diff --git a/resources/lxc/100/config.json b/resources/lxc/100/config.json index b7179af..03c2c09 100644 --- a/resources/lxc/100/config.json +++ b/resources/lxc/100/config.json @@ -29,20 +29,18 @@ "tags": "2-proxy+auth" }, "creation": { - "conditions": [ - { - "type": "program", - "program": "docker" - }, - { - "type": "folder", - "path": "/var/data/traefik" - } - ], - "steps":[ + "conditions": { + "programs": ["docker"], + "folders": ["/var/data/traefik", "/var/data/config/traefik"], + "files": ["/var/data/traefik/traefik.toml", "/var/data/config/traefikv2/docker-compose.yml"] + }, + "steps": [ { "type": "script", "path": "/global/install-docker.sh" + }, + { + "type": "" } ] }, diff --git a/resources/lxc/100/data/config/traefikv2/docker-compose.yml b/resources/lxc/100/data/config/traefikv2/docker-compose.yml new file mode 100644 index 0000000..aeb6b55 --- /dev/null +++ b/resources/lxc/100/data/config/traefikv2/docker-compose.yml @@ -0,0 +1,40 @@ +version: "3" + +services: + app: + image: traefik:v2.9 + env_file: /var/data/config/traefikv2/traefik.env + restart: always + ports: + - "80:80" # http + - "443:443" # https + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + - /var/data/config/traefikv2/dyn:/dyn + - /var/data/config/traefikv2/traefik.toml:/etc/traefik/traefik.toml + - /var/data/traefik/traefik.log:/traefik.log + - /var/data/traefik/access.log:/access.log + - /var/data/traefik/acme.json:/acme.json + labels: + - "traefik.enable=true" + - "traefik.http.routers.api.rule=Host(`traefik.xyz.abc`)" + - "traefik.http.routers.api.entrypoints=https" + + - "traefik.http.routers.api.service=api@internal" + - "traefik.http.services.dummy.loadbalancer.server.port=9999" + + - "traefik.http.routers.api.tls=true" + - "traefik.http.routers.api.tls.domains[0].main=xyz.abc" + - "traefik.http.routers.api.tls.domains[0].sans=*.xyz.abc" + - "traefik.http.routers.api.tls.certresolver=cloudflare" + networks: + - traefik_public + logging: + driver: "json-file" + options: + max-size: "2m" + max-file: "2" + +networks: + traefik_public: + external: true \ No newline at end of file diff --git a/resources/lxc/100/data/config/traefikv2/traefik.env b/resources/lxc/100/data/config/traefikv2/traefik.env new file mode 100644 index 0000000..6f93280 --- /dev/null +++ b/resources/lxc/100/data/config/traefikv2/traefik.env @@ -0,0 +1,3 @@ +# CloudFlare example +CLOUDFLARE_EMAIL=me@xyz.abc +CLOUDFLARE_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx diff --git a/resources/lxc/100/data/config/traefikv2/traefik.toml b/resources/lxc/100/data/config/traefikv2/traefik.toml new file mode 100644 index 0000000..f30046c --- /dev/null +++ b/resources/lxc/100/data/config/traefikv2/traefik.toml @@ -0,0 +1,52 @@ +[global] + checkNewVersion = true + +# Enable the Dashboard +[api] + dashboard = true + +# Write out Traefik logs +[log] + level = "INFO" + filePath = "/traefik.log" + +# [accessLog] +# filePath = "/access.log" + +[entryPoints.http] + address = ":80" + # Redirect to HTTPS (why wouldn't you?) + [entryPoints.http.http.redirections.entryPoint] + to = "https" + scheme = "https" + + [entryPoints.http.forwardedHeaders] + trustedIPs = ["10.0.0.0/8", "172.16.0.0/16", "192.168.0.0/16", "fc00::/7"] + +[entryPoints.https] + address = ":443" + [entryPoints.https.http.tls] + certResolver = "cloudflare" + + [entryPoints.https.forwardedHeaders] + trustedIPs = ["10.0.0.0/8", "172.16.0.0/16", "192.168.0.0/16", "fc00::/7"] + + +# Cloudflare +[certificatesResolvers.infomaniak.acme] + email = "me@xyz.abc" + storage = "acme.json" + [certificatesResolvers.infomaniak.acme.dnsChallenge] + provider = "cloudflare" + resolvers = ["1.1.1.1:53", "8.8.8.8:53"] + +# Docker Traefik provider +[providers.docker] + endpoint = "unix:///var/run/docker.sock" + swarmMode = false + watch = true + exposedByDefault = false + +[providers.file] + directory = "/dyn" + watch = true \ No newline at end of file diff --git a/resources/lxc/100/data/traefikv2/acme.json b/resources/lxc/100/data/traefikv2/acme.json new file mode 100644 index 0000000..9e26dfe --- /dev/null +++ b/resources/lxc/100/data/traefikv2/acme.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/resources/lxc/100/data/traefikv2/treafik.log b/resources/lxc/100/data/traefikv2/treafik.log new file mode 100644 index 0000000..e69de29