Last active
January 9, 2022 23:55
-
-
Save sangam14/a32a8fa2fbf780b17cdcd8a7dc621d12 to your computer and use it in GitHub Desktop.
PDC_Treafik.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: "3.3" | |
| services: | |
| ################################################ | |
| #### Traefik Proxy Setup ##### | |
| ############################################### | |
| traefik: | |
| image: traefik:v2.3 | |
| restart: always | |
| container_name: traefik | |
| ports: | |
| - "80:80" # <== http | |
| - "443:443" # <== https | |
| command: | |
| #### These are the CLI commands that will configure Traefik and tell it how to work! #### | |
| ## API Settings - https://docs.traefik.io/operations/api/, endpoints - https://docs.traefik.io/operations/api/#endpoints ## | |
| - --api.dashboard=true # <== Enabling the dashboard to view services, middlewares, routers, etc... | |
| ## Log Settings (options: ERROR, DEBUG, PANIC, FATAL, WARN, INFO) - https://docs.traefik.io/observability/logs/ ## | |
| - --log.level=INFO # <== Setting the level of the logs from traefik | |
| ## Provider Settings - https://docs.traefik.io/providers/docker/#provider-configuration ## | |
| - --providers.docker=true # <== Enabling docker as the provider for traefik | |
| - --providers.docker.exposedbydefault=false # <== Don't expose every container to traefik, only expose enabled ones | |
| - --providers.docker.network=web # <== Operate on the docker network named web | |
| ## Entrypoints Settings - https://docs.traefik.io/routing/entrypoints/#configuration ## | |
| - --entrypoints.web.address=:80 # <== Defining an entrypoint for port :80 named web | |
| - --entrypoints.web.http.redirections.entryPoint.to=websecure | |
| - --entrypoints.web.http.redirections.entrypoint.scheme=https | |
| - --entrypoints.websecured.address=:443 # <== Defining an entrypoint for https on port :443 named web-secured | |
| - --entrypoints.websecure.http.certresolver=mytlschallenge | |
| ## Certificate Settings (Let's Encrypt) - https://docs.traefik.io/https/acme/#configuration-examples ## | |
| - --certificatesresolvers.mytlschallenge.acme.tlschallenge=true # <== Enable TLS-ALPN-01 to generate and renew ACME certs | |
| - --certificatesresolvers.mytlschallenge.acme.email=theafkdeveloper@gmail.com # <== Setting email for certs | |
| - --certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json # <== Defining acme file to store cert information | |
| volumes: | |
| - ./letsencrypt:/letsencrypt # <== Volume for certs (TLS) | |
| - /var/run/docker.sock:/var/run/docker.sock # <== Volume for docker admin | |
| networks: | |
| - web # <== Placing traefik on the network named web, to access containers on this network | |
| labels: | |
| #### Labels define the behavior and rules of the traefik proxy for this container #### | |
| - "traefik.enable=true" # <== Enable traefik on itself to view dashboard and assign subdomain to view it | |
| - "traefik.http.routers.api.rule=Host(`monitor.example.com`)" # <== Setting the domain for the dashboard | |
| - "traefik.http.routers.api.service=api@internal" # <== Enabling the api to be a service to access | |
| ################################################ | |
| #### Site Setup Container ##### | |
| ############################################## | |
| wordpress: # <== we aren't going to open :80 here because traefik is going to serve this on entrypoint 'web' | |
| ## :80 is already exposed from within the container ## | |
| image: wordpress | |
| restart: always | |
| container_name: wp | |
| environment: | |
| WORDPRESS_DB_HOST: db | |
| WORDPRESS_DB_USER: exampleuser | |
| WORDPRESS_DB_PASSWORD: examplepass | |
| WORDPRESS_DB_NAME: exampledb | |
| volumes: | |
| - wordpress:/var/www/html | |
| networks: | |
| - web | |
| - backend | |
| labels: | |
| #### Labels define the behavior and rules of the traefik proxy for this container #### | |
| - "traefik.enable=true" # <== Enable traefik to proxy this container | |
| - "traefik.http.routers.nginx-web.rule=Host(`example.com`)" # <== Your Domain Name goes here for the http rule | |
| ################################################ | |
| #### DB Container not on traefik ##### | |
| ############################################## | |
| db: | |
| image: mysql:5.7 | |
| restart: always | |
| environment: | |
| MYSQL_DATABASE: exampledb | |
| MYSQL_USER: exampleuser | |
| MYSQL_PASSWORD: examplepass | |
| MYSQL_RANDOM_ROOT_PASSWORD: '1' | |
| volumes: | |
| - db:/var/lib/mysql | |
| networks: | |
| - backend | |
| networks: | |
| web: | |
| external: true | |
| backend: | |
| external: false | |
| volumes: | |
| wordpress: | |
| external: true | |
| db: | |
| external: true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
you can simplify some elements: