42 lines
1.2 KiB
YAML
42 lines
1.2 KiB
YAML
version: '2'
|
|
|
|
services:
|
|
proxy:
|
|
image: traefik:v2.9
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
|
- "./cert/:/cert/"
|
|
- "./config/:/etc/traefik/:ro"
|
|
- "./config/dynamic/:/etc/traefik/dynamic/:ro"
|
|
labels:
|
|
- "traefik.enable=true" # set to true to expose the Monitoring & API
|
|
# middleware redirect
|
|
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
|
# global redirect to https
|
|
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
|
|
- "traefik.http.routers.http-catchall.entrypoints=web"
|
|
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
|
|
|
|
- "traefik.docker.network=proxy_web"
|
|
networks:
|
|
- "web"
|
|
|
|
dumper:
|
|
image: ldez/traefik-certs-dumper:latest
|
|
volumes:
|
|
- "./cert/:/cert/"
|
|
- "/data/ssl/:/ssl/"
|
|
command: >
|
|
file --watch --source /cert/acme.json --version v2 --domain-subdir
|
|
--crt-name=fullchain --crt-ext=.pem
|
|
--key-name=privkey --key-ext=.pem
|
|
--clean=false
|
|
--post-hook "chmod -R a+r /ssl/"
|
|
--dest /ssl
|
|
|
|
networks:
|
|
web:
|
|
driver: bridge
|