-
Notifications
You must be signed in to change notification settings - Fork 0
/
traf.yml
55 lines (50 loc) · 2.12 KB
/
traf.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
version: '3'
services:
reverse-proxy:
image: traefik:v2.0.2
command:
- "--api.insecure=true" # set to 'false' on production
- "--api.dashboard=true" # see https://docs.traefik.io/v2.0/operations/dashboard/ #secure-mode for how to secure the dashboard
- "--api.debug=true" # enable additional endpoints for debugging and profiling
- "--providers.docker.endpoint=unix:///var/run/docker.sock"
- "--providers.docker.swarmMode=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.docker.network=traefik-public"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.letsencryptresolver.acme.httpchallenge=true"
- "--certificatesresolvers.letsencryptresolver.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.letsencryptresolver.acme.email=info@lascuolaopensourc.xyz"
- "--certificatesresolvers.letsencryptresolver.acme.storage=/letsencrypt/acme.json"
ports:
- 80:80
- 443:443
volumes:
# To persist certificates
- traefik-certificates:/letsencrypt
# So that Traefik can listen to the Docker events
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- traefik-public
deploy:
placement:
constraints:
- node.role == manager
labels:
- "traefik.enable=true"
- "traefik.http.routers.api.rule=Host(`traefik.matera3019.it`)"
- "traefik.http.routers.api.service=api@internal"
- "traefik.http.routers.api.entrypoints=websecure"
- "traefik.http.routers.api.tls.certresolver=letsencryptresolver"
- "traefik.http.services.api.loadbalancer.server.port=80"
# middleware redirect
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# global redirect to https
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
volumes:
traefik-certificates:
networks:
traefik-public:
external: true