paulknulst/docker-compose.traefik-swarm.yml Secret

## docker-compose.traefik-swarm.yml
version: "3.3"
services:
  traefik:
    image: "traefik:v2.2.1"
    container_name: traefik
    hostname: traefik
    command:
      - --entrypoints.web.address=:80
      - --entrypoints.websecure.address=:443
      - --providers.docker
      - --providers.docker.swarmmode
      - --providers.docker.constraints=Label(`traefik.constraint-label`, `traefik-public`)
      - --providers.docker.exposedByDefault=false
      - --api
      - --certificatesresolvers.le.acme.email=${TRAEFIK_SSLEMAIL?Variable not set}
      - --certificatesresolvers.le.acme.storage=./acme.json
      - --certificatesresolvers.le.acme.tlschallenge=true
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "./acme.json:/acme.json"
    deploy:
      placement:
        constraints:
          - node.labels.traefik-public.traefik-public-certificates == true
      labels:
          - "traefik.enable=true"
          # Dashboard
          - "traefik.http.routers.traefik.rule=Host(`dashboard.${PRIMARY_DOMAIN}`)"
          - "traefik.http.routers.traefik.service=api@internal"
          - "traefik.http.routers.traefik.tls=true"
          - "traefik.http.routers.traefik.tls.certresolver=le"
          - "traefik.http.routers.traefik.entrypoints=websecure"
          - "traefik.http.routers.traefik.middlewares=authtraefik"
          - "traefik.http.middlewares.authtraefik.basicauth.users=devAdmin:$$2y$$05$$h9OxLeY20/5uiXjfPgdRxuFlrfqBf2QifYDgrwsR6rAEgX3/dpOGq" # user:devAdmin, password:devto
          # global redirect to https
          - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
          - "traefik.http.routers.http-catchall.entrypoints=web"
          - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
          # middleware redirect
          - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
    restart: unless-stopped
    networks:
      - traefik-public
networks:
  traefik-public:
    external: true
	version: "3.3"
	services:
	traefik:
	image: "traefik:v2.2.1"
	container_name: traefik
	hostname: traefik
	command:
	- --entrypoints.web.address=:80
	- --entrypoints.websecure.address=:443
	- --providers.docker
	- --providers.docker.swarmmode
	- --providers.docker.constraints=Label(`traefik.constraint-label`, `traefik-public`)
	- --providers.docker.exposedByDefault=false
	- --api
	- --certificatesresolvers.le.acme.email=${TRAEFIK_SSLEMAIL?Variable not set}
	- --certificatesresolvers.le.acme.storage=./acme.json
	- --certificatesresolvers.le.acme.tlschallenge=true
	ports:
	- "80:80"
	- "443:443"
	volumes:
	- "/var/run/docker.sock:/var/run/docker.sock:ro"
	- "./acme.json:/acme.json"
	deploy:
	placement:
	constraints:
	- node.labels.traefik-public.traefik-public-certificates == true
	labels:
	- "traefik.enable=true"
	# Dashboard
	- "traefik.http.routers.traefik.rule=Host(`dashboard.${PRIMARY_DOMAIN}`)"
	- "traefik.http.routers.traefik.service=api@internal"
	- "traefik.http.routers.traefik.tls=true"
	- "traefik.http.routers.traefik.tls.certresolver=le"
	- "traefik.http.routers.traefik.entrypoints=websecure"
	- "traefik.http.routers.traefik.middlewares=authtraefik"
	- "traefik.http.middlewares.authtraefik.basicauth.users=devAdmin:$$2y$$05$$h9OxLeY20/5uiXjfPgdRxuFlrfqBf2QifYDgrwsR6rAEgX3/dpOGq" # user:devAdmin, password:devto
	# global redirect to https
	- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
	- "traefik.http.routers.http-catchall.entrypoints=web"
	- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
	# middleware redirect
	- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
	restart: unless-stopped
	networks:
	- traefik-public
	networks:
	traefik-public:
	external: true