-
-
Save ratnose/ef5ffa360da6e01b1666238c1ed17aa4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
docker-compose: | |
traefik: | |
image: traefik:latest | |
container_name: traefik | |
restart: unless-stopped | |
security_opt: | |
- no-new-privileges:true | |
networks: | |
- proxy | |
ports: | |
- 80:80 | |
- 443:443 | |
environment: | |
- CF_API_EMAIL=${CLOUDFLARE_MAIL} | |
- CF_DNS_API_TOKEN=${CLOUDFLARE_TOKEN} | |
# - CF_API_KEY=YOU_API_KEY | |
# be sure to use the correct one depending on if you are using a token or key | |
volumes: | |
- /etc/localtime:/etc/localtime:ro | |
- /var/run/docker.sock:/var/run/docker.sock:ro | |
- ./appdata/traefik/traefik.yml:/traefik.yml:ro | |
- ./appdata/traefik/acme.json:/acme.json | |
#- ./appdata/traefik/config.yml:/config.yml:ro | |
labels: | |
- traefik.enable=true | |
- traefik.http.routers.traefik.entrypoints=http | |
- traefik.http.routers.traefik.rule=Host(`trafdash.domain.io`) | |
- traefik.http.middlewares.traefik-auth.basicauth.users=user:password | |
- traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https | |
- traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https | |
- traefik.http.routers.traefik.middlewares=traefik-https-redirect | |
- traefik.http.routers.traefik-secure.entrypoints=https | |
- traefik.http.routers.traefik-secure.rule=Host(`trafdash.domain.io`) | |
- traefik.http.routers.traefik-secure.middlewares=traefik-auth | |
- traefik.http.routers.traefik-secure.tls=true | |
- traefik.http.routers.traefik-secure.tls.certresolver=cloudflare | |
- traefik.http.routers.traefik-secure.tls.domains[0].main=domain.io | |
- traefik.http.routers.traefik-secure.tls.domains[0].sans=*.domain.io | |
- traefik.http.routers.traefik-secure.service=api@internal | |
read_only: true | |
traefik.yml: | |
api: | |
dashboard: true | |
debug: true | |
entryPoints: | |
http: | |
address: ":80" | |
https: | |
address: ":443" | |
serversTransport: | |
insecureSkipVerify: true | |
providers: | |
docker: | |
endpoint: "unix:///var/run/docker.sock" | |
exposedByDefault: false | |
file: | |
filename: /config.yml | |
watch: true | |
#Havn't got one atm it is just an empty file. | |
certificatesResolvers: | |
cloudflare: | |
acme: | |
email: my_cloudflare@email.com | |
storage: acme.json | |
dnsChallenge: | |
provider: cloudflare | |
resolvers: | |
- "1.1.1.1:53" | |
- "1.0.0.1:53" | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
network and label for docker containers in the same docker-compose file.
networks:
- proxy
labels:
- traefik.enable=true
- traefik.http.routers.heimdall-https.rule=Host(
start.domain.io
)- traefik.http.routers.heimdall-https.entrypoints=https
- traefik.http.routers.heimdall-https.tls=true
- traefik.http.routers.heimdall-https.tls.certresolver=cloudflare
- traefik.http.routers.heimdall-https.service=heimdall
- traefik.http.services.heimdall.loadbalancer.server.port=80