63 lines
2.3 KiB
YAML
Executable File
63 lines
2.3 KiB
YAML
Executable File
services:
|
|
reverse-proxy:
|
|
image: traefik
|
|
restart: unless-stopped
|
|
ports:
|
|
- "30080:80"
|
|
- "30443:443"
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- ./conf:/etc/traefik:ro
|
|
- ./log:/var/log/traefik
|
|
- ./acme.json:/acme.json
|
|
environment:
|
|
- CLOUDFLARE_EMAIL=xxxxxxxxxxxxxxxxxx
|
|
- CLOUDFLARE_DNS_API_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
|
labels:
|
|
- "traefik.http.routers.traefik-api.rule=Host(`traefik.vaala.tech`)"
|
|
- "traefik.http.routers.traefik-api.middlewares=traefik-forward-auth"
|
|
- "traefik.http.routers.traefik-api.tls.domains[0].sans=*.vaala.tech"
|
|
- "traefik.http.routers.traefik-api.tls=true"
|
|
- "traefik.http.routers.traefik-api.tls.certresolver=myresolver"
|
|
- "traefik.http.services.traefik-api.loadbalancer.server.port=8080"
|
|
networks:
|
|
- traefik
|
|
|
|
traefik-forward-auth:
|
|
image: thomseddon/traefik-forward-auth:2
|
|
env_file: .auth.env
|
|
restart: unless-stopped
|
|
volumes:
|
|
- /etc/resolv.conf:/etc/resolv.conf:ro
|
|
networks:
|
|
- traefik
|
|
labels:
|
|
- "traefik.http.routers.traefik-forward-auth.rule=Host(`auth.vaala.tech`)"
|
|
- "traefik.http.routers.traefik-forward-auth.tls.domains[0].sans=*.vaala.tech"
|
|
- "traefik.http.routers.traefik-forward-auth.tls.certresolver=myresolver"
|
|
- "traefik.http.routers.traefik-forward-auth.middlewares=traefik-forward-auth"
|
|
- "traefik.http.routers.traefik-forward-auth.tls=true"
|
|
- "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4181"
|
|
- "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4181"
|
|
- "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
|
|
|
|
whoami:
|
|
image: containous/whoami
|
|
restart: unless-stopped
|
|
expose:
|
|
- 80
|
|
networks:
|
|
- traefik
|
|
labels:
|
|
- "traefik.http.routers.whoami.rule=Host(`whoami.vaala.tech`)"
|
|
- "traefik.http.routers.whoami.tls.domains[0].sans=*.vaala.tech"
|
|
- "traefik.http.routers.whoami.middlewares=traefik-forward-auth"
|
|
- "traefik.http.routers.whoami.tls=true"
|
|
- "traefik.http.routers.whoami.tls.certresolver=myresolver"
|
|
- "traefik.http.services.whoami.loadbalancer.server.port=80"
|
|
|
|
networks:
|
|
traefik:
|
|
external:
|
|
name: traefik
|