feat: traefik ssl configuration with acme provider
This commit is contained in:
Nicolas Meienberger
Nicolas Meienberger
parent
714a0d3af9
commit
075dd516a0
6 changed files with 27 additions and 27 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
|
@ -11,6 +11,7 @@ repos/*
|
||||||
!repos/.gitkeep
|
!repos/.gitkeep
|
||||||
apps/*
|
apps/*
|
||||||
!apps/.gitkeep
|
!apps/.gitkeep
|
||||||
|
traefik/shared
|
||||||
|
|
||||||
scripts/pacapt
|
scripts/pacapt
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,26 @@
|
||||||
version: "3.7"
|
version: "3.7"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
|
reverse-proxy:
|
||||||
|
container_name: reverse-proxy
|
||||||
|
image: traefik:v2.8
|
||||||
|
restart: always
|
||||||
|
ports:
|
||||||
|
- ${NGINX_PORT-80}:80
|
||||||
|
- ${NGINX_PORT_SSL-443}:443
|
||||||
|
- 8080:8080
|
||||||
|
command: --providers.docker
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
|
- ${PWD}/traefik:/root/.config
|
||||||
|
- ${PWD}/traefik/shared:/shared
|
||||||
|
networks:
|
||||||
|
- tipi_main_network
|
||||||
|
|
||||||
tipi-db:
|
tipi-db:
|
||||||
container_name: tipi-db
|
container_name: tipi-db
|
||||||
image: postgres:latest
|
image: postgres:latest
|
||||||
|
user: 1000:1000
|
||||||
restart: on-failure
|
restart: on-failure
|
||||||
stop_grace_period: 1m
|
stop_grace_period: 1m
|
||||||
volumes:
|
volumes:
|
||||||
|
|
|
||||||
|
|
@ -12,6 +12,7 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
- ${PWD}/traefik:/root/.config
|
- ${PWD}/traefik:/root/.config
|
||||||
|
- ${PWD}/traefik/shared:/shared
|
||||||
networks:
|
networks:
|
||||||
- tipi_main_network
|
- tipi_main_network
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -12,6 +12,7 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
- ${PWD}/traefik:/root/.config
|
- ${PWD}/traefik:/root/.config
|
||||||
|
- ${PWD}/traefik/shared:/shared
|
||||||
networks:
|
networks:
|
||||||
- tipi_main_network
|
- tipi_main_network
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,16 +0,0 @@
|
||||||
http:
|
|
||||||
routers:
|
|
||||||
dashboard:
|
|
||||||
rule: PathPrefix(`/`)
|
|
||||||
service: dashboard
|
|
||||||
|
|
||||||
services:
|
|
||||||
dashboard:
|
|
||||||
loadBalancer:
|
|
||||||
servers:
|
|
||||||
- port: 3000
|
|
||||||
|
|
||||||
# tls:
|
|
||||||
# certificates:
|
|
||||||
# - certFile: "/root/.config/ssl/local-cert.pem"
|
|
||||||
# keyFile: "/root/.config/ssl/local-key.pem"
|
|
||||||
|
|
@ -8,23 +8,19 @@ providers:
|
||||||
watch: true
|
watch: true
|
||||||
exposedByDefault: false
|
exposedByDefault: false
|
||||||
|
|
||||||
# TODO: Add TLS support
|
|
||||||
# file:
|
|
||||||
# filename: /root/.config/dynamic.yml
|
|
||||||
# watch: true
|
|
||||||
|
|
||||||
entryPoints:
|
entryPoints:
|
||||||
web:
|
web:
|
||||||
address: ":80"
|
address: ":80"
|
||||||
# TODO: Redirect when TLS is working
|
|
||||||
# http:
|
|
||||||
# redirections:
|
|
||||||
# entryPoint:
|
|
||||||
# to: websecure
|
|
||||||
# scheme: https
|
|
||||||
websecure:
|
websecure:
|
||||||
address: ":443"
|
address: ":443"
|
||||||
|
|
||||||
|
certificatesResolvers:
|
||||||
|
myresolver:
|
||||||
|
acme:
|
||||||
|
email: acme@thisprops.com
|
||||||
|
storage: /shared/acme.json
|
||||||
|
httpChallenge:
|
||||||
|
entryPoint: web
|
||||||
|
|
||||||
log:
|
log:
|
||||||
level: DEBUG
|
level: DEBUG
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue