commit 0fb7ffa11358ebff507d98e5e34410a7ddc8f5bc
Author: Paul Scheunemann <paul@zom.bi>
Date:   Sun Jul 9 17:46:14 2017 +0200

    Initial commit

diff --git a/cert/.gitkeep b/cert/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/config/.gitignore b/config/.gitignore
new file mode 100644
index 0000000..069fa6c
--- /dev/null
+++ b/config/.gitignore
@@ -0,0 +1 @@
+acme.toml
diff --git a/config/acme.toml b/config/acme.toml
new file mode 100644
index 0000000..bc2192f
--- /dev/null
+++ b/config/acme.toml
@@ -0,0 +1,26 @@
+# new domains and subdomains can be configured here, the file is read
+# automatically after modification.
+#
+# note that domains and subdomains not defined in this file will still work
+# when defined in a container Host-Rule. However, they will generate
+# their own ACME request, and will count towards LetsEncrypt's rate limit.
+
+#[acme]
+#email = "hostmaster@zom.bi"
+#storage = "cert/acme.json"
+#entryPoint = "https"
+#onDemand = false
+#OnHostRule = true
+#
+#[[acme.domains]]
+#  main = "zom.bi"
+#  sans = [
+#    "blog.zom.bi",
+#    "www.zom.bi",
+#  ]
+
+# You can define multiple of these blocks, each of which will result in one
+# certificate.
+#[[acme.domains]]
+#  main = "zombi.systems"
+#  sans = ["www.zombi.systems", "blog.zombi.systems"]
diff --git a/config/traefik.toml b/config/traefik.toml
new file mode 100644
index 0000000..6132a5a
--- /dev/null
+++ b/config/traefik.toml
@@ -0,0 +1,32 @@
+# accept invalid SSL certs for backends
+InsecureSkipVerify = true
+
+defaultEntryPoints = ["http", "https"]
+
+[entryPoints]
+  [entryPoints.http]
+    address = ":80"
+      [entryPoints.http.redirect]
+        entryPoint = "https"
+  [entryPoints.https]
+    address = ":443"
+      [entryPoints.https.tls]
+
+[web]
+address = ":8080"
+
+[docker]
+endpoint = "unix:///var/run/docker.sock"
+domain = "docker.localhost"
+watch = true
+exposedbydefault = false
+
+# embed acme configuration.
+# new domains and subdomains can be configured here, the file is read
+# automatically after modification.
+# note that domains and subdomains not defined in this file will still work,
+# when defined in a container Host-Rule. However, they will generate
+# their own ACME request, and will count towards LetsEncrypt's rate limit.
+[file]
+filename = "acme.toml"
+watch = true
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..e2c8b53
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,24 @@
+version: '2'
+
+services:
+  proxy:
+    image: traefik
+    command: --logLevel=INFO
+    networks:
+      - "webgateway"
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+      - "./cert/:/cert/"
+      - "./traefik.toml:/traefik.toml:ro"
+      - "./config/:/etc/traefik/:ro"
+    labels:
+      - "traefik.enable=false" # set to true to expose the Monitoring & API
+      - "traefik.backend=proxy"
+      - "traefik.port=8080"
+
+networks:
+  webgateway:
+    driver: bridge