forked from ch-lee/traefik-with-multiple-ghost-blogs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose-traefik.yml
85 lines (58 loc) · 2.66 KB
/
docker-compose-traefik.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
version: "3.3"
services:
traefik:
image: "traefik:v2.4"
container_name: "traefik"
command:
# enable insecure api. Only for testing. You can access it via http://the-ip-address:8080
#- --api.insecure=true
# enable dashboard api
- --api
# enable docker as a provider
- --providers.docker=true
# set to false to not expose all docker containers to traefik
- --providers.docker.exposedbydefault=false
# set this to the 'web' network
- --providers.docker.network=web
# enable default http port 80
- --entrypoints.web.address=:80
# define an entry point for SSL with the name of 'websecure'
- --entrypoints.websecure.address=:443
# define a http redirection entrypoint to use SSL i.e. 'websecure'
- --entrypoints.web.http.redirections.entryPoint.to=websecure
# define a http redirection scheme to be https
- --entrypoints.web.http.redirections.entryPoint.scheme=https
# define a certificate resolver called 'myresolver' and to use tls challenge to obtain ssl certificates
- --certificatesresolvers.myresolver.acme.tlschallenge=true
# set a valid email address for the certificate resolver.
- --certificatesresolvers.myresolver.acme.email=your-email-adress@email.com
# Set the path of the acme.json file. Mine is located relative to where this docker compose file is located.
- --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
ports:
# This is the default port http
- "80:80"
# The default port to access Traefik's monitoring dashboard
- "8080:8080"
# enable portt 443 for SSL
- "443:443"
networks:
- web
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
# Map the letsencrypt folder
- "./letsencrypt:/letsencrypt"
labels:
- "traefik.enable=true"
# Enabling the api to be a service
- "traefik.http.routers.api.service=api@internal"
# set authentication mode for access to traefiks api dashboard
- "traefik.http.routers.api.middlewares=auth"
# enable basic auth and provide username and hashed password generated by htpasswd
- "traefik.http.middlewares.auth.basicauth.users=admin:$$apr1$$M/tkVVQs$$.s3kR09/L5pWnPZDxM1PG."
# set a domain or sub-domain name to access traefiks monitoring dashboard.
- "traefik.http.routers.api.rule=Host(`monitor.your-domain.com`)"
# tells traefik to use the 'certrersolver' to enable and use SSL
- "traefik.http.routers.api.tls.certresolver=myresolver"
networks:
web:
external: true