docker-compose.yaml de traefik:
version: "3.7"
networks:
traefik:
name: traefik
services:
traefik:
image: "traefik:latest"
container_name: "traefik"
networks:
- traefik
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.docker.useBindPortIP=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myhttpchallenge.acme.email=mail@domaine.com"
- "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
Exemple avec un container whoamiChallenge Let's Encrypt http
version: "3.7"
services:
whoami:
image: "containous/whoami"
container_name: "simple-service"
networks:
- traefik
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.https-only-whoami.redirectscheme.scheme=https"
- "traefik.http.routers.whoami.middlewares=https-only-whoami"
- "traefik.http.routers.whoami.rule=Host(`xxx.domaine.com`)"
- "traefik.http.routers.whoami.entrypoints=web"
- "traefik.http.routers.whoami-secured.rule=Host(`xxx.domaine.com`)"
- "traefik.http.routers.whoami-secured.entrypoints=websecure"
- "traefik.http.routers.whoami-secured.tls=true"
- "traefik.http.routers.whoami-secured.tls.certresolver=myhttpchallenge"
networks:
traefik:
external: true
Attention, pour la redirection, le nom du middlewares doit être unique.Pour ma part, je l'ai appelé https-only-whoami
Pour un autre container https-only-container2
Par exemple, dans la capture suivante du dashboard de traefik, ils sont nommés:
https-only
https-only2
Aucun commentaire:
Enregistrer un commentaire