Skip to content
Snippets Groups Projects
Verified Commit 6a99c268 authored by David Beniamine's avatar David Beniamine
Browse files

Fix install traefik

parent 9646617d
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 53 additions and 16 deletions
installTraefik.sh
+ 53
16
View file @ 6a99c268
......@@ -16,28 +16,14 @@ services:
traefik:
image: "traefik:v2.3"
container_name: "traefik"
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.web.http.redirections.entrypoint.permanent=true"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=${SERVER_ADMIN}"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./traefik.toml:/etc/traefik/traefik.toml"
- "./config:/config"
networks:
- traefik
restart: always
......@@ -45,6 +31,57 @@ services:
networks:
traefik:
external: true
EOF
mkdir -p /home/dockerweb/traefik/config
cat <<EOF > /home/dockerweb/traefik/traefik.toml
[global]
checkNewVersion = true
sendAnonymousUsage = false
[entryPoints]
[entryPoints.websecure]
address = ":443"
[entryPoints.websecure.http.tls]
certResolver = "myresolver"
[entryPoints.web]
address = ":80"
[entryPoints.web.http.redirections]
[entryPoints.web.http.redirections.entryPoint]
permanent = true
to = "websecure"
[certificatesResolvers.myresolver.acme]
email = "admin@tetras-libre.fr"
storage = "acme.json"
[certificatesResolvers.myresolver.acme.httpChallenge]
# used during the challenge
entryPoint = "web"
[providers.docker]
exposedByDefault = false
network = "traefik"
[providers.file]
directory = "/config/"
EOF
cat <<EOF > /home/dockerweb/traefik/config/tls.yml
tls:
options:
default:
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
modern-2020:
minVersion: VersionTLS13
EOF
chown -R dockerweb:dockerweb /home/dockerweb
......
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment