yannic/selfhosting
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

redirect to https, configure dashboard

Browse source
This commit is contained in:
Yax 2021-11-06 15:58:13 +01:00
parent 8b759e6e98
commit d3daa5a27f
3 changed files with 32 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
traefik/docker-compose.traefik-local.yml
View file

@ -3,12 +3,15 @@ version: '3'
services: services:
traefik: traefik:
container_name: traefik container_name: traefik
image: traefik:v2.2.1 image: traefik:v2.5.3
ports: ports:
- 80:80 - 80:80
- 443:443 - 443:443
- 8080:8080
expose: expose:
- 8080 - 8080
labels:
- traefik.enable=true
networks: networks:
- srv - srv
restart: unless-stopped restart: unless-stopped

20
traefik/docker-compose.traefik.yml
View file

@ -3,11 +3,11 @@ version: '3'
services: services:
traefik: traefik:
container_name: traefik container_name: traefik
image: traefik:v2.2.1 image: traefik:v2.5.3
command: command:
- --providers.docker=true - --providers.docker=true
- --providers.docker.exposedbydefault=false - --providers.docker.exposedbydefault=false
- --api=true - --api.dashboard=false
- --entrypoints.http.address=:80 - --entrypoints.http.address=:80
- --entrypoints.https.address=:443 - --entrypoints.https.address=:443
- --certificatesresolvers.letsencrypt.acme.email=${LETSENCRYPT_EMAIL} - --certificatesresolvers.letsencrypt.acme.email=${LETSENCRYPT_EMAIL}
@ -21,13 +21,13 @@ services:
environment: environment:
- GANDIV5_API_KEY=${GANDIV5_API_KEY} - GANDIV5_API_KEY=${GANDIV5_API_KEY}
labels: labels:
- traefik.enable=true #- traefik.enable=true
- traefik.http.routers.api.rule=Host(`${HOST_TRAEFIK}.${DOMAIN}`) # - traefik.http.routers.api.rule=Host(`${HOST_TRAEFIK}.${DOMAIN}`)
- traefik.http.routers.api.entrypoints=http # - traefik.http.routers.api.entrypoints=http
- traefik.http.routers.api.entrypoints=https # - traefik.http.routers.api.entrypoints=https
- traefik.http.routers.api.service=api@internal # - traefik.http.routers.api.service=api@internal
- traefik.http.routers.api.middlewares=auth # - traefik.http.routers.api.middlewares=auth
- traefik.http.middlewares.auth.basicauth.users=${BASIC_AUTH} # - traefik.http.middlewares.auth.basicauth.users=${BASIC_AUTH}
# request widlcard certificate # request widlcard certificate
- traefik.http.routers.api.tls.certresolver=letsencrypt - traefik.http.routers.api.tls.certresolver=letsencrypt
- traefik.http.routers.api.tls.domains[0].main=${DOMAIN} - traefik.http.routers.api.tls.domains[0].main=${DOMAIN}
@ -42,8 +42,6 @@ services:
ports: ports:
- 80:80 - 80:80
- 443:443 - 443:443
expose:
- 8080
networks: networks:
- srv - srv
restart: unless-stopped restart: unless-stopped

21
traefik/traefik.yml
View file

@ -16,5 +16,22 @@ providers:
docker: docker:
endpoint: unix:///var/run/docker.sock endpoint: unix:///var/run/docker.sock
watch: true watch: true
exposedByDefault: true exposedByDefault: false
defaultRule: "HostRegexp(`{{ index .Labels \"com.docker.compose.service\"}}.traefik.me`,`{{ index .Labels \"com.docker.compose.service\"}}-{dashed-ip:.*}.traefik.me`)" defaultRule: "HostRegexp(`{{ index .Labels \"com.docker.compose.service\"}}.traefik.me`,`{{ index .Labels \"com.docker.compose.service\"}}-{dashed-ip:.*}.traefik.me`)"
http:
# global redirect to https
routers:
http-catchall:
rule: "hostregexp(`{host:.+}`)"
entrypoints:
- http
middlewares:
- redirect-to-https
# middleware redirect
middlewares:
redirect-to-https:
redirectscheme:
scheme: https
permanent: true