Skip to content

Instantly share code, notes, and snippets.

@danibram

danibram/README.md

Last active May 5, 2021 08:46
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save danibram/f300512003d482965f167421619a99eb to your computer and use it in GitHub Desktop.
Save danibram/f300512003d482965f167421619a99eb to your computer and use it in GitHub Desktop.
Download ZIP
Traefik automated dev/prod environment with docker-compose
Raw
README.md

Base Scafold project for a docker-compose with traefik, only 2 services api and pwa, no additional files needed.

Raw
docker-compose.dev.yml
version: '3.5'
services:
traefik:
image: 'traefik:v2.3.6'
command:
- --entrypoints.web.address=:80
- --providers.docker
- --api.insecure
ports:
- '80:80'
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
pwa:
build: ./pwa
ports:
- 3002:3002
labels:
- traefik.http.routers.pwa.rule=Host(`awesome-domain.local`)
- traefik.http.services.pwa.loadbalancer.server.port=3002
api:
build: ./api
ports:
- 3001:3001
labels:
- traefik.http.routers.api.rule=Host(`api.awesome-domain.local`)
- traefik.http.services.api.loadbalancer.server.port=3001
Raw
docker-compose.prod-images.yml
version: '3.5'
networks:
web:
external: true
internal:
name: 'internal'
services:
traefik:
image: 'traefik:v2.2.1'
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker
- --providers.docker.network=web
- --api
- --certificatesresolvers.le.acme.email=info@laligadesup.es
- --certificatesresolvers.le.acme.storage=/acme.json
- --certificatesresolvers.le.acme.httpchallenge=true
- --certificatesresolvers.le.acme.httpchallenge.entrypoint=web
ports:
- '80:80'
- '443:443'
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
- './acme2.json:/acme.json'
networks:
- web
labels:
# Dashboard
- 'traefik.http.routers.traefik.tls=true'
- 'traefik.http.routers.traefik.rule=Host(`monitor.awesome-domain.com`)'
- 'traefik.http.routers.traefik.service=api@internal'
- 'traefik.http.routers.traefik.tls.certresolver=le'
- 'traefik.http.routers.traefik.entrypoints=websecure'
- 'traefik.http.routers.traefik.middlewares=authtraefik'
- 'traefik.http.middlewares.authtraefik.basicauth.users=' # https://doc.traefik.io/traefik/middlewares/basicauth/
# global redirect to https
- 'traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)'
- 'traefik.http.routers.http-catchall.entrypoints=web'
- 'traefik.http.routers.http-catchall.middlewares=redirect-to-https'
# middleware redirect
- 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https'
- 'traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true'
- traefik.http.middlewares.redirect-to-www.redirectregex.regex=(https|http)://(?:www.)?(.*)
- traefik.http.middlewares.redirect-to-www.redirectregex.replacement=https://www.$${2}
- traefik.http.middlewares.redirect-to-www.redirectregex.permanent=true
restart: always
pwa:
image: your-awesome-pwa-image
ports:
- 3002:3002
labels:
- traefik.http.routers.pwa.tls=true
- traefik.http.routers.pwa.tls.certresolver=le
- traefik.http.routers.pwa.rule=Host(`awesome-domain.com`,`www.awesome-domain.com`)
- traefik.http.routers.pwa.middlewares=redirect-to-www
- traefik.http.services.pwa.loadbalancer.server.port=3002
networks:
- web
- internal
api:
image: your-awesome-api-image
ports:
- 3001:3001
labels:
- traefik.http.routers.api.tls=true
- traefik.http.routers.api.tls.certresolver=le
- traefik.http.routers.api.rule=Host(`api.awesome-domain.com`)
- traefik.http.services.api.loadbalancer.server.port=3001
networks:
- web
- internal
Raw
docker-compose.prod.yml
version: '3.5'
networks:
web:
external: true
internal:
name: 'internal'
services:
traefik:
image: 'traefik:v2.2.1'
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --providers.docker
- --providers.docker.network=web
- --api
- --certificatesresolvers.le.acme.email=info@laligadesup.es
- --certificatesresolvers.le.acme.storage=/acme.json
- --certificatesresolvers.le.acme.httpchallenge=true
- --certificatesresolvers.le.acme.httpchallenge.entrypoint=web
ports:
- '80:80'
- '443:443'
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
- './acme2.json:/acme.json'
networks:
- web
labels:
# Dashboard
- 'traefik.http.routers.traefik.tls=true'
- 'traefik.http.routers.traefik.rule=Host(`monitor.awesome-domain.com`)'
- 'traefik.http.routers.traefik.service=api@internal'
- 'traefik.http.routers.traefik.tls.certresolver=le'
- 'traefik.http.routers.traefik.entrypoints=websecure'
- 'traefik.http.routers.traefik.middlewares=authtraefik'
- 'traefik.http.middlewares.authtraefik.basicauth.users=' # https://doc.traefik.io/traefik/middlewares/basicauth/
# global redirect to https
- 'traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)'
- 'traefik.http.routers.http-catchall.entrypoints=web'
- 'traefik.http.routers.http-catchall.middlewares=redirect-to-https'
# middleware redirect
- 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https'
- 'traefik.http.middlewares.redirect-to-https.redirectscheme.permanent=true'
- traefik.http.middlewares.redirect-to-www.redirectregex.regex=(https|http)://(?:www.)?(.*)
- traefik.http.middlewares.redirect-to-www.redirectregex.replacement=https://www.$${2}
- traefik.http.middlewares.redirect-to-www.redirectregex.permanent=true
restart: always
pwa:
build: ./pwa
ports:
- 3002:3002
labels:
- traefik.http.routers.pwa.tls=true
- traefik.http.routers.pwa.tls.certresolver=le
- traefik.http.routers.pwa.rule=Host(`awesome-domain.com`,`www.awesome-domain.com`)
- traefik.http.routers.pwa.middlewares=redirect-to-www
- traefik.http.services.pwa.loadbalancer.server.port=3002
networks:
- web
- internal
api:
build: ./api
ports:
- 3001:3001
labels:
- traefik.http.routers.api.tls=true
- traefik.http.routers.api.tls.certresolver=le
- traefik.http.routers.api.rule=Host(`api.awesome-domain.com`)
- traefik.http.services.api.loadbalancer.server.port=3001
networks:
- web
- internal
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment