4.6 KiB
4.6 KiB
Purpose: Deploy a Traefik Reverse Proxy
version: "3.3"
services:
traefik:
image: "traefik:latest"
restart: always
container_name: "traefik"
ulimits:
nofile:
soft: 65536
hard: 65536
labels:
- "traefik.http.routers.traefik-proxy.middlewares=my-buffering"
- "traefik.http.middlewares.my-buffering.buffering.maxRequestBodyBytes=104857600"
- "traefik.http.middlewares.my-buffering.buffering.maxResponseBodyBytes=104857600"
- "traefik.http.middlewares.my-buffering.buffering.memRequestBodyBytes=2097152"
- "traefik.http.middlewares.my-buffering.buffering.memResponseBodyBytes=2097152"
- "traefik.http.middlewares.my-buffering.buffering.retryExpression=IsNetworkError() && Attempts() <= 2"
command:
# Globals
- "--log.level=ERROR"
- "--api.insecure=true"
- "--global.sendAnonymousUsage=false"
# Docker
# - "--providers.docker=true"
# - "--providers.docker.exposedbydefault=false"
# File Provider
- "--providers.file.directory=/etc/traefik/dynamic"
- "--providers.file.watch=true"
# Entrypoints
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.http.redirections.entrypoint.to=websecure" #Redirect HTTP to HTTPS
- "--entrypoints.web.http.redirections.entrypoint.scheme=https" #Redirect HTTP to HTTPS
- "--entrypoints.web.http.redirections.entrypoint.permanent=true" #Redirect HTTP to HTTPS
# LetsEncrypt
# - "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.dnschallenge=true" #TEMPORARY CHANGE
- "--certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare" #TEMPORARY CHANGE
- "--certificatesresolvers.myresolver.acme.email=cyberstrawberry101@gmail.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
# labels:
# # API
# - "traefik.enable=true"
# # Global http --> https
# - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:[a-z-.]+}`)"
# - "traefik.http.routers.http-catchall.entrypoints=web"
# - "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
# - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
ports:
- "80:80"
- "443:443"
- "8080:8080"
volumes:
- "/srv/containers/traefik/letsencrypt:/letsencrypt"
- "/srv/containers/traefik/config:/etc/traefik"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- "/srv/containers/traefik/cloudflare:/cloudflare"
networks:
docker_network:
ipv4_address: 192.168.5.29
environment:
- CF_API_EMAIL=cyberstrawberry101@gmail.com
- CF_API_KEY=REDACTED
extra_hosts:
- "flask.cyberstrawberry.local:192.168.3.21"
- "searx.cyberstrawberry.local:192.168.3.21"
- "heimdall.cyberstrawberry.local:192.168.3.21"
- "status.cyberstrawberry.local:192.168.3.21"
- "rancher.cyberstrawberry.local:192.168.3.21"
- "trilium.blockaderunners.local:192.168.3.21"
- "pw.cyberstrawberry.local:192.168.3.22"
- "remote.cyberstrawberry.local:192.168.5.43"
- "cluster-cloud.cyberstrawberry.local:192.168.3.22"
- "searx.blockaderunners.local:192.168.3.22"
- "searx.deeptree-labs.local:192.168.3.22"
- "cyberstrawberry.local:192.168.3.22"
- "storage.cyberstrawberry.local:192.168.3.22"
- "cloud.cyberstrawberry.local:192.168.5.146"
- "cloud.blockaderunners.local:192.168.5.90"
- "docs.blockaderunners.local:192.168.5.212"
- "status.blockaderunners.local:192.168.5.13"
- "blockaderunners.local:192.168.5.219"
- "office.cyberstrawberry.local:192.168.5.143"
- "git.deeptree.local:192.168.5.166"
- "pw.deeptree.local:192.168.5.170"
- "status.deeptree.local:192.168.5.211"
- "temp.cyberstrawberry.local:192.168.5.197"
- "drop.cyberstrawberry.local:192.168.5.14"
- "vault.cyberstrawberry.local:192.168.3.22"
- "bitwarden.cyberstrawberry.local:192.168.5.141"
- "chat.cyberstrawberry.local:192.168.3.22"
- "trilium.cyberstrawberry.local:192.168.3.22"
- "node-red.cyberstrawberry.local:192.168.3.21"
- "homelab.cyberstrawberry.local:192.168.3.22"
- "awx.cyberstrawberry.local:192.168.3.21"
- "git.cyberstrawberry.local:192.168.3.21"
- "lab.cyberstrawberry.local:192.168.5.44"
networks:
default:
external:
name: docker_network
docker_network:
external: true
Not Applicable