Merge pull request 'feat(traefik_lb): Add a Traefik LB configuration' (#6) from traefik-lb into main
Reviewed-on: https://git.weko.io/resilien/services/pulls/6
This commit is contained in:
commit
bed39a6286
|
@ -0,0 +1,17 @@
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
traefik:
|
||||||
|
environment:
|
||||||
|
OVH_APPLICATION_KEY: ${TRAEFIK_OVH_APPLICATION_KEY}
|
||||||
|
OVH_APPLICATION_SECRET: ${TRAEFIK_OVH_APPLICATION_SECRET}
|
||||||
|
OVH_CONSUMER_KEY: ${TRAEFIK_OVH_CONSUMER_KEY}
|
||||||
|
OVH_ENDPOINT: ${OVH_ENDPOINT:-ovh-eu}
|
||||||
|
OVH_POLLING_INTERVAL: ${OVH_POLLING_INTERVAL:-30}
|
||||||
|
OVH_PROPAGATION_TIMEOUT: ${OVH_PROPAGATION_TIMEOUT:-3600}
|
||||||
|
command:
|
||||||
|
- --certificatesResolvers.ovh.acme.dnsChallenge=true
|
||||||
|
- --certificatesResolvers.ovh.acme.dnsChallenge.provider=ovh
|
||||||
|
# - --certificatesResolvers.ovh.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
|
||||||
|
- --certificatesresolvers.ovh.acme.storage=/traefik/ovh.json
|
||||||
|
- --certificatesresolvers.ovh.acme.email=${TRAEFIK_EMAIL}
|
|
@ -0,0 +1,14 @@
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
traefik:
|
||||||
|
command:
|
||||||
|
# Redirection HTTP to HTTPS
|
||||||
|
- --entrypoints.web.http.redirections.entrypoint.to=websecure
|
||||||
|
- --entrypoints.web.http.redirections.entrypoint.scheme=https
|
||||||
|
labels:
|
||||||
|
# Redirection to remove www.
|
||||||
|
traefik.http.middlewares.redirect-www.redirectregex.permanent: 'true'
|
||||||
|
traefik.http.middlewares.redirect-www.redirectregex.regex: 'https://www\.(.*)'
|
||||||
|
traefik.http.middlewares.redirect-www.redirectregex.replacement: 'https://$${1}'
|
||||||
|
traefik.entrypoints.websecure.http.middlewares: '["redirect-www"]'
|
|
@ -0,0 +1,25 @@
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
networks:
|
||||||
|
default:
|
||||||
|
driver: bridge
|
||||||
|
|
||||||
|
services:
|
||||||
|
ports:
|
||||||
|
- target: 443
|
||||||
|
published: 443
|
||||||
|
protocol: tcp
|
||||||
|
mode: host
|
||||||
|
command:
|
||||||
|
- --providers.file.filename=/traefik/dynamic_conf.toml
|
||||||
|
|
||||||
|
- --entrypoints.websecure.address=:443
|
||||||
|
|
||||||
|
- --certificatesresolvers.letsencrypt.acme.httpchallenge=true
|
||||||
|
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
|
||||||
|
- --certificatesresolvers.letsencrypt.acme.email=${TRAEFIK_EMAIL}
|
||||||
|
- --certificatesresolvers.letsencrypt.acme.storage=/traefik/acme.json
|
||||||
|
labels:
|
||||||
|
traefik.http.routers.traefik.entrypoints: 'websecure'
|
||||||
|
traefik.http.routers.traefik.tls.certResolver: 'letsencrypt'
|
||||||
|
traefik.http.routers.traefik.priority: '2000'
|
|
@ -15,7 +15,7 @@ services:
|
||||||
restart: always
|
restart: always
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
- ${TRAEFIK_VOLUME_NAME:-traefik}:/traefik
|
- traefik:/traefik
|
||||||
- /etc/timezone:/etc/timezone:ro
|
- /etc/timezone:/etc/timezone:ro
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
ports:
|
ports:
|
||||||
|
@ -24,19 +24,22 @@ services:
|
||||||
protocol: tcp
|
protocol: tcp
|
||||||
mode: host
|
mode: host
|
||||||
networks:
|
networks:
|
||||||
- ${TRAEFIK_NETWORK_NAME:-traefik}
|
- traefik
|
||||||
command:
|
command:
|
||||||
- --api.insecure=true
|
- --api.insecure=${TRAEFIK_API_INSECURE:-true}
|
||||||
- --log.level=INFO
|
- --log.level=${TRAEFIK_LOG_LEVEL:-INFO}
|
||||||
- --global.sendanonymoususage=false
|
- --global.sendanonymoususage=${TRAEFIK_GLOBAL_SENDANONYMOUSUSAGE:-false}
|
||||||
- --global.checknewversion=false
|
- --global.checknewversion=${TRAEFIK_GLOBAL_CHECKNEWVERSION:-false}
|
||||||
- --pilot.dashboard=false
|
- --pilot.dashboard=${TRAEFIK_PILOT_DASHBOARD:-false}
|
||||||
- --metrics.prometheus=true
|
- --metrics.prometheus=${TRAEFIK_METRICS_PROMETHEUS:-true}
|
||||||
|
- --accesslog=${TRAEFIK_ACCESSLOG:-false}
|
||||||
|
|
||||||
- --providers.docker
|
- --providers.docker
|
||||||
- --providers.docker.exposedbydefault=false
|
- --providers.docker.exposedbydefault=false
|
||||||
- --providers.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
- --providers.docker.network=${TRAEFIK_NETWORK_NAME:-traefik}
|
||||||
|
|
||||||
|
- --entryPoints.traefik.address=:8080
|
||||||
|
|
||||||
- --entrypoints.web.address=:80
|
- --entrypoints.web.address=:80
|
||||||
- --entryPoints.web.forwardedHeaders.insecure
|
- --entryPoints.web.forwardedHeaders.insecure
|
||||||
labels:
|
labels:
|
||||||
|
|
Loading…
Reference in New Issue