BorysVrublevskyi/pritunl-docker-compose.yml

## pritunl-docker-compose.yml
version: "3"

services:
  mongo:
    image: mongo:latest
    restart: always
    volumes:
      - ./db:/data/db

  pritunl:
    image: goofball222/pritunl:latest
    restart: always
    depends_on:
      - mongo
    privileged: true
    sysctls:
      - net.ipv6.conf.all.disable_ipv6=0
    links:
      - mongo
    volumes:
      - /etc/localtime:/etc/localtime:ro
    ports:
      - 10447:10447/udp
    expose:
      - 443
    environment:
      # - TZ=Europe/Kyiv
      - MONGO_URI=mongodb://mongo:27017/pritunl
      - REVERSE_PROXY=true
      - WIREGUARD=true
      - LETSENCRYPT_EMAIL=info@vpn.mydomain.com
      - LETSENCRYPT_HOST=vpn.mydomain.com
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.pritunl.service=pritunl"
      - "traefik.http.services.pritunl.loadbalancer.server.port=443"
      - "traefik.http.services.pritunl.loadbalancer.server.scheme=https"
      - "traefik.http.routers.pritunl.rule=Host(`vpn.mydomain.com`)"
      - "traefik.http.routers.pritunl.tls.certresolver=leresolver"
      # - "traefik.http.routers.pritunl.tls.certresolver=letsencryptresolver"
      - "traefik.http.routers.pritunl.entrypoints=websecure"

  traefik:
    image: traefik:latest
    restart: always
    command:
      - --entrypoints.web.address=:80
      - --entrypoints.websecure.address=:443
      - --providers.docker=true
      - --api
      - --certificatesresolvers.leresolver.acme.email=helpdesk@mydomain.com
      - --certificatesresolvers.leresolver.acme.storage=/acme.json
      - --certificatesresolvers.leresolver.acme.tlschallenge=true
      - --serverstransport.insecureskipverify=true
      # - --providers.file.filename=/dynamic_conf.yml
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      # - "./letsencrypt/acme.json:/acme.json"
      # - "./traefik_conf.yml:/dynamic_conf.yml"
    labels:
      # global redirect to https
      - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
      - "traefik.http.routers.http-catchall.entrypoints=web"
      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
      # middleware redirect
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"

# Thanks to https://github.com/aldeiacloud/pritunl-docker-compose-traefik
	version: "3"

	services:
	mongo:
	image: mongo:latest
	restart: always
	volumes:
	- ./db:/data/db

	pritunl:
	image: goofball222/pritunl:latest
	restart: always
	depends_on:
	- mongo
	privileged: true
	sysctls:
	- net.ipv6.conf.all.disable_ipv6=0
	links:
	- mongo
	volumes:
	- /etc/localtime:/etc/localtime:ro
	ports:
	- 10447:10447/udp
	expose:
	- 443
	environment:
	# - TZ=Europe/Kyiv
	- MONGO_URI=mongodb://mongo:27017/pritunl
	- REVERSE_PROXY=true
	- WIREGUARD=true
	- LETSENCRYPT_EMAIL=info@vpn.mydomain.com
	- LETSENCRYPT_HOST=vpn.mydomain.com
	labels:
	- "traefik.enable=true"
	- "traefik.http.routers.pritunl.service=pritunl"
	- "traefik.http.services.pritunl.loadbalancer.server.port=443"
	- "traefik.http.services.pritunl.loadbalancer.server.scheme=https"
	- "traefik.http.routers.pritunl.rule=Host(`vpn.mydomain.com`)"
	- "traefik.http.routers.pritunl.tls.certresolver=leresolver"
	# - "traefik.http.routers.pritunl.tls.certresolver=letsencryptresolver"
	- "traefik.http.routers.pritunl.entrypoints=websecure"

	traefik:
	image: traefik:latest
	restart: always
	command:
	- --entrypoints.web.address=:80
	- --entrypoints.websecure.address=:443
	- --providers.docker=true
	- --api
	- --certificatesresolvers.leresolver.acme.email=helpdesk@mydomain.com
	- --certificatesresolvers.leresolver.acme.storage=/acme.json
	- --certificatesresolvers.leresolver.acme.tlschallenge=true
	- --serverstransport.insecureskipverify=true
	# - --providers.file.filename=/dynamic_conf.yml
	ports:
	- "80:80"
	- "443:443"
	volumes:
	- "/var/run/docker.sock:/var/run/docker.sock:ro"
	# - "./letsencrypt/acme.json:/acme.json"
	# - "./traefik_conf.yml:/dynamic_conf.yml"
	labels:
	# global redirect to https
	- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
	- "traefik.http.routers.http-catchall.entrypoints=web"
	- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
	# middleware redirect
	- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"

	# Thanks to https://github.com/aldeiacloud/pritunl-docker-compose-traefik