Compare commits
1 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
e1c3f4d2b9 |
@ -1,4 +1,4 @@
|
|||||||
version: "3.9"
|
version: "1.0"
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
default:
|
default:
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
version: "3.9"
|
version: "3.8"
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
default:
|
default:
|
||||||
@ -23,10 +23,10 @@ services:
|
|||||||
- "traefik.docker.network=${TRAEFIK_NETWORK}"
|
- "traefik.docker.network=${TRAEFIK_NETWORK}"
|
||||||
|
|
||||||
# HTTP -> HTTPS
|
# HTTP -> HTTPS
|
||||||
- "traefik.http.routers.http-catchall.entrypoints=web"
|
#- "traefik.http.routers.http-catchall.entrypoints=web"
|
||||||
- "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
|
#- "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
|
||||||
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
|
#- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
|
||||||
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
#- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
||||||
|
|
||||||
# HTTPS Routers
|
# HTTPS Routers
|
||||||
- "traefik.http.routers.${PROJECT_NAME}_traefik.rule=Host(`${PROJECT_URL}`)"
|
- "traefik.http.routers.${PROJECT_NAME}_traefik.rule=Host(`${PROJECT_URL}`)"
|
||||||
|
2
init
2
init
@ -6,8 +6,6 @@ mkdir tls-data
|
|||||||
|
|
||||||
docker network create $TRAEFIK_NETWORK
|
docker network create $TRAEFIK_NETWORK
|
||||||
|
|
||||||
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./tls-data/selfsigned.key -out ./tls-data/selfsigned.crt
|
|
||||||
|
|
||||||
docker compose up -d
|
docker compose up -d
|
||||||
docker compose -f docker-compose-whoami.yml up -d
|
docker compose -f docker-compose-whoami.yml up -d
|
||||||
|
|
||||||
|
12
tls.yml
12
tls.yml
@ -12,16 +12,18 @@ tls:
|
|||||||
stores:
|
stores:
|
||||||
default:
|
default:
|
||||||
defaultCertificate:
|
defaultCertificate:
|
||||||
certFile: /tls/selfsigned.crt
|
certFile: /tls/CF-altogether.at.crt
|
||||||
keyFile: /tls/selfsigned.key
|
keyFile: /tls/CF-altogether.at.key
|
||||||
certificates:
|
certificates:
|
||||||
- certFile: /tls/selfsigned.crt
|
- certFile: /tls/CF-altogether.at.crt
|
||||||
keyFile: /tls/selfsigned.key
|
keyFile: /tls/CF-altogether.at.key
|
||||||
|
|
||||||
|
- certFile: /tls/wordpress.localhost.crt
|
||||||
|
keyFile: /tls/wordpress.localhost.key
|
||||||
options:
|
options:
|
||||||
default:
|
default:
|
||||||
clientAuth:
|
clientAuth:
|
||||||
# in PEM format. each file can contain multiple CAs.
|
# in PEM format. each file can contain multiple CAs.
|
||||||
caFiles:
|
caFiles:
|
||||||
- /tls/selfsigned.crt
|
- /tls/server.crt
|
||||||
clientAuthType: VerifyClientCertIfGiven
|
clientAuthType: VerifyClientCertIfGiven
|
@ -28,6 +28,8 @@ entryPoints:
|
|||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
- secureHeaders@file
|
- secureHeaders@file
|
||||||
|
minecraft:
|
||||||
|
address: ':25565/tcp'
|
||||||
ssh:
|
ssh:
|
||||||
address: ":22"
|
address: ":22"
|
||||||
|
|
||||||
@ -35,6 +37,9 @@ providers:
|
|||||||
docker:
|
docker:
|
||||||
endpoint: "unix:///var/run/docker.sock"
|
endpoint: "unix:///var/run/docker.sock"
|
||||||
exposedByDefault: false
|
exposedByDefault: false
|
||||||
|
# endpoint: "tcp://dockerproxy:2375"
|
||||||
|
# swarmMode: false
|
||||||
|
# network: "socket_proxy"
|
||||||
file:
|
file:
|
||||||
watch: true
|
watch: true
|
||||||
directory: "/etc/traefik/dynamic_conf"
|
directory: "/etc/traefik/dynamic_conf"
|
||||||
@ -42,6 +47,6 @@ providers:
|
|||||||
certificatesresolvers:
|
certificatesresolvers:
|
||||||
le:
|
le:
|
||||||
acme:
|
acme:
|
||||||
email: "rama@altogether.at"
|
email: "raphy.martin@protonmail.ch"
|
||||||
storage: "/certificates/acme.json"
|
storage: "/certificates/acme.json"
|
||||||
tlschallenge: true
|
tlschallenge: true
|
Loading…
Reference in New Issue
Block a user