-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.override.yml-traefik-le
48 lines (46 loc) · 2.1 KB
/
docker-compose.override.yml-traefik-le
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# Docker Compose Override YAML fragment that allows to use letsencrypt
# with traefik for TLS.
#
# Quick Manual:
#
# - create folder `volumes/traefik/letsencrypt` that will be mounted
# into the container
# - merge this file into `docker-compose.override.yml` and override
# the `YOUR_EMAIL@YOUR_DOMAIN.com` with your email address
services:
# Configuration to override for traefik
traefik:
command:
# Default command lines, see `docker-compose.yml`.
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.web.http.redirections.entrypoint.permanent=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
# EXTRA command lines to make traefik use the config file from bind
# mount
# NOTE: update the following line
- "--certificatesresolvers.le.acme.email=YOUR_EMAIL@YOUR_DOMAIN.com"
- "--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json"
- "--certificatesresolvers.le.acme.tlschallenge=true"
volumes:
# Default volume lines.
- "/var/run/docker.sock:/var/run/docker.sock:ro"
# EXTRA volumes lines to mount the (to-be-created) configuration
# directory
- ".prod/volumes/traefik/letsencrypt:/letsencrypt:rw"
# Configuration to override for `varfish-web`.
varfish-web:
labels:
# Default labels lines for varfish-web.
- "traefik.enable=true"
- "traefik.http.middlewares.xforward.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.routers.varfish-web.entrypoints=web,websecure"
- "traefik.http.routers.varfish-web.middlewares=xforward"
- "traefik.http.routers.varfish-web.rule=HostRegexp(`{catchall:.+}`)"
- "traefik.http.services.varfish-web.loadbalancer.server.port=8080"
- "traefik.http.routers.varfish-web.tls=true"
# EXTRA labels lines for varfish-web to enable letsencrypt.
- "traefik.http.routers.varfish-web.tls.certresolver=le"