SamuelDavis/wordpress-traefik-compose.yml

## wordpress-traefik-compose.yml
version: '3'

networks:
  reverse-proxy: {}
  wp-test: {}

volumes:
  wp-test-db: {}

services:
  reverse-proxy:
    image: traefik:v2.0
    restart: always
    ports:
      - "8080:8080"
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./certs:/certs # directory to store letsEncrypt certs
    networks:
      - reverse-proxy
    command:
      # API SETTINGS
      - --api.insecure=true # enable the (insecure) API
      - --api.dashboard=true # enable the dashboard
      # LOG SETTINGS
      - --log.level=DEBUG # most extensive logging
      # PROVIDER SETTINGS
      - --providers.docker # use docker (as opposed to kubernetes, etc.)
      - --providers.docker.exposedByDefault=false # ignore containers unless they're specially labled
      - --providers.docker.network=reverse-proxy # docker network to look for containers in
      # ENTRYPOINTS
      - --entrypoints.insecure.address=:80 # listen on port 80
      - --entrypoints.secure.address=:443 # listen on port 443
      # AUTOMAGICALLY GENERATE LETSENCRYPT CERTIFICATES
      # WARNING: LETS ENCRYPT CAN ONLY VALIDATE ICANN TLDS, THUS *.test WILL ERROR & BE INVALID
      # - --certificatesResolvers.le.acme.email=example@gmail.com
      # - --certificatesResolvers.le.acme.storage=/certs/acme.json
      # - --certificatesResolvers.le.acme.httpChallenge.entryPoint=insecure
    labels:
      # PRETTY URL FOR TRAEFIK DASHBOARD
      - "traefik.enable=true" # enable host routing for dashboard
      - "traefik.http.routers.traefik.rule=Host(\"traefik.test\")" # set url for dashboard
      - "traefik.http.routers.traefik.service=api@internal" # point the router at the dashboard backend, not frontend
      # HTTP > HTTPS REDIRECT MIDDLEWARE
      - "traefik.http.middlewares.secure-redirect.redirectscheme.scheme=https"
      # PROVIDED OWN CERTIFICATES
      # - "traefik.https.routers.secure.tls.certificates.certFile=\"/certs/test.crt\"" # specify own cert
      # - "traefik.https.routers.secure.tls.certificates.keyFile=\"/certs/test.key\"" #specify own key
  wp-test:
    image: wordpress:latest
    restart: always
    depends_on:
      - wp-test-db
    volumes:
      - ./src:/var/www/html
    networks:
      - reverse-proxy # traefik needs to be able to send requests to this container
      - wp-test # this container, but not traefik, needs to be able to talk to the db
    environment:
      WORDPRESS_DB_HOST: wp-test-db
      WORDPRESS_DB_USER: wp-test-user
      WORDPRESS_DB_PASSWORD: wp-test-pass
      WORDPRESS_DB_NAME: wp-test-db
    labels:
      - "traefik.enable=true" # traefik should handle this container
      - "traefik.http.routers.insecure.rule=Host(\"wp.test\", \"www.wp.test\")" # traefik should handle this container
      - "traefik.http.routers.insecure.entrypoints=insecure" # listen for HTTP
      - "traefik.http.routers.insecure.middlewares=secure-redirect" # redirect to https
      - "traefik.https.routers.secure.rule=Host(\"wp.test\", \"www.wp.test\")" # traefik should handle this container
      - "traefik.https.routers.secure.entrypoints=secure" # listen for HTTPS
      # - "traefik.https.routers.secure.tls.certResolver=le" # use letsEncrypt to certify
  wp-test-db:
    image: mysql:5.7
    restart: always
    networks:
      - wp-test # this container can talk to the wp-test container, but is secure from traefik traffic
    volumes:
      - wp-test-db:/var/lib/mysql
    environment:
      MYSQL_DATABASE: wp-test-db
      MYSQL_USER: wp-test-user
      MYSQL_PASSWORD: wp-test-pass
      MYSQL_ROOT_PASSWORD: root
	version: '3'

	networks:
	reverse-proxy: {}
	wp-test: {}

	volumes:
	wp-test-db: {}

	services:
	reverse-proxy:
	image: traefik:v2.0
	restart: always
	ports:
	- "8080:8080"
	- "80:80"
	- "443:443"
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock
	- ./certs:/certs # directory to store letsEncrypt certs
	networks:
	- reverse-proxy
	command:
	# API SETTINGS
	- --api.insecure=true # enable the (insecure) API
	- --api.dashboard=true # enable the dashboard
	# LOG SETTINGS
	- --log.level=DEBUG # most extensive logging
	# PROVIDER SETTINGS
	- --providers.docker # use docker (as opposed to kubernetes, etc.)
	- --providers.docker.exposedByDefault=false # ignore containers unless they're specially labled
	- --providers.docker.network=reverse-proxy # docker network to look for containers in
	# ENTRYPOINTS
	- --entrypoints.insecure.address=:80 # listen on port 80
	- --entrypoints.secure.address=:443 # listen on port 443
	# AUTOMAGICALLY GENERATE LETSENCRYPT CERTIFICATES
	# WARNING: LETS ENCRYPT CAN ONLY VALIDATE ICANN TLDS, THUS *.test WILL ERROR & BE INVALID
	# - --certificatesResolvers.le.acme.email=example@gmail.com
	# - --certificatesResolvers.le.acme.storage=/certs/acme.json
	# - --certificatesResolvers.le.acme.httpChallenge.entryPoint=insecure
	labels:
	# PRETTY URL FOR TRAEFIK DASHBOARD
	- "traefik.enable=true" # enable host routing for dashboard
	- "traefik.http.routers.traefik.rule=Host(\"traefik.test\")" # set url for dashboard
	- "traefik.http.routers.traefik.service=api@internal" # point the router at the dashboard backend, not frontend
	# HTTP > HTTPS REDIRECT MIDDLEWARE
	- "traefik.http.middlewares.secure-redirect.redirectscheme.scheme=https"
	# PROVIDED OWN CERTIFICATES
	# - "traefik.https.routers.secure.tls.certificates.certFile=\"/certs/test.crt\"" # specify own cert
	# - "traefik.https.routers.secure.tls.certificates.keyFile=\"/certs/test.key\"" #specify own key
	wp-test:
	image: wordpress:latest
	restart: always
	depends_on:
	- wp-test-db
	volumes:
	- ./src:/var/www/html
	networks:
	- reverse-proxy # traefik needs to be able to send requests to this container
	- wp-test # this container, but not traefik, needs to be able to talk to the db
	environment:
	WORDPRESS_DB_HOST: wp-test-db
	WORDPRESS_DB_USER: wp-test-user
	WORDPRESS_DB_PASSWORD: wp-test-pass
	WORDPRESS_DB_NAME: wp-test-db
	labels:
	- "traefik.enable=true" # traefik should handle this container
	- "traefik.http.routers.insecure.rule=Host(\"wp.test\", \"www.wp.test\")" # traefik should handle this container
	- "traefik.http.routers.insecure.entrypoints=insecure" # listen for HTTP
	- "traefik.http.routers.insecure.middlewares=secure-redirect" # redirect to https
	- "traefik.https.routers.secure.rule=Host(\"wp.test\", \"www.wp.test\")" # traefik should handle this container
	- "traefik.https.routers.secure.entrypoints=secure" # listen for HTTPS
	# - "traefik.https.routers.secure.tls.certResolver=le" # use letsEncrypt to certify
	wp-test-db:
	image: mysql:5.7
	restart: always
	networks:
	- wp-test # this container can talk to the wp-test container, but is secure from traefik traffic
	volumes:
	- wp-test-db:/var/lib/mysql
	environment:
	MYSQL_DATABASE: wp-test-db
	MYSQL_USER: wp-test-user
	MYSQL_PASSWORD: wp-test-pass
	MYSQL_ROOT_PASSWORD: root