Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Traefik V2 Docker Compose file with LetsEncrypt and HTTPS redirect - Traefik dashboard and simple whoami service
# Tutorial: https://blog.creekorful.com/2020/01/how-to-expose-traefik-2-dashboard-securely-docker-swarm/
version: '3'
services:
reverse-proxy:
image: traefik:2.3
command:
# - '--log.level=DEBUG'
- '--api=true'
- '--api.dashboard=true'
- '--providers.docker.endpoint=unix:///var/run/docker.sock'
- '--providers.docker.swarmMode=true'
- '--providers.docker.exposedbydefault=false'
- '--providers.docker.network=traefik-public'
- '--entrypoints.web.address=:80'
- '--entrypoints.websecure.address=:443'
- '--certificatesresolvers.letsencryptresolver.acme.httpchallenge=true'
- '--certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web'
- '--certificatesresolvers.letsencryptresolver.acme.email=myemail@gmail.com' # Put in your email (the email associated with your domain name)
- '--certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json'
ports:
- 80:80
- 443:443
volumes:
- acme-certs:/letsencrypt
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- traefik-public
deploy:
placement:
constraints:
- node.role == manager
labels:
- 'traefik.enable=true'
# HTTP Catchall for redirecting HTTP -> HTTPS
- 'traefik.http.routers.http-catchall.rule=PathPrefix(`/`)'
- 'traefik.http.routers.http-catchall.entrypoints=web'
- 'traefik.http.routers.http-catchall.middlewares=redirect-to-https'
- 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https'
# Traefik dashboard
- 'traefik.http.routers.traefik.rule=(Host(`mydomain.com`) || Host(`www.mydomain.com`)) && (PathPrefix(`/traefik`) || PathPrefix(`/api`))' # Put in your domain
- 'traefik.http.routers.traefik.entrypoints=websecure'
- 'traefik.http.routers.traefik.tls.certresolver=letsencryptresolver'
- 'traefik.http.routers.traefik.service=api@internal'
- 'traefik.http.services.api@internal.loadbalancer.server.port=8080' # Required in swarms, https://doc.traefik.io/traefik/v2.0/routing/providers/docker/#services
# - 'traefik.http.routers.traefik.middlewares=traefik-auth'
# - 'traefik.http.middlewares.traefik-auth.basicauth.users=admin:$$apr1$$8EVjn/nj$$GiLUZqcbueTFeD23SuB6x0' # username: admin, password: admin
- 'traefik.http.routers.traefik.middlewares=strip'
- 'traefik.http.middlewares.strip.stripprefix.prefixes=/traefik'
whoami:
image: 'traefik/whoami'
deploy:
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.whoami.rule=(Host(`mydomain.com`) || Host(`www.mydomain.com`))' # Put in your domain
- 'traefik.http.routers.whoami.entrypoints=websecure'
- 'traefik.http.routers.whoami.tls.certresolver=letsencryptresolver'
- 'traefik.http.routers.whoami.service=whoamiservice'
- 'traefik.http.services.whoamiservice.loadbalancer.server.port=80' # Required in swarms, https://doc.traefik.io/traefik/v2.0/routing/providers/docker/#services
networks:
- traefik-public
volumes:
acme-certs:
networks:
traefik-public:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment