-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
80 lines (76 loc) · 3.31 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
version: '3.3'
services:
traefik:
# Use the latest Traefik image
image: traefik:latest
ports:
# Listen on port 80, default for HTTP, necessary to redirect to HTTPS
- target: 80
published: 80
mode: host
# Listen on port 443, default for HTTPS
- target: 443
published: 443
mode: host
deploy:
labels:
- traefik.enable=true
#- traefik.docker.network=traefik-public
- traefik.http.middlewares.admin-auth.basicauth.users=${USERNAME?Variable not set}:${HASHED_PASSWORD?Variable not set}
# - traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
# - traefik.http.middlewares.https-redirect.redirectscheme.permanent=true
- traefik.http.routers.traefik-public-http.rule=Host(`${DOMAIN?Variable not set}`)
- traefik.http.routers.traefik-public-http.entrypoints=http
# - traefik.http.routers.traefik-public-http.middlewares=https-redirect
# - traefik.http.routers.traefik-public-https.rule=Host(`${DOMAIN?Variable not set}`)
# - traefik.http.routers.traefik-public-https.entrypoints=https
# - traefik.http.routers.traefik-public-https.tls=true
- traefik.http.routers.traefik-public-http.service=api@internal
# - traefik.http.routers.traefik-public-https.tls.certresolver=le
- traefik.http.routers.traefik-public-http.middlewares=admin-auth
- traefik.http.services.traefik-public.loadbalancer.server.port=8080
- traefik.http.middlewares.cloudflarewarp.plugin.cloudflarewarp.disableDefault=false
volumes:
# Add Docker as a mounted volume, so that Traefik can read the labels of other services
- /var/run/docker.sock:/var/run/docker.sock:ro
# Mount the volume to store the certificates
- traefik-public-certificates:/certificates
command:
- --providers.docker
- --providers.docker.exposedbydefault=false
- --providers.docker.swarmmode
- --entrypoints.http.address=:80
- --entrypoints.web.http.redirections.entrypoint.to=https
- --entrypoints.web.http.redirections.entrypoint.scheme=https
- --entrypoints.https.address=:443
- --certificatesresolvers.le.acme.email=${EMAIL?Variable not set}
- --certificatesresolvers.le.acme.storage=/certificates/acme.json
- --certificatesresolvers.le.acme.tlschallenge=true
- --accesslog
- --log
- --api
- --tracing=true
# - --tracing.jaeger.localAgentHostPort=jaeger:6831
- --experimental.plugins.cloudflarewarp.modulename=github.com/BetterCorp/cloudflarewarp
- --experimental.plugins.cloudflarewarp.version=v1.3.0
- --experimental.plugins.staticresponse.modulename=github.com/jdel/staticresponse
- --experimental.plugins.staticresponse.version=v0.0.1
networks:
- traefik-public
# jaeger:
# image: jaegertracing/all-in-one:latest
# networks:
# - traefik-public
# environment:
# COLLECTOR_ZIPKIN_HTTP_PORT: 9411
# deploy:
# labels:
# traefik.enable: "true"
# traefik.http.routers.jaeger.rule: Host(`jaeger.twir.app`)
# traefik.http.routers.jaeger.middlewares: admin-auth
# traefik.http.services.jaeger.loadbalancer.server.port: 16686
volumes:
traefik-public-certificates:
networks:
traefik-public:
external: true