Justintime50/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Multisite Docker Server via Traefik

Quickly setup multiple websites via Docker containers on a single server via Traefik.
Edit the email found in the traefik.toml file and run docker compose up -d to get started in production (LetsEncrypt will generate SSL certs for all your sites).
If you'd like to use Traefik during development, you'll want to comment out the lines that have SSL/HTTPS/443 comments/code in the docker-compose.yml file.
Hosts: You'll need to add each site url to your /etc/hosts file before it can be visited.

  
## docker-compose.yml
services:
  traefik:
    image: traefik:v2.10
    restart: always
    container_name: traefik
    ports:
      - '80:80' # The HTTP port
      - '443:443' # The HTTPS port
      # - '8080:8080' # The Web UI
    healthcheck:
      test: ['CMD', 'traefik', 'healthcheck', '--ping']
      interval: 10s
      timeout: 10s
      retries: 3
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro # So that Traefik can listen to the Docker events
      - ./traefik.yaml:/etc/traefik/traefik.yaml:ro
      # Volumes below are for SSL support (comment out if using for local dev)
      - ./config:/etc/traefik/config:ro
      - ./acme:/etc/traefik/acme
    networks:
      - traefik
    labels:
      - 'traefik.enable=true'
      - 'traefik.http.routers.traefik.rule=Host(`traefik.example.com`)'
      - 'traefik.http.routers.traefik.service=api@internal'
      - 'traefik.http.routers.traefik.middlewares=auth'
      - 'traefik.http.middlewares.auth.basicauth.users=admin:encodedPassword'

networks:
  traefik:
    name: traefik

## dynamic.yaml
# This is the Traefik DYNAMIC configuration file
http:
  middlewares:
    secure-headers:
      headers:
        sslRedirect: true
        frameDeny: true
        stsIncludeSubdomains: true
        stsPreload: true
        stsSeconds: 63072000
        contentTypeNosniff: true
        accessControlAllowMethods:
          - GET
          - POST
        accessControlMaxAge: 100
        addVaryheader: true
        contentSecurityPolicy: script-src 'self'
        referrerPolicy: origin-when-cross-origin
tls:
  options:
    default:
      minVersion: VersionTLS12

## traefik.yaml
# This is the Traefik STATIC configuration file
entryPoints:
  web:
    address: ':80'
    # Comment out http/websecure/certificatesResolvers for local dev
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https
  websecure:
    address: ':443'
    http:
      tls:
        certResolver: letsencrypt
certificatesResolvers:
  letsencrypt:
    acme:
      email: email@example.com
      storage: /etc/traefik/acme/acme.json
      httpChallenge:
        entryPoint: web
log:
  level: INFO
providers:
  # Comment out file for local dev
  file:
    directory: /etc/traefik/config
    watch: true
  docker:
    endpoint: 'unix:///var/run/docker.sock'
    exposedByDefault: false
    network: traefik
ping: {}
# Allows traefik UI
api:
  dashboard: true
  # insecure: true
	services:
	traefik:
	image: traefik:v2.10
	restart: always
	container_name: traefik
	ports:
	- '80:80' # The HTTP port
	- '443:443' # The HTTPS port
	# - '8080:8080' # The Web UI
	healthcheck:
	test: ['CMD', 'traefik', 'healthcheck', '--ping']
	interval: 10s
	timeout: 10s
	retries: 3
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock:ro # So that Traefik can listen to the Docker events
	- ./traefik.yaml:/etc/traefik/traefik.yaml:ro
	# Volumes below are for SSL support (comment out if using for local dev)
	- ./config:/etc/traefik/config:ro
	- ./acme:/etc/traefik/acme
	networks:
	- traefik
	labels:
	- 'traefik.enable=true'
	- 'traefik.http.routers.traefik.rule=Host(`traefik.example.com`)'
	- 'traefik.http.routers.traefik.service=api@internal'
	- 'traefik.http.routers.traefik.middlewares=auth'
	- 'traefik.http.middlewares.auth.basicauth.users=admin:encodedPassword'

	networks:
	traefik:
	name: traefik
	# This is the Traefik DYNAMIC configuration file
	http:
	middlewares:
	secure-headers:
	headers:
	sslRedirect: true
	frameDeny: true
	stsIncludeSubdomains: true
	stsPreload: true
	stsSeconds: 63072000
	contentTypeNosniff: true
	accessControlAllowMethods:
	- GET
	- POST
	accessControlMaxAge: 100
	addVaryheader: true
	contentSecurityPolicy: script-src 'self'
	referrerPolicy: origin-when-cross-origin
	tls:
	options:
	default:
	minVersion: VersionTLS12
	# This is the Traefik STATIC configuration file
	entryPoints:
	web:
	address: ':80'
	# Comment out http/websecure/certificatesResolvers for local dev
	http:
	redirections:
	entryPoint:
	to: websecure
	scheme: https
	websecure:
	address: ':443'
	http:
	tls:
	certResolver: letsencrypt
	certificatesResolvers:
	letsencrypt:
	acme:
	email: email@example.com
	storage: /etc/traefik/acme/acme.json
	httpChallenge:
	entryPoint: web
	log:
	level: INFO
	providers:
	# Comment out file for local dev
	file:
	directory: /etc/traefik/config
	watch: true
	docker:
	endpoint: 'unix:///var/run/docker.sock'
	exposedByDefault: false
	network: traefik
	ping: {}
	# Allows traefik UI
	api:
	dashboard: true
	# insecure: true