feat(Traefik): Add ovh, secure, redirect configuration

2021-11-11 09:53:00 +01:00
parent 39c2022925
commit 165d984b35
3 changed files with 56 additions and 0 deletions
--- a/traefik/docker-compose.ovh.yml
+++ b/traefik/docker-compose.ovh.yml
@@ -0,0 +1,17 @@
+version: "3.8"
+
+services:
+  traefik:
+    environment:
+      OVH_APPLICATION_KEY: ${TRAEFIK_OVH_APPLICATION_KEY}
+      OVH_APPLICATION_SECRET: ${TRAEFIK_OVH_APPLICATION_SECRET}
+      OVH_CONSUMER_KEY: ${TRAEFIK_OVH_CONSUMER_KEY}
+      OVH_ENDPOINT: ${OVH_ENDPOINT:-ovh-eu}
+      OVH_POLLING_INTERVAL: ${OVH_POLLING_INTERVAL:-30}
+      OVH_PROPAGATION_TIMEOUT: ${OVH_PROPAGATION_TIMEOUT:-3600}
+    command:
+      - --certificatesResolvers.ovh.acme.dnsChallenge=true
+      - --certificatesResolvers.ovh.acme.dnsChallenge.provider=ovh
+      # - --certificatesResolvers.ovh.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
+      - --certificatesresolvers.ovh.acme.storage=/traefik/ovh.json
+      - --certificatesresolvers.ovh.acme.email=${TRAEFIK_EMAIL}
--- a/traefik/docker-compose.redirect.yml
+++ b/traefik/docker-compose.redirect.yml
@@ -0,0 +1,14 @@
+version: "3.8"
+
+services:
+  traefik:
+    command:
+      # Redirection HTTP to HTTPS
+      - --entrypoints.web.http.redirections.entrypoint.to=websecure
+      - --entrypoints.web.http.redirections.entrypoint.scheme=https
+    labels:
+      # Redirection to remove www.
+      traefik.http.middlewares.redirect-www.redirectregex.permanent: 'true'
+      traefik.http.middlewares.redirect-www.redirectregex.regex: 'https://www\.(.*)'
+      traefik.http.middlewares.redirect-www.redirectregex.replacement: 'https://$${1}'
+      traefik.entrypoints.websecure.http.middlewares: '["redirect-www"]'
--- a/traefik/docker-compose.secure.yml
+++ b/traefik/docker-compose.secure.yml
@@ -0,0 +1,25 @@
+version: "3.8"
+
+networks:
+  default:
+    driver: bridge
+
+services:
+  ports:
+    - target: 443
+      published: 443
+      protocol: tcp
+      mode: host
+  command:
+    - --providers.file.filename=/traefik/dynamic_conf.toml
+
+    - --entrypoints.websecure.address=:443
+
+    - --certificatesresolvers.letsencrypt.acme.httpchallenge=true
+    - --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
+    - --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_EMAIL}
+    - --certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json
+  labels:
+      traefik.http.routers.traefik.entrypoints: 'websecure'
+      traefik.http.routers.traefik.tls.certResolver: 'letsencrypt'
+      traefik.http.routers.traefik.priority: '2000'