47 lines
1.8 KiB
YAML
47 lines
1.8 KiB
YAML
|
version: "3.3"
|
||
|
|
|
||
|
|
services:
|
||
|
|
traefik:
|
||
|
|
image: "traefik:v2.10"
|
||
|
|
command:
|
||
|
|
- --entrypoints.web.address=:80
|
||
|
|
- --entrypoints.websecure.address=:443
|
||
|
|
- --entrypoints.pound.address=:9080
|
||
|
|
- --entryPoints.pound.forwardedHeaders.trustedIPs=10.23.0.0/24
|
||
|
|
- --entrypoints.mqtts.address=:8883
|
||
|
|
- --providers.docker=true
|
||
|
|
- --providers.docker.exposedbydefault=false
|
||
|
|
- --providers.file.directory=/config/
|
||
|
|
- --providers.file.watch=true
|
||
|
|
- --api
|
||
|
|
- --api.dashboard=true
|
||
|
|
- --accesslog
|
||
|
|
- --metrics.prometheus=true
|
||
|
|
- --metrics.prometheus.buckets=0.01,0.025,0.05,0.1,0.25,0.5,1.0,2.5,5.0,10.0
|
||
|
|
network_mode: host
|
||
|
|
volumes:
|
||
|
|
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
||
|
|
- "/opt/traefik/acme.json:/acme.json"
|
||
|
|
- "/opt/traefik/config:/config"
|
||
|
|
- "/opt/traefik/certs:/certs"
|
||
|
|
labels:
|
||
|
|
# Dashboard
|
||
|
|
- traefik.enable=true
|
||
|
|
- traefik.http.routers.traefik.rule=Host(`api.wazong.de`)
|
||
|
|
- traefik.http.routers.traefik.service=api@internal
|
||
|
|
- traefik.http.routers.traefik.tls=true
|
||
|
|
- traefik.http.routers.traefik.middlewares=authtraefik
|
||
|
|
- traefik.http.routers.traefik.entrypoints=websecure
|
||
|
|
- traefik.http.services.traefik.loadbalancer.server.port=888
|
||
|
|
- traefik.http.middlewares.authtraefik.basicauth.users=admin:**************
|
||
|
|
|
||
|
|
# global redirect to https
|
||
|
|
- traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)
|
||
|
|
- traefik.http.routers.http-catchall.entrypoints=web
|
||
|
|
- traefik.http.routers.http-catchall.middlewares=redirect-to-https
|
||
|
|
|
||
|
|
# middleware redirect
|
||
|
|
- traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
|
||
|
|
- traefik.http.middlewares.redirect-to-https.redirectscheme.port=443
|
||
|
|
restart: always
|