Taubin/traefik.yml

## traefik.yml
  traefik:
    image: "traefik:v2.1"
    container_name: "traefik"
    hostname: "traefik"
    restart: unless-stopped
    env_file:
      - .env
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    command: # CLI flag configuration
      - --entrypoints.web.address=:80
      - --entrypoints.websecure.address=:443
      - --entryPoints.traefik.address=:8080
      - --log=true
      - --log.level=INFO # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
      - --accessLog=true
      - --accessLog.filePath=/traefik.log
      - --accessLog.bufferingSize=300 # Configuring a buffer of 300 lines
      - --accessLog.filters.statusCodes=400-599
      - --providers.docker=true
      - --api=true
      - --api.dashboard=true
      - --api.insecure=true
      # - --certificatesresolvers.dns-cloudflare.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory # Staging directory for testing
      # - --certificatesresolvers.dns-cloudflare.acme.caserver=https://acme-v02.api.letsencrypt.org/directory # Live directory for production
      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge=true
      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.delayBeforeCheck=60
      - --certificatesResolvers.dns-cloudflare.acme.email=[REDACTED]
      - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
      - --certificatesResolvers.dns-cloudflare.acme.keyType=RSA4096
      - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,8.8.8.8:53
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "./acme.json:/acme.json"
    environment:
      - TZ=${TZ}
      - CF_API_KEY=${CF_API_KEY}
    labels:
      - "traefik.enable=true"
      # Global wildcard certs
      - "traefik.http.routers.traefik.tls.certresolver=dns-cloudflare"
      - "traefik.http.routers.traefik.tls.domains[0].main=*.$MY_DOMAIN"
      # - "traefik.http.routers.traefik.tls.domains[0].sans=$MY_DOMAIN"
      # Redirect to https
      - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
      - "traefik.http.routers.http-catchall.entrypoints=web"
      - "traefik.http.routers.http-catchall.middlewares=redirect-to-https@docker"
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
      - "traefik.http.routers.api.service=api@internal"
      - "traefik.frontend.headers.customFrameOptionsValue: allow-from https:${DOMAINNAME}"
      - "traefik.frontend.auth.basic.users=${HTTP_USERNAME}:${HTTP_PASSWORD}"
	traefik:
	image: "traefik:v2.1"
	container_name: "traefik"
	hostname: "traefik"
	restart: unless-stopped
	env_file:
	- .env
	ports:
	- "80:80"
	- "443:443"
	- "8080:8080"
	command: # CLI flag configuration
	- --entrypoints.web.address=:80
	- --entrypoints.websecure.address=:443
	- --entryPoints.traefik.address=:8080
	- --log=true
	- --log.level=INFO # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC
	- --accessLog=true
	- --accessLog.filePath=/traefik.log
	- --accessLog.bufferingSize=300 # Configuring a buffer of 300 lines
	- --accessLog.filters.statusCodes=400-599
	- --providers.docker=true
	- --api=true
	- --api.dashboard=true
	- --api.insecure=true
	# - --certificatesresolvers.dns-cloudflare.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory # Staging directory for testing
	# - --certificatesresolvers.dns-cloudflare.acme.caserver=https://acme-v02.api.letsencrypt.org/directory # Live directory for production
	- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge=true
	- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
	- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.delayBeforeCheck=60
	- --certificatesResolvers.dns-cloudflare.acme.email=[REDACTED]
	- --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
	- --certificatesResolvers.dns-cloudflare.acme.keyType=RSA4096
	- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,8.8.8.8:53
	volumes:
	- "/var/run/docker.sock:/var/run/docker.sock:ro"
	- "./acme.json:/acme.json"
	environment:
	- TZ=${TZ}
	- CF_API_KEY=${CF_API_KEY}
	labels:
	- "traefik.enable=true"
	# Global wildcard certs
	- "traefik.http.routers.traefik.tls.certresolver=dns-cloudflare"
	- "traefik.http.routers.traefik.tls.domains[0].main=*.$MY_DOMAIN"
	# - "traefik.http.routers.traefik.tls.domains[0].sans=$MY_DOMAIN"
	# Redirect to https
	- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
	- "traefik.http.routers.http-catchall.entrypoints=web"
	- "traefik.http.routers.http-catchall.middlewares=redirect-to-https@docker"
	- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
	- "traefik.http.routers.api.service=api@internal"
	- "traefik.frontend.headers.customFrameOptionsValue: allow-from https:${DOMAINNAME}"
	- "traefik.frontend.auth.basic.users=${HTTP_USERNAME}:${HTTP_PASSWORD}"