83 lines
3.0 KiB
YAML
83 lines
3.0 KiB
YAML
|
version: "3.8"
|
||
|
|
||
|
networks:
|
||
|
default:
|
||
|
driver: bridge
|
||
|
traefik:
|
||
|
name: ${TRAEFIK_NETWORK_NAME:-traefik}
|
||
|
|
||
|
services:
|
||
|
# speedtest-exporter:
|
||
|
# image: ghcr.io/miguelndecarvalho/speedtest-exporter:v3.2.2
|
||
|
# container_name: speedtest-exporter
|
||
|
# environment:
|
||
|
# # - SPEEDTEST_PORT=<speedtest-port> #optional
|
||
|
# - SPEEDTEST_SEVER=2023 #optional
|
||
|
# ports:
|
||
|
# - 9798:9798
|
||
|
# restart: unless-stopped
|
||
|
# labels:
|
||
|
# traefik.enable: 'true'
|
||
|
# traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik}
|
||
|
# traefik.http.routers.speedtest.rule: 'Host(`speedtest.violet.weko.io`)'
|
||
|
# traefik.http.routers.speedtest.entrypoints: 'websecure'
|
||
|
|
||
|
traefik:
|
||
|
ports:
|
||
|
- target: 443
|
||
|
published: 443
|
||
|
protocol: tcp
|
||
|
mode: host
|
||
|
environment:
|
||
|
OVH_APPLICATION_KEY: ${TRAEFIK_OVH_APPLICATION_KEY}
|
||
|
OVH_APPLICATION_SECRET: ${TRAEFIK_OVH_APPLICATION_SECRET}
|
||
|
OVH_CONSUMER_KEY: ${TRAEFIK_OVH_CONSUMER_KEY}
|
||
|
OVH_ENDPOINT: ovh-eu
|
||
|
OVH_POLLING_INTERVAL: 30
|
||
|
OVH_PROPAGATION_TIMEOUT: 3600
|
||
|
command:
|
||
|
# - --accesslog=true
|
||
|
- --api.insecure=true
|
||
|
- --log.level=INFO
|
||
|
- --global.sendanonymoususage=false
|
||
|
- --global.checknewversion=false
|
||
|
- --metrics.prometheus=true
|
||
|
- --pilot.dashboard=false
|
||
|
|
||
|
- --providers.docker
|
||
|
- --providers.docker.exposedbydefault=false
|
||
|
- --providers.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
||
|
- --providers.file.filename=/traefik/dynamic_conf.toml
|
||
|
|
||
|
# Redirection HTTP to HTTPS
|
||
|
- --entrypoints.web.address=:80
|
||
|
- --entrypoints.web.http.redirections.entrypoint.to=websecure
|
||
|
- --entrypoints.web.http.redirections.entrypoint.scheme=https
|
||
|
- --entrypoints.websecure.address=:443
|
||
|
|
||
|
# Redirection automatique https://www.* to https://*
|
||
|
#- --entrypoints.websecure.http.middlewares=redirect-www
|
||
|
|
||
|
- --entryPoints.traefik.address=:8080
|
||
|
|
||
|
- --certificatesresolvers.letsencrypt.acme.httpchallenge=true
|
||
|
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
|
||
|
- --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_EMAIL}
|
||
|
- --certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json
|
||
|
|
||
|
- --certificatesResolvers.ovh.acme.dnsChallenge=true
|
||
|
- --certificatesResolvers.ovh.acme.dnsChallenge.provider=ovh
|
||
|
# - --certificatesResolvers.ovh.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
|
||
|
- --certificatesresolvers.ovh.acme.storage=/traefik/ovh.json
|
||
|
- --certificatesresolvers.ovh.acme.email=${TRAEFIK_EMAIL}
|
||
|
labels:
|
||
|
traefik.http.middlewares.redirect-www.redirectregex.permanent: 'true'
|
||
|
traefik.http.middlewares.redirect-www.redirectregex.regex: 'https://www\.(.*)'
|
||
|
traefik.http.middlewares.redirect-www.redirectregex.replacement: 'https://$${1}'
|
||
|
traefik.entrypoints.websecure.http.middlewares: '["redirect-www"]'
|
||
|
|
||
|
traefik.http.routers.traefik.entrypoints: 'websecure'
|
||
|
traefik.http.routers.traefik.tls.certResolver: 'letsencrypt'
|
||
|
traefik.http.routers.traefik.priority: '2000'
|
||
|
|