Skip to content

Instantly share code, notes, and snippets.

@BorysVrublevskyi
Last active April 21, 2023 23:03
Show Gist options
  • Save BorysVrublevskyi/768771c51b24e83b3788ae12a7595982 to your computer and use it in GitHub Desktop.
Save BorysVrublevskyi/768771c51b24e83b3788ae12a7595982 to your computer and use it in GitHub Desktop.
Pritunl VPN Server with MongoDB and Traefik
version: "3"
services:
mongo:
image: mongo:latest
restart: always
volumes:
- ./db:/data/db
pritunl:
image: goofball222/pritunl:latest
restart: always
depends_on:
- mongo
privileged: true
sysctls:
- net.ipv6.conf.all.disable_ipv6=0
links:
- mongo
volumes:
- /etc/localtime:/etc/localtime:ro
ports:
- 10447:10447/udp
expose:
- 443
environment:
# - TZ=Europe/Kyiv
- MONGO_URI=mongodb://mongo:27017/pritunl
- REVERSE_PROXY=true
- WIREGUARD=true
- LETSENCRYPT_EMAIL=info@vpn.mydomain.com
- LETSENCRYPT_HOST=vpn.mydomain.com
labels:
- "traefik.enable=true"
- "traefik.http.routers.pritunl.service=pritunl"
- "traefik.http.services.pritunl.loadbalancer.server.port=443"
- "traefik.http.services.pritunl.loadbalancer.server.scheme=https"
- "traefik.http.routers.pritunl.rule=Host(`vpn.mydomain.com`)"
- "traefik.http.routers.pritunl.tls.certresolver=leresolver"
# - "traefik.http.routers.pritunl.tls.certresolver=letsencryptresolver"
- "traefik.http.routers.pritunl.entrypoints=websecure"
traefik:
image: traefik:latest
restart: always
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker=true
- --api
- --certificatesresolvers.leresolver.acme.email=helpdesk@mydomain.com
- --certificatesresolvers.leresolver.acme.storage=/acme.json
- --certificatesresolvers.leresolver.acme.tlschallenge=true
- --serverstransport.insecureskipverify=true
# - --providers.file.filename=/dynamic_conf.yml
ports:
- "80:80"
- "443:443"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
# - "./letsencrypt/acme.json:/acme.json"
# - "./traefik_conf.yml:/dynamic_conf.yml"
labels:
# global redirect to https
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# Thanks to https://github.com/aldeiacloud/pritunl-docker-compose-traefik
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment