back-2-95/docker-compose.yml

## docker-compose.yml
version: '3.7'

services:

  traefik:
    image: traefik:v2.1.1
    container_name: "${PREFIX}-traefik"
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    command: |-
      --providers.docker.network="${PREFIX}-network"
    labels:
      traefik.enable: true
      traefik.http.routers.traefik.entrypoints: https
      traefik.http.routers.traefik.rule: "Host(`traefik.${DOCKER_DOMAIN}`)"
      traefik.http.routers.traefik.service: api@internal
      traefik.http.routers.traefik.tls: true
      traefik.http.services.traefik.loadbalancer.server.port: 8080

      # catchall router
      traefik.http.routers.http-catchall.rule: "hostregexp(`{host:.+}`)"
      traefik.http.routers.http-catchall.entrypoints: "http"
      traefik.http.routers.http-catchall.middlewares: "test-errorpage,redirect-to-https"

      # middleware for errors
      traefik.http.middlewares.test-errorpage.errors.status: 400-503
      traefik.http.middlewares.test-errorpage.errors.service: errors-stonehenge@docker
      traefik.http.middlewares.test-errorpage.errors.query: "/index.html"

      # middleware redirect
      traefik.http.middlewares.redirect-to-https.redirectscheme.scheme: https
    ports:
      - "443:443"
      - "80:80"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./traefik/traefik.yml:/traefik.yml:ro
      - ./traefik/traefik.dynamic.yml:/configuration/traefik.dynamic.yml
      - ./certs:/ssl # mkcert certs

  portainer:
    image: portainer/portainer:1.23.0
    container_name: "${PREFIX}-portainer"
    restart: unless-stopped
    command: |-
      --no-auth -H unix:///var/run/docker.sock
      --logo "${LOGO_URL}"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
      traefik.enable: true
      traefik.http.routers.portainer.entrypoints: https
      traefik.http.routers.portainer.rule: "Host(`portainer.${DOCKER_DOMAIN}`)"
      traefik.http.routers.portainer.tls: true
      traefik.http.services.portainer.loadbalancer.server.port: 9000

  mailhog:
    image: mailhog/mailhog
    container_name: "${PREFIX}-mailhog"
    restart: unless-stopped
    labels:
      traefik.enable: true
      traefik.http.routers.mailhog.entrypoints: https
      traefik.http.routers.mailhog.rule: "Host(`mailhog.${DOCKER_DOMAIN}`)"
      traefik.http.routers.mailhog.tls: true
      traefik.http.services.mailhog.loadbalancer.server.port: 8025

  ssh-agent:
    image: amazeeio/ssh-agent
    container_name: "${PREFIX}-ssh-agent"
    restart: unless-stopped
    volumes:
      - ~/.ssh:/ssh
      - ssh:/tmp/amazeeio_ssh-agent/

  errors:
    image: nginx:1.17-alpine
    container_name: "${PREFIX}-catchall"
    restart: unless-stopped
    volumes:
      - ./catchall/nginx.conf:/etc/nginx/conf.d/default.conf:ro
      - ./catchall/index.html:/usr/share/nginx/html/index.html:ro
    labels:
      traefik.enable: true
      traefik.http.routers.errors.rule: "Host(`error.${DOCKER_DOMAIN}`)"
      traefik.http.routers.errors.tls: true

networks:
  default:
    name: "${PREFIX}-network"
    external: true

volumes:
  ssh:
    name: "${PREFIX}-ssh"
    external: true
	version: '3.7'

	services:

	traefik:
	image: traefik:v2.1.1
	container_name: "${PREFIX}-traefik"
	restart: unless-stopped
	security_opt:
	- no-new-privileges:true
	command: \|-
	--providers.docker.network="${PREFIX}-network"
	labels:
	traefik.enable: true
	traefik.http.routers.traefik.entrypoints: https
	traefik.http.routers.traefik.rule: "Host(`traefik.${DOCKER_DOMAIN}`)"
	traefik.http.routers.traefik.service: api@internal
	traefik.http.routers.traefik.tls: true
	traefik.http.services.traefik.loadbalancer.server.port: 8080

	# catchall router
	traefik.http.routers.http-catchall.rule: "hostregexp(`{host:.+}`)"
	traefik.http.routers.http-catchall.entrypoints: "http"
	traefik.http.routers.http-catchall.middlewares: "test-errorpage,redirect-to-https"

	# middleware for errors
	traefik.http.middlewares.test-errorpage.errors.status: 400-503
	traefik.http.middlewares.test-errorpage.errors.service: errors-stonehenge@docker
	traefik.http.middlewares.test-errorpage.errors.query: "/index.html"

	# middleware redirect
	traefik.http.middlewares.redirect-to-https.redirectscheme.scheme: https
	ports:
	- "443:443"
	- "80:80"
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock
	- ./traefik/traefik.yml:/traefik.yml:ro
	- ./traefik/traefik.dynamic.yml:/configuration/traefik.dynamic.yml
	- ./certs:/ssl # mkcert certs

	portainer:
	image: portainer/portainer:1.23.0
	container_name: "${PREFIX}-portainer"
	restart: unless-stopped
	command: \|-
	--no-auth -H unix:///var/run/docker.sock
	--logo "${LOGO_URL}"
	volumes:
	- /var/run/docker.sock:/var/run/docker.sock
	labels:
	traefik.enable: true
	traefik.http.routers.portainer.entrypoints: https
	traefik.http.routers.portainer.rule: "Host(`portainer.${DOCKER_DOMAIN}`)"
	traefik.http.routers.portainer.tls: true
	traefik.http.services.portainer.loadbalancer.server.port: 9000

	mailhog:
	image: mailhog/mailhog
	container_name: "${PREFIX}-mailhog"
	restart: unless-stopped
	labels:
	traefik.enable: true
	traefik.http.routers.mailhog.entrypoints: https
	traefik.http.routers.mailhog.rule: "Host(`mailhog.${DOCKER_DOMAIN}`)"
	traefik.http.routers.mailhog.tls: true
	traefik.http.services.mailhog.loadbalancer.server.port: 8025

	ssh-agent:
	image: amazeeio/ssh-agent
	container_name: "${PREFIX}-ssh-agent"
	restart: unless-stopped
	volumes:
	- ~/.ssh:/ssh
	- ssh:/tmp/amazeeio_ssh-agent/

	errors:
	image: nginx:1.17-alpine
	container_name: "${PREFIX}-catchall"
	restart: unless-stopped
	volumes:
	- ./catchall/nginx.conf:/etc/nginx/conf.d/default.conf:ro
	- ./catchall/index.html:/usr/share/nginx/html/index.html:ro
	labels:
	traefik.enable: true
	traefik.http.routers.errors.rule: "Host(`error.${DOCKER_DOMAIN}`)"
	traefik.http.routers.errors.tls: true

	networks:
	default:
	name: "${PREFIX}-network"
	external: true

	volumes:
	ssh:
	name: "${PREFIX}-ssh"
	external: true