API tools faq
paste
Advertisement
littlejeem

traefik_smarthome_v2

littlejeem
Aug 21st, 2023
1,189
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
YAML 4.27 KB | None | 0 0
raw download clone embed print report
  1. ---
  2. version: "3.9"
  3. networks:
  4.   default:
  5.     driver: bridge
  6.   t2_proxy:
  7.     name: t2_proxy
  8.     driver: bridge
  9.     ipam:
  10.       config:
  11.         - subnet: 192.168.90.0/24
  12. x-environment:
  13.   TZ: $TZ
  14.   PUID: $PUID
  15.   PGID: $PGID
  16. x-common-keys-core:
  17.   networks:
  18.    - t2_proxy
  19.   security_opt:
  20.    - no-new-privileges:true
  21.   restart: always
  22. x-common-keys-apps:
  23.   networks:
  24.    - t2_proxy
  25.   security_opt:
  26.    - no-new-privileges:true
  27.   restart: unless-stopped
  28. x-common-keys-media:
  29.   networks:
  30.    - t2_proxy
  31.   security_opt:
  32.    - no-new-privileges:true
  33.   restart: no
  34.  
  35. services:
  36.   traefik:
  37.     networks:
  38.       t2_proxy:
  39.         ipv4_address: 192.168.90.254
  40.     security_opt:
  41.      - no-new-privileges:true
  42.     restart: always
  43.     container_name: traefik
  44.     image: traefik:2.7
  45.     command:
  46.      - --global.checkNewVersion=true
  47.       - --global.sendAnonymousUsage=true
  48.       - --entryPoints.http.address=:80
  49.       - --entryPoints.https.address=:443
  50.       - --entrypoints.https.forwardedHeaders.trustedIPs=173.245.48.0/20,103.21.244.0/22,103.22.200.0/22,103.31.4.0/22,141.101.64.0/18,108.162.192.0/18,190.93.240.0/20,188.114.96.0/20,197.234.240.0/22,198.41.128.0/17,162.158.0.0/15,104.16.0.0/13,104.24.0.0/14,172.64.0.0/13,131.0.72.0/22
  51.       - --entryPoints.traefik.address=:8080
  52.       - --api=true
  53.       - --api.dashboard=true
  54.       - --log=true
  55.       - --log.filePath=/logs/traefik.log
  56.       - --log.level=DEBUG
  57.       - --accessLog=true
  58.       - --accessLog.filePath=/logs/access.log
  59.       - --accessLog.bufferingSize=100
  60.       - --accessLog.filters.statusCodes=204-299,400-499,500-599
  61.       - --providers.docker=true
  62.       - --providers.docker.endpoint=unix:///var/run/docker.sock
  63.       - --providers.docker.exposedByDefault=false
  64.       - --entrypoints.https.http.tls.options=tls-opts@file
  65.       - --entrypoints.https.http.tls.certresolver=dns-cloudflare
  66.       - --entrypoints.https.http.tls.domains[0].main=$DOMAINNAME_CLOUD_SERVER
  67.       - --entrypoints.https.http.tls.domains[0].sans=*.$DOMAINNAME_CLOUD_SERVER
  68.       - --providers.docker.network=t2_proxy
  69.       - --providers.docker.swarmMode=false
  70.       - --providers.file.directory=/rules
  71.       - --providers.file.watch=true
  72.       - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory
  73.       - --certificatesResolvers.dns-cloudflare.acme.email=$CLOUDFLARE_EMAIL
  74.       - --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
  75.       - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
  76.       - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
  77.       - --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.delayBeforeCheck=90
  78.     ports:
  79.       - target: 80
  80.         published: 80
  81.         protocol: tcp
  82.         mode: host
  83.       - target: 443
  84.         published: 443
  85.         protocol: tcp
  86.         mode: host
  87.     environment:
  88.      - CF_API_EMAIL=$CLOUDFLARE_EMAIL
  89.       - CF_API_KEY=$CLOUDFLARE_API_KEY
  90.       - DOMAINNAME_CLOUD_SERVER
  91.     volumes:
  92.      - $DOCKERDIR/appdata/traefik2/rules/cloudserver:/rules
  93.       - /var/run/docker.sock:/var/run/docker.sock:ro
  94.       - $DOCKERDIR/appdata/traefik2/acme/acme.json:/acme.json
  95.       - $DOCKERDIR/logs/cloudserver/traefik:/logs
  96.       - $DOCKERDIR/shared:/shared
  97.     labels:
  98.      - traefik.enable=true
  99.       - traefik.http.routers.http-catchall.entrypoints=http
  100.       - traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)
  101.       - traefik.http.routers.http-catchall.middlewares=redirect-to-https
  102.       - traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https
  103.       - traefik.http.routers.traefik-rtr.entrypoints=https
  104.       - traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAINNAME_CLOUD_SERVER`)
  105.       - traefik.http.routers.traefik-rtr.tls=true
  106.       - traefik.http.routers.traefik-rtr.tls.certresolver=dns-cloudflare
  107.       - traefik.http.routers.traefik-rtr.tls.domains[0].main=$DOMAINNAME_CLOUD_SERVER
  108.       - traefik.http.routers.traefik-rtr.tls.domains[0].sans=*.$DOMAINNAME_CLOUD_SERVER
  109.       - traefik.http.routers.traefik-rtr.service=api@internal
  110.       - traefik.http.routers.traefik-rtr.middlewares=chain-basic-auth@file
  111.       - traefik.http.routers.traefik-rtr.middlewares=middlewares-basic-auth@file
  112.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!