a2g_dockerized/traefik
Template
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: a2g_dockerized:main
Branches Tags
a2g_dockerized:main
a2g_dockerized:testing
..
compare: a2g_dockerized:testing
Branches Tags
a2g_dockerized:main
a2g_dockerized:testing

1 Commits
main ... testing

Author SHA1 Message Date
Raphael Martin
e1c3f4d2b9 changed licens wrong name 2024-01-05 21:05:21 +01:00
6 changed files with 21 additions and 16 deletions
Show Stats Expand all files Collapse all files

2
docker-compose-whoami.yml
View File

@ -1,4 +1,4 @@
version: "3.9" version: "1.0"
networks: networks:
default: default:

10
docker-compose.yml
View File

@ -1,4 +1,4 @@
version: "3.9" version: "3.8"
networks: networks:
default: default:
@ -23,10 +23,10 @@ services:
- "traefik.docker.network=${TRAEFIK_NETWORK}" - "traefik.docker.network=${TRAEFIK_NETWORK}"
# HTTP -> HTTPS # HTTP -> HTTPS
- "traefik.http.routers.http-catchall.entrypoints=web" #- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)" #- "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https" #- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" #- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# HTTPS Routers # HTTPS Routers
- "traefik.http.routers.${PROJECT_NAME}_traefik.rule=Host(`${PROJECT_URL}`)" - "traefik.http.routers.${PROJECT_NAME}_traefik.rule=Host(`${PROJECT_URL}`)"

2
init
View File

@ -6,8 +6,6 @@ mkdir tls-data
docker network create $TRAEFIK_NETWORK docker network create $TRAEFIK_NETWORK
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./tls-data/selfsigned.key -out ./tls-data/selfsigned.crt
docker compose up -d docker compose up -d
docker compose -f docker-compose-whoami.yml up -d docker compose -f docker-compose-whoami.yml up -d

12
tls.yml
View File

@ -12,16 +12,18 @@ tls:
stores: stores:
default: default:
defaultCertificate: defaultCertificate:
certFile: /tls/selfsigned.crt certFile: /tls/CF-altogether.at.crt
keyFile: /tls/selfsigned.key keyFile: /tls/CF-altogether.at.key
certificates: certificates:
- certFile: /tls/selfsigned.crt - certFile: /tls/CF-altogether.at.crt
keyFile: /tls/selfsigned.key keyFile: /tls/CF-altogether.at.key
- certFile: /tls/wordpress.localhost.crt
keyFile: /tls/wordpress.localhost.key
options: options:
default: default:
clientAuth: clientAuth:
# in PEM format. each file can contain multiple CAs. # in PEM format. each file can contain multiple CAs.
caFiles: caFiles:
- /tls/selfsigned.crt - /tls/server.crt
clientAuthType: VerifyClientCertIfGiven clientAuthType: VerifyClientCertIfGiven

7
traefik.yml
View File

@ -28,6 +28,8 @@ entryPoints:
http: http:
middlewares: middlewares:
- secureHeaders@file - secureHeaders@file
minecraft:
address: ':25565/tcp'
ssh: ssh:
address: ":22" address: ":22"
@ -35,6 +37,9 @@ providers:
docker: docker:
endpoint: "unix:///var/run/docker.sock" endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false exposedByDefault: false
# endpoint: "tcp://dockerproxy:2375"
# swarmMode: false
# network: "socket_proxy"
file: file:
watch: true watch: true
directory: "/etc/traefik/dynamic_conf" directory: "/etc/traefik/dynamic_conf"
@ -42,6 +47,6 @@ providers:
certificatesresolvers: certificatesresolvers:
le: le:
acme: acme:
email: "rama@altogether.at" email: "raphy.martin@protonmail.ch"
storage: "/certificates/acme.json" storage: "/certificates/acme.json"
tlschallenge: true tlschallenge: true