feat: traefik ssl configuration with acme provider
This commit is contained in:
Nicolas Meienberger
Nicolas Meienberger
parent
714a0d3af9
commit
075dd516a0
6 changed files with 27 additions and 27 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
|
@ -11,6 +11,7 @@ repos/*
|
|||
!repos/.gitkeep
|
||||
apps/*
|
||||
!apps/.gitkeep
|
||||
traefik/shared
|
||||
|
||||
scripts/pacapt
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,26 @@
|
|||
version: "3.7"
|
||||
|
||||
services:
|
||||
reverse-proxy:
|
||||
container_name: reverse-proxy
|
||||
image: traefik:v2.8
|
||||
restart: always
|
||||
ports:
|
||||
- ${NGINX_PORT-80}:80
|
||||
- ${NGINX_PORT_SSL-443}:443
|
||||
- 8080:8080
|
||||
command: --providers.docker
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
- ${PWD}/traefik:/root/.config
|
||||
- ${PWD}/traefik/shared:/shared
|
||||
networks:
|
||||
- tipi_main_network
|
||||
|
||||
tipi-db:
|
||||
container_name: tipi-db
|
||||
image: postgres:latest
|
||||
user: 1000:1000
|
||||
restart: on-failure
|
||||
stop_grace_period: 1m
|
||||
volumes:
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ services:
|
|||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
- ${PWD}/traefik:/root/.config
|
||||
- ${PWD}/traefik/shared:/shared
|
||||
networks:
|
||||
- tipi_main_network
|
||||
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ services:
|
|||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
- ${PWD}/traefik:/root/.config
|
||||
- ${PWD}/traefik/shared:/shared
|
||||
networks:
|
||||
- tipi_main_network
|
||||
|
||||
|
|
|
|||
|
|
@ -1,16 +0,0 @@
|
|||
http:
|
||||
routers:
|
||||
dashboard:
|
||||
rule: PathPrefix(`/`)
|
||||
service: dashboard
|
||||
|
||||
services:
|
||||
dashboard:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- port: 3000
|
||||
|
||||
# tls:
|
||||
# certificates:
|
||||
# - certFile: "/root/.config/ssl/local-cert.pem"
|
||||
# keyFile: "/root/.config/ssl/local-key.pem"
|
||||
|
|
@ -8,23 +8,19 @@ providers:
|
|||
watch: true
|
||||
exposedByDefault: false
|
||||
|
||||
# TODO: Add TLS support
|
||||
# file:
|
||||
# filename: /root/.config/dynamic.yml
|
||||
# watch: true
|
||||
|
||||
entryPoints:
|
||||
web:
|
||||
address: ":80"
|
||||
# TODO: Redirect when TLS is working
|
||||
# http:
|
||||
# redirections:
|
||||
# entryPoint:
|
||||
# to: websecure
|
||||
# scheme: https
|
||||
websecure:
|
||||
address: ":443"
|
||||
|
||||
certificatesResolvers:
|
||||
myresolver:
|
||||
acme:
|
||||
email: acme@thisprops.com
|
||||
storage: /shared/acme.json
|
||||
httpChallenge:
|
||||
entryPoint: web
|
||||
|
||||
log:
|
||||
level: DEBUG
|
||||
|
|
|
|||
Loading…
Reference in a new issue