Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ### traefik/docker-compose.yml
- version: '3'
- services:
- main:
- image: traefik:latest
- restart: unless-stopped
- security_opt:
- - no-new-privileges:true
- command:
- - "--log.level=DEBUG"
- networks:
- - webproxy
- ports:
- - 80:80
- - 443:443
- volumes:
- - /etc/localtime:/etc/localtime:ro
- - /var/run/docker.sock:/var/run/docker.sock:ro
- - ./data/traefik.yml:/traefik.yml:ro
- - ./data/acme.json:/acme.json
- deploy:
- mode: global
- placement:
- constraints:
- - node.role == manager
- update_config:
- parallelism: 1
- delay: 10s
- restart_policy:
- condition: on-failure
- labels:
- - "traefik.enable=false"
- - "traefik.http.routers.traefik.entrypoints=http"
- - "traefik.http.routers.traefik.rule=Host(`traefik.mydomain.com`)"
- # generate user:password with echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g
- - "traefik.http.middlewares.traefik-auth.basicauth.users=admin:password-hash"
- - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- - "traefik.http.routers.traefik-secure.entrypoints=https"
- - "traefik.http.routers.traefik-secure.rule=Host(`traefik.mydomain.com`)"
- - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
- - "traefik.http.routers.traefik-secure.tls=true"
- - "traefik.http.routers.traefik-secure.tls.certresolver=http"
- - "traefik.http.routers.traefik-secure.service=api@internal"
- - "traefik.http.services.traefik-secure.loadbalancer.server.port=8080"
- networks:
- webproxy:
- external: true
- ### traefik/data/traefik.yml
- api:
- dashboard: true
- entryPoints:
- http:
- address: ":80"
- https:
- address: ":443"
- log:
- level: DEBUG
- providers:
- docker:
- endpoint: "unix:///var/run/docker.sock"
- #endpoint: "tcp://127.0.0.1:2375"
- swarmMode: true
- exposedByDefault: false
- network: webproxy
- certificatesResolvers:
- http:
- acme:
- email: hostmaster@mydomain.com
- storage: acme.json
- tlsChallenge: true
- #httpChallenge:
- # entryPoint: http
- ### portainer/docker-compose.yml
- version: "3"
- services:
- main:
- image: portainer/portainer
- volumes:
- - ./data:/data
- networks:
- - internal
- - webproxy
- deploy:
- labels:
- - "traefik.enable=true"
- - "traefik.http.services.portainer.loadbalancer.server.port=9000"
- - "traefik.http.routers.portainer.entrypoints=http"
- - "traefik.http.routers.portainer.rule=Host(`portainer.mydomain.com`)"
- - "traefik.http.middlewares.portainer-https-redirect.redirectscheme.scheme=https"
- - "traefik.http.routers.portainer.middlewares=portainer-https-redirect"
- - "traefik.http.routers.portainer-secure.entrypoints=https"
- - "traefik.http.routers.portainer-secure.rule=Host(`portainer.mydomain.com`)"
- - "traefik.http.routers.portainer-secure.tls=true"
- - "traefik.http.routers.portainer-secure.tls.certresolver=http"
- placement:
- constraints:
- - node.role == manager
- update_config:
- parallelism: 1
- delay: 10s
- restart_policy:
- condition: on-failure
- command: -H tcp://tasks.agent:9001 --tlsskipverify
- agent:
- image: portainer/agent
- networks:
- - internal
- environment:
- AGENT_CLUSTER_ADDR: tasks.agent
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- deploy:
- mode: global
- networks:
- webproxy:
- external: true
- internal:
- driver: overlay
Add Comment
Please, Sign In to add comment