- "traefik.http.routers.portainer.rule=Host(`docker.lvh.voronenko.net`)"
	- "traefik.http.routers.portainer.entrypoints=web"
	- "traefik.http.routers.portainer-secure.rule=Host(`docker.lvh.voronenko.net`)"
	- "traefik.http.routers.portainer-secure.entrypoints=websecure"
	- "traefik.http.routers.portainer-secure.tls=true"
	volumes:
	portainer_data:
	networks:
	traefik-public:
	external: true