Skip to content
Snippets Groups Projects
Verified Commit 251f8eaa authored by David Beniamine's avatar David Beniamine
Browse files

Initial commit

parents
No related branches found
No related tags found
No related merge requests found
HOST=traefik.FQDN
acme.json
log
# Traefik
## Install
```
cp .env.sample .env
# Change FQDN
cp docker-compose.yml.sample docker-compose.yml
# Change auth in docker-compose
docker-compose up -d
```
tls:
options:
default:
minVersion: VersionTLS12
cipherSuites:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
modern-2020:
minVersion: VersionTLS13
version: "3.3"
services:
traefik:
image: "traefik:v2.3"
container_name: "traefik"
ports:
- "80:80"
- "443:443"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "./traefik.toml:/etc/traefik/traefik.toml"
- "./config:/config"
- "./acme.json:/acme.json"
- "./log:/var/log"
networks:
- traefik
restart: always
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik"
- "traefik.http.routers.traefikapi.rule=Host(`${HOST}`)"
- "traefik.http.routers.traefikapi.service=api@internal"
- "traefik.http.routers.traefikapi.tls.certresolver=myresolver"
- "traefik.http.routers.traefikapi.entrypoints=web,websecure"
- "traefik.http.routers.traefikapi.middlewares=traefikapi@docker" # uncomment me ,auth"
# uncomment me - "traefik.http.middlewares.auth.basicauth.users=user:htpassword with $ doubled and final ."
- "traefik.http.middlewares.traefikapi.headers.forceSTSHeader=true"
- "traefik.http.middlewares.traefikapi.headers.stsIncludeSubdomains=true"
- "traefik.http.middlewares.traefikapi.headers.stsSeconds=31536000"
networks:
traefik:
external: true
[global]
checkNewVersion = true
sendAnonymousUsage = false
[accessLog]
filePath = "/var/log/access.log"
bufferingSize = 20
[traefikLog]
filePath = "/var/log/traefik.log"
[accessLog.filters]
statusCodes = ["400-599"]
[api]
dashboard = true
[entryPoints]
[entryPoints.websecure]
address = ":443"
[entryPoints.websecure.http.tls]
certResolver = "myresolver"
[entryPoints.web]
address = ":80"
[entryPoints.web.http.redirections]
[entryPoints.web.http.redirections.entryPoint]
permanent = true
to = "websecure"
[certificatesResolvers.myresolver.acme]
email = "adminemail"
storage = "acme.json"
[certificatesResolvers.myresolver.acme.httpChallenge]
# used during the challenge
entryPoint = "web"
[providers.docker]
exposedByDefault = false
network = "traefik"
[providers.file]
directory = "/config/"
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment