Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Use https://traefik.me SSL certificates for local HTTPS without having to touch your /etc/hosts or your certificate CA.
version: '3'
services:
traefik:
restart: unless-stopped
image: traefik:v2.0.2
ports:
- "80:80"
- "443:443"
labels:
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
volumes:
- ./traefik.yml:/etc/traefik/traefik.yml
- ./tls.yml:/etc/traefik/tls.yml
- /var/run/docker.sock:/var/run/docker.sock
- certs:/etc/ssl/traefik
app1:
image: containous/whoami
labels:
- "traefik.http.routers.app1.rule=Host(`app1.traefik.me`)"
- "traefik.http.routers.app1-tls.tls.domains[0].main=app1.traefik.me"
- "traefik.http.routers.app1-tls.tls.domains[0].sans=app1-*.traefik.me"
app2:
image: containous/whoami
labels:
- "traefik.http.routers.app2.rule=Host(`app2.traefik.me`)"
- "traefik.http.routers.app2-tls.tls.domains[0].main=app2.traefik.me"
- "traefik.http.routers.app2-tls.tls.domains[0].sans=app2-*.traefik.me"
reverse-proxy-https-helper:
image: alpine
command: sh -c "cd /etc/ssl/traefik
&& wget traefik.me/cert.pem -O cert.pem
&& wget traefik.me/privkey.pem -O privkey.pem"
volumes:
- certs:/etc/ssl/traefik
volumes:
certs:
tls:
stores:
default:
defaultCertificate:
certFile: /etc/ssl/traefik/cert.pem
keyFile: /etc/ssl/traefik/privkey.pem
certificates:
- certFile: /etc/ssl/traefik/cert.pem
keyFile: /etc/ssl/traefik/privkey.pem
logLevel: INFO
api:
insecure: true
dashboard: true
entryPoints:
http:
address: ":80"
https:
address: ":443"
providers:
file:
filename: /etc/traefik/tls.yml
docker:
endpoint: unix:///var/run/docker.sock
watch: true
exposedByDefault: true
defaultRule: "HostRegexp(`{{ index .Labels \"com.docker.compose.service\"}}.traefik.me`,`{{ index .Labels \"com.docker.compose.service\"}}-{dashed-ip:.*}.traefik.me`)"
@balajeek

This comment has been minimized.

Copy link

@balajeek balajeek commented Aug 22, 2021

does this need port 80 or 443 to be open on my box?
and traefik.me could be anything i name since its for local lan use?

my goal is to have a https on lan and also have dns names for my docker services that expose web ui. thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment