antonmihaylov/docker-compose.yaml

## docker-compose.yaml
version: "3.8"

# Before you run the containers add the network using
# docker network create main
networks:
  main:
    external: true

volumes:
  acme-certs:

services:
  # Add your services here:
  service-1:
    image: service-1-image
    restart: unless-stopped
    networks:
      - main
    expose:
      # Let's imagine that the service listens on port 4000
      - 4000

  service-2:
    image: service-2-image
    restart: unless-stopped
    expose:
      # Let's imagine that the service listens on port 5000
      - 5000


 # This is the Traefik proxy that listens on :80 and :443 and proxies to the services above
  traefik:
    image: "traefik:v2.8"
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "acme-certs:/letsencrypt"
      - "./traefik.yaml:/traefik.yaml"
      - "./tls.yaml:/tls.yaml"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "/var/log/traefik:/var/log"
    networks:
      - main

## tls.yaml
# This file is used by Traefik to recognize domains, how to resolve their certificate and how to proxy to your services
# Replace the *.example.com with your domains
# We need 2 routers for each service - 1 for http and 1 for https
# The 'service' value in the router definition must match one of the items in 'services' bellow

http:
  routers:
    service-1-router-http:
      rule: "Host(`service1.example.com`)"
      service: service-1
    service-1-router-https:
      rule: "Host(`service1.example.com`)"
      service: service-1
      tls:
        certResolver: letsencrypt
        options: tlsoptions
    service-2-router-http:
      rule: "Host(`service2.example.com`)"
      service: service-2
    service-2-router-https:
      rule: "Host(`service2.example.com`)"
      service: service-2
      tls:
        certResolver: letsencrypt
        options: tlsoptions
  services:
    # Those are your service definitions. They map a "service" value from the above router definition
    # to your docker compose services. The URLs are `http://<docker-compose container name>:<port>`
    service-1:
      loadBalancer:
        servers:
          - url: "http://service-1:4000"
          # If you want to load balance multiple instances of the same service you can add
          # a container_name: service-1-instance-2 to the second instance add it here.
          # Traefik will load balance them, I think by default it's using a round-robin algorithm.
          # - url: "http://service-1-instance-2:4000"
    service-2:
      loadBalancer:
        servers:
          - url: "http://service-2:5000"

tls:
  options:
    tlsoptions:
      minVersion: VersionTLS12

## traefik.yaml
# General traefik configuration.
# Important: enter your email at the bottom to receive mails for the certificates

api:
  # Set to true if you want to enable the Traefik dashboard
  dashboard: false

# Log errors
accessLog:
  filePath: /var/log/access.log
  filters:
    statusCodes:
      - 400-499

entryPoints:
  http:
    address: ":80"
  https:
    address: ":443"

providers:
  docker:
    network: main
    exposedByDefault: false
    endpoint: "unix:///var/run/docker.sock"
  file:
    filename: tls.yaml
    watch: true

certificatesResolvers:
  letsencrypt:
    acme:
      email: my-email@gmail.com
      storage: /letsencrypt/acme.json
      httpChallenge:
        entryPoint: http
	version: "3.8"

	# Before you run the containers add the network using
	# docker network create main
	networks:
	main:
	external: true

	volumes:
	acme-certs:

	services:
	# Add your services here:
	service-1:
	image: service-1-image
	restart: unless-stopped
	networks:
	- main
	expose:
	# Let's imagine that the service listens on port 4000
	- 4000

	service-2:
	image: service-2-image
	restart: unless-stopped
	expose:
	# Let's imagine that the service listens on port 5000
	- 5000


	# This is the Traefik proxy that listens on :80 and :443 and proxies to the services above
	traefik:
	image: "traefik:v2.8"
	restart: unless-stopped
	ports:
	- "80:80"
	- "443:443"
	volumes:
	- "acme-certs:/letsencrypt"
	- "./traefik.yaml:/traefik.yaml"
	- "./tls.yaml:/tls.yaml"
	- "/var/run/docker.sock:/var/run/docker.sock:ro"
	- "/var/log/traefik:/var/log"
	networks:
	- main
	# This file is used by Traefik to recognize domains, how to resolve their certificate and how to proxy to your services
	# Replace the *.example.com with your domains
	# We need 2 routers for each service - 1 for http and 1 for https
	# The 'service' value in the router definition must match one of the items in 'services' bellow

	http:
	routers:
	service-1-router-http:
	rule: "Host(`service1.example.com`)"
	service: service-1
	service-1-router-https:
	rule: "Host(`service1.example.com`)"
	service: service-1
	tls:
	certResolver: letsencrypt
	options: tlsoptions
	service-2-router-http:
	rule: "Host(`service2.example.com`)"
	service: service-2
	service-2-router-https:
	rule: "Host(`service2.example.com`)"
	service: service-2
	tls:
	certResolver: letsencrypt
	options: tlsoptions
	services:
	# Those are your service definitions. They map a "service" value from the above router definition
	# to your docker compose services. The URLs are `http://<docker-compose container name>:<port>`
	service-1:
	loadBalancer:
	servers:
	- url: "http://service-1:4000"
	# If you want to load balance multiple instances of the same service you can add
	# a container_name: service-1-instance-2 to the second instance add it here.
	# Traefik will load balance them, I think by default it's using a round-robin algorithm.
	# - url: "http://service-1-instance-2:4000"
	service-2:
	loadBalancer:
	servers:
	- url: "http://service-2:5000"

	tls:
	options:
	tlsoptions:
	minVersion: VersionTLS12
	# General traefik configuration.
	# Important: enter your email at the bottom to receive mails for the certificates

	api:
	# Set to true if you want to enable the Traefik dashboard
	dashboard: false

	# Log errors
	accessLog:
	filePath: /var/log/access.log
	filters:
	statusCodes:
	- 400-499

	entryPoints:
	http:
	address: ":80"
	https:
	address: ":443"

	providers:
	docker:
	network: main
	exposedByDefault: false
	endpoint: "unix:///var/run/docker.sock"
	file:
	filename: tls.yaml
	watch: true

	certificatesResolvers:
	letsencrypt:
	acme:
	email: my-email@gmail.com
	storage: /letsencrypt/acme.json
	httpChallenge:
	entryPoint: http