-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
57 lines (45 loc) · 2.1 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
version: '3'
services:
traefik:
image: traefik:2.10.7
environment:
TRAEFIK_API: "true"
TRAEFIK_LOG_LEVEL: "DEBUG"
TRAEFIK_ACCESSLOG: "true"
TRAEFIK_ACCESSLOG_FORMAT: "json"
TRAEFIK_ACCESSLOG_FILEPATH: "/traefiklog/access.log"
TRAEFIK_ACCESSLOG_FIELDS_HEADERS_DEFAULTMODE: "keep"
TRAEFIK_PROVIDERS_DOCKER: "true"
TRAEFIK_PROVIDERS_DOCKER_NETWORK: "host2_default"
TRAEFIK_ENTRYPOINTS_WEBSECURE_ADDRESS: ":443"
TRAEFIK_ENTRYPOINTS_WEBSECURE_HTTP_TLS: "true"
# ACME DNS challenge:
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_TLSCHALLENGE: "false"
TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_DNSCHALLENGE: "true"
# TRAEFIK_CERTIFICATESRESOLVERS_LETSENCRYPT_ACME_CASERVER: "https://acme-staging-v02.api.letsencrypt.org/directory"
env_file:
- .env
ports:
- "443:443"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./acme.json:/acme.json:rw"
- "./traefiklog:/traefiklog:rw"
labels:
# Traefik dashboard:
traefik.http.routers.traefik.rule: "Host(`traefik-host2.${DOMAIN:?error}`)"
traefik.http.routers.traefik.service: "api@internal"
# Lets Encrypt:
traefik.http.routers.wildcarddomain.service: "noop@internal"
traefik.http.routers.wildcarddomain.tls.certResolver: "letsencrypt"
"traefik.http.routers.wildcarddomain.tls.domains[0].main": "*.${DOMAIN:?error}"
"traefik.http.routers.wildcarddomain.tls.domains[0].sans": "${DOMAIN:?error}"
# middleware for Authelia on host1:
traefik.http.middlewares.authelia.forwardauth.address: "https://autheliatest.${DOMAIN:?error}/api/verify?rd=https%3A%2F%2Fautheliatest.${DOMAIN:?error}%2F"
traefik.http.middlewares.authelia.forwardauth.trustForwardHeader: "true"
traefik.http.middlewares.authelia.forwardauth.authResponseHeaders: "Remote-User,Remote-Groups,Remote-Name,Remote-Email"
service:
image: traefik/whoami
labels:
traefik.http.routers.service.rule: Host(`service-host2.${DOMAIN:?error}`)
traefik.http.routers.service.middlewares: "authelia@docker"