coltenkrauter/docker-compose.yaml

## docker-compose.yaml
# Tutorial: https://blog.creekorful.com/2020/01/how-to-expose-traefik-2-dashboard-securely-docker-swarm/
version: '3'

services:
  reverse-proxy:
    image: traefik:2.3
    command:
    # - '--log.level=DEBUG'
    - '--api=true'
    - '--api.dashboard=true'
    - '--providers.docker.endpoint=unix:///var/run/docker.sock'
    - '--providers.docker.swarmMode=true'
    - '--providers.docker.exposedbydefault=false'
    - '--providers.docker.network=traefik-public'
    - '--entrypoints.web.address=:80'
    - '--entrypoints.websecure.address=:443'
    - '--certificatesresolvers.letsencryptresolver.acme.httpchallenge=true'
    - '--certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web'
    - '--certificatesresolvers.letsencryptresolver.acme.email=myemail@gmail.com' # Put in your email (the email associated with your domain name)
    - '--certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json'
    ports:
    - 80:80
    - 443:443
    volumes:
    - acme-certs:/letsencrypt
    - /var/run/docker.sock:/var/run/docker.sock:ro
    networks:
    - traefik-public
    deploy:
      placement:
        constraints:
        - node.role == manager
      labels:
      - 'traefik.enable=true'
      # HTTP Catchall for redirecting HTTP -> HTTPS
      - 'traefik.http.routers.http-catchall.rule=PathPrefix(`/`)'
      - 'traefik.http.routers.http-catchall.entrypoints=web'
      - 'traefik.http.routers.http-catchall.middlewares=redirect-to-https'
      - 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https'
      # Traefik dashboard
      - 'traefik.http.routers.traefik.rule=(Host(`mydomain.com`) || Host(`www.mydomain.com`)) && (PathPrefix(`/traefik`) || PathPrefix(`/api`))' # Put in your domain
      - 'traefik.http.routers.traefik.entrypoints=websecure'
      - 'traefik.http.routers.traefik.tls.certresolver=letsencryptresolver'
      - 'traefik.http.routers.traefik.service=api@internal'
      - 'traefik.http.services.api@internal.loadbalancer.server.port=8080' # Required in swarms, https://doc.traefik.io/traefik/v2.0/routing/providers/docker/#services
      # - 'traefik.http.routers.traefik.middlewares=traefik-auth'
      # - 'traefik.http.middlewares.traefik-auth.basicauth.users=admin:$$apr1$$8EVjn/nj$$GiLUZqcbueTFeD23SuB6x0' # username: admin, password: admin
      - 'traefik.http.routers.traefik.middlewares=strip'
      - 'traefik.http.middlewares.strip.stripprefix.prefixes=/traefik'

  whoami:
    image: 'traefik/whoami'
    deploy:
      labels:
      - 'traefik.enable=true'
      - 'traefik.http.routers.whoami.rule=(Host(`mydomain.com`) || Host(`www.mydomain.com`))' # Put in your domain
      - 'traefik.http.routers.whoami.entrypoints=websecure'
      - 'traefik.http.routers.whoami.tls.certresolver=letsencryptresolver'
      - 'traefik.http.routers.whoami.service=whoamiservice'
      - 'traefik.http.services.whoamiservice.loadbalancer.server.port=80' # Required in swarms, https://doc.traefik.io/traefik/v2.0/routing/providers/docker/#services
    networks:
    - traefik-public

volumes:
  acme-certs:

networks:
  traefik-public:
	# Tutorial: https://blog.creekorful.com/2020/01/how-to-expose-traefik-2-dashboard-securely-docker-swarm/
	version: '3'

	services:
	reverse-proxy:
	image: traefik:2.3
	command:
	# - '--log.level=DEBUG'
	- '--api=true'
	- '--api.dashboard=true'
	- '--providers.docker.endpoint=unix:///var/run/docker.sock'
	- '--providers.docker.swarmMode=true'
	- '--providers.docker.exposedbydefault=false'
	- '--providers.docker.network=traefik-public'
	- '--entrypoints.web.address=:80'
	- '--entrypoints.websecure.address=:443'
	- '--certificatesresolvers.letsencryptresolver.acme.httpchallenge=true'
	- '--certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web'
	- '--certificatesresolvers.letsencryptresolver.acme.email=myemail@gmail.com' # Put in your email (the email associated with your domain name)
	- '--certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json'
	ports:
	- 80:80
	- 443:443
	volumes:
	- acme-certs:/letsencrypt
	- /var/run/docker.sock:/var/run/docker.sock:ro
	networks:
	- traefik-public
	deploy:
	placement:
	constraints:
	- node.role == manager
	labels:
	- 'traefik.enable=true'
	# HTTP Catchall for redirecting HTTP -> HTTPS
	- 'traefik.http.routers.http-catchall.rule=PathPrefix(`/`)'
	- 'traefik.http.routers.http-catchall.entrypoints=web'
	- 'traefik.http.routers.http-catchall.middlewares=redirect-to-https'
	- 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https'
	# Traefik dashboard
	- 'traefik.http.routers.traefik.rule=(Host(`mydomain.com`) \|\| Host(`www.mydomain.com`)) && (PathPrefix(`/traefik`) \|\| PathPrefix(`/api`))' # Put in your domain
	- 'traefik.http.routers.traefik.entrypoints=websecure'
	- 'traefik.http.routers.traefik.tls.certresolver=letsencryptresolver'
	- 'traefik.http.routers.traefik.service=api@internal'
	- 'traefik.http.services.api@internal.loadbalancer.server.port=8080' # Required in swarms, https://doc.traefik.io/traefik/v2.0/routing/providers/docker/#services
	# - 'traefik.http.routers.traefik.middlewares=traefik-auth'
	# - 'traefik.http.middlewares.traefik-auth.basicauth.users=admin:$$apr1$$8EVjn/nj$$GiLUZqcbueTFeD23SuB6x0' # username: admin, password: admin
	- 'traefik.http.routers.traefik.middlewares=strip'
	- 'traefik.http.middlewares.strip.stripprefix.prefixes=/traefik'

	whoami:
	image: 'traefik/whoami'
	deploy:
	labels:
	- 'traefik.enable=true'
	- 'traefik.http.routers.whoami.rule=(Host(`mydomain.com`) \|\| Host(`www.mydomain.com`))' # Put in your domain
	- 'traefik.http.routers.whoami.entrypoints=websecure'
	- 'traefik.http.routers.whoami.tls.certresolver=letsencryptresolver'
	- 'traefik.http.routers.whoami.service=whoamiservice'
	- 'traefik.http.services.whoamiservice.loadbalancer.server.port=80' # Required in swarms, https://doc.traefik.io/traefik/v2.0/routing/providers/docker/#services
	networks:
	- traefik-public

	volumes:
	acme-certs:

	networks:
	traefik-public: