Skip to content

Instantly share code, notes, and snippets.

@chonthu
Last active April 30, 2024 17:40
Show Gist options
  • Save chonthu/67b0e75edd6388f4dad10394ffdb84c7 to your computer and use it in GitHub Desktop.
Save chonthu/67b0e75edd6388f4dad10394ffdb84c7 to your computer and use it in GitHub Desktop.
traefik2-tls-passthrough
version: "3.3"
services:
app:
image: nginx
ports:
- 80
- 443
restart: unless-stopped
tty: true
tmpfs:
- /var/log/nginx
volumes:
- .:/app
- ./srv/nginx/conf.d/:/etc/nginx/conf.d/:cached
- ./certs:/certs
labels:
- "traefik.enable=true"
- "traefik.http.routers.app.rule=Host(`app.domain`)"
- "traefik.http.routers.app.entrypoints=web"
# here starts the tls
- "traefik.tcp.routers.app-secured.rule=HostSNI(`app.domain`)"
- "traefik.tcp.routers.app-secured.entrypoints=websecure"
- "traefik.tcp.routers.app-secured.tls=true"
- "traefik.tcp.routers.app-secured.tls.passthrough=true"
- "traefik.tcp.services.app-secured.loadbalancer.server.port=443"
traefik:
image: "traefik:v2.0.0-rc3"
container_name: "traefik"
command:
# - "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.address=:80"
- "--providers.docker.exposedbydefault=false"
ports:
- 80:80
- 443:443
- 8080:8080
volumes:
- "./certs:/certs"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment