74 lines
2.7 KiB
YAML
74 lines
2.7 KiB
YAML
networks:
|
|
t3_proxy:
|
|
name: t3_proxy
|
|
driver: bridge
|
|
ipam:
|
|
config:
|
|
- subnet: 192.168.90.0/24
|
|
|
|
services:
|
|
traefik:
|
|
container_name: traefik
|
|
image: traefik:3.6.6
|
|
restart: unless-stopped
|
|
env_file:
|
|
- ./.env
|
|
networks:
|
|
t3_proxy:
|
|
ipv4_address: 192.168.90.254
|
|
command:
|
|
- --entrypoints.web.address=:80
|
|
- --entrypoints.websecure.address=:443
|
|
- --entrypoints.traefik.address=:8080
|
|
- --entrypoints.websecure.http.tls=true
|
|
# The following two options redirects http request at port 80 to https
|
|
- --entrypoints.web.http.redirections.entrypoint.to=websecure
|
|
- --entrypoints.web.http.redirections.entrypoint.scheme=https
|
|
- --entrypoints.web.http.redirections.entrypoint.permanent=true
|
|
- --api=true
|
|
- --api.dashboard=true
|
|
# - --api.insecure=true
|
|
- --log=true
|
|
- --log.filePath=/logs/traefik.log
|
|
- --log.level=DEBUG
|
|
- --accessLog=true
|
|
- --accessLog.filePath=/logs/access.log
|
|
- --accessLog.bufferingSize=100
|
|
- --accessLog.filters.statusCodes=204-299,400-499,500-599
|
|
- --providers.docker=true
|
|
- --providers.docker.network=t3_proxy
|
|
- --entrypoints.websecure.http.tls.options=tls-opts@file
|
|
- --entrypoints.websecure.http.tls.certresolver=dns-cloudflare
|
|
- --entrypoints.websecure.http.tls.domains[0].main=$DOMAINNAME
|
|
- --entrypoints.websecure.http.tls.domains[0].sans=*.$DOMAINNAME
|
|
- --providers.file.directory=/rules
|
|
- --providers.file.watch=true
|
|
- --certificatesresolvers.dns-cloudflare.acme.email=${CLOUDFLARE_EMAIL}
|
|
- --certificatesResolvers.dns-cloudflare.acme.storage=/acme.json
|
|
- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.provider=cloudflare
|
|
- --certificatesResolvers.dns-cloudflare.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53
|
|
ports:
|
|
# - 80:80
|
|
- 443:443
|
|
- 8080:8080
|
|
volumes:
|
|
- ./traefik-rules.yaml:/rules/traefik-rules.yaml
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- $DOCKERDIR/appdata/traefik/acme/acme.json:/acme.json
|
|
- $DOCKERDIR/logs/traefik:/logs
|
|
environment:
|
|
- PUID=${PUID}
|
|
- PGID=${PGID}
|
|
- TZ=$TZ
|
|
- CF_DNS_API_TOKEN=${CLOUDFLARE_TOKEN}
|
|
- DOMAINNAME=${DOMAINNAME}
|
|
- CLOUDFLARE_EMAIL=${CLOUDFLARE_EMAIL}
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.dashboard.tls=true"
|
|
- "traefik.http.routers.api.entrypoints=websecure"
|
|
- "traefik.http.routers.api.rule=Host(`traefik.${DOMAINNAME}`)"
|
|
- "traefik.http.routers.api.service=api@internal"
|
|
# Middlewares
|
|
- "traefik.http.routers.api.middlewares=middlewares-rate-limit@file,middlewares-secure-headers@file"
|