services/traefik_lb/docker-compose.yml

83 lines
3.0 KiB
YAML
Raw Normal View History

version: "3.8"
networks:
default:
driver: bridge
traefik:
name: ${TRAEFIK_NETWORK_NAME:-traefik}
services:
# speedtest-exporter:
# image: ghcr.io/miguelndecarvalho/speedtest-exporter:v3.2.2
# container_name: speedtest-exporter
# environment:
# # - SPEEDTEST_PORT=<speedtest-port> #optional
# - SPEEDTEST_SEVER=2023 #optional
# ports:
# - 9798:9798
# restart: unless-stopped
# labels:
# traefik.enable: 'true'
# traefik.docker.network: ${TRAEFIK_NETWORK_NAME:-traefik}
# traefik.http.routers.speedtest.rule: 'Host(`speedtest.violet.weko.io`)'
# traefik.http.routers.speedtest.entrypoints: 'websecure'
traefik:
ports:
- target: 443
published: 443
protocol: tcp
mode: host
environment:
OVH_APPLICATION_KEY: ${TRAEFIK_OVH_APPLICATION_KEY}
OVH_APPLICATION_SECRET: ${TRAEFIK_OVH_APPLICATION_SECRET}
OVH_CONSUMER_KEY: ${TRAEFIK_OVH_CONSUMER_KEY}
OVH_ENDPOINT: ovh-eu
OVH_POLLING_INTERVAL: 30
OVH_PROPAGATION_TIMEOUT: 3600
command:
# - --accesslog=true
- --api.insecure=true
- --log.level=INFO
- --global.sendanonymoususage=false
- --global.checknewversion=false
- --metrics.prometheus=true
- --pilot.dashboard=false
- --providers.docker
- --providers.docker.exposedbydefault=false
- --providers.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
- --providers.file.filename=/traefik/dynamic_conf.toml
# Redirection HTTP to HTTPS
- --entrypoints.web.address=:80
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
- --entrypoints.websecure.address=:443
# Redirection automatique https://www.* to https://*
#- --entrypoints.websecure.http.middlewares=redirect-www
- --entryPoints.traefik.address=:8080
- --certificatesresolvers.letsencrypt.acme.httpchallenge=true
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
- --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_EMAIL}
- --certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json
- --certificatesResolvers.ovh.acme.dnsChallenge=true
- --certificatesResolvers.ovh.acme.dnsChallenge.provider=ovh
# - --certificatesResolvers.ovh.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.ovh.acme.storage=/traefik/ovh.json
- --certificatesresolvers.ovh.acme.email=${TRAEFIK_EMAIL}
labels:
traefik.http.middlewares.redirect-www.redirectregex.permanent: 'true'
traefik.http.middlewares.redirect-www.redirectregex.regex: 'https://www\.(.*)'
traefik.http.middlewares.redirect-www.redirectregex.replacement: 'https://$${1}'
traefik.entrypoints.websecure.http.middlewares: '["redirect-www"]'
traefik.http.routers.traefik.entrypoints: 'websecure'
traefik.http.routers.traefik.tls.certResolver: 'letsencrypt'
traefik.http.routers.traefik.priority: '2000'