-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.prod.yml
executable file
·73 lines (68 loc) · 3.48 KB
/
docker-compose.prod.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
services:
adminer:
labels:
- "traefik.http.routers.adminer.rule=Host(`adminer.${DOMAIN_NAME}`)"
- "traefik.http.routers.adminer.entrypoints=websecure"
- "traefik.http.routers.adminer.tls=true"
- "traefik.http.routers.adminer.tls.certresolver=letsencrypt"
adminer2:
labels:
- "traefik.http.routers.adminer2.rule=(Host(`${DOMAIN_NAME}`) && Pathprefix(`/adminer`))"
- "traefik.http.routers.adminer2.entrypoints=websecure"
- "traefik.http.routers.adminer2.tls=true"
- "traefik.http.routers.adminer2.tls.certresolver=letsencrypt"
nginx:
labels:
# Set the rule for the Traefik router to route traffic for the specified domain name
- "traefik.http.routers.nginx.rule=Host(`${DOMAIN_NAME}`)"
# Set the entrypoints for the Traefik router to the websecure entrypoint
- "traefik.http.routers.nginx.entrypoints=websecure"
# Enable TLS for the Traefik router
- "traefik.http.routers.nginx.tls=true"
# Set the certificate resolver for the Traefik router to use Let's Encrypt
- "traefik.http.routers.nginx.tls.certresolver=letsencrypt"
traefik:
command:
# Set the log level to debug
- --log.level=DEBUG
# Enable access log
- --accesslog=true
# Enable the Traefik dashboard API
- --api.insecure=true
- --api.dashboard=true
# Enable the Docker provider and configure it to use the "frontend" network
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --providers.docker.network=frontend
# Configure entry points for HTTP and HTTPS
- --entryPoints.web.address=:80
- --entryPoints.websecure.address=:443
# Enable Let's Encrypt certificate resolver and configure it with email, storage, and challenge options
- --certificatesresolvers.letsencrypt=true
- --certificatesresolvers.letsencrypt.acme.email=${DOMAIN_EMAIL}
- --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
- --certificatesresolvers.letsencrypt.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
- --certificatesresolvers.letsencrypt.acme.tlschallenge=true
# Configure HTTP to HTTPS redirection
- --entrypoints.web.http.redirections.entryPoint.to=websecure
- --entrypoints.web.http.redirections.entryPoint.scheme=https
labels:
# Enable Traefik for this container
- traefik.enable=true
# Configure the Traefik router for the domain name and paths
- traefik.http.routers.traefik.rule=(Host(`${DOMAIN_NAME}`) && (Pathprefix(`/api/`) || Pathprefix(`/dashboard/`)))
- traefik.http.routers.traefik.entryPoints=websecure
# Configure the Traefik service to use port 8080
- traefik.http.services.traefik.loadbalancer.server.port=8080
# Enable TLS and use the Let's Encrypt certificate resolver
- traefik.http.routers.traefik.tls=true
- traefik.http.routers.traefik.tls.certresolver=letsencrypt
ports:
# Map port 443 to the container's port 443
- "443:443"
volumes:
# Mount the acme.json file for Let's Encrypt certificate storage
- ./docker/traefik/acme.json:/letsencrypt/acme.json
# Mount the Docker socket for communication with Docker daemon
- /var/run/docker.sock:/var/run/docker.sock