added traefik example
This commit is contained in:
parent
1f08252999
commit
f452c2ef09
@ -29,20 +29,18 @@
|
|||||||
"tags": "2-proxy+auth"
|
"tags": "2-proxy+auth"
|
||||||
},
|
},
|
||||||
"creation": {
|
"creation": {
|
||||||
"conditions": [
|
"conditions": {
|
||||||
{
|
"programs": ["docker"],
|
||||||
"type": "program",
|
"folders": ["/var/data/traefik", "/var/data/config/traefik"],
|
||||||
"program": "docker"
|
"files": ["/var/data/traefik/traefik.toml", "/var/data/config/traefikv2/docker-compose.yml"]
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"type": "folder",
|
|
||||||
"path": "/var/data/traefik"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"steps": [
|
"steps": [
|
||||||
{
|
{
|
||||||
"type": "script",
|
"type": "script",
|
||||||
"path": "/global/install-docker.sh"
|
"path": "/global/install-docker.sh"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": ""
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
40
resources/lxc/100/data/config/traefikv2/docker-compose.yml
Normal file
40
resources/lxc/100/data/config/traefikv2/docker-compose.yml
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
version: "3"
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
image: traefik:v2.9
|
||||||
|
env_file: /var/data/config/traefikv2/traefik.env
|
||||||
|
restart: always
|
||||||
|
ports:
|
||||||
|
- "80:80" # http
|
||||||
|
- "443:443" # https
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
|
- /var/data/config/traefikv2/dyn:/dyn
|
||||||
|
- /var/data/config/traefikv2/traefik.toml:/etc/traefik/traefik.toml
|
||||||
|
- /var/data/traefik/traefik.log:/traefik.log
|
||||||
|
- /var/data/traefik/access.log:/access.log
|
||||||
|
- /var/data/traefik/acme.json:/acme.json
|
||||||
|
labels:
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.http.routers.api.rule=Host(`traefik.xyz.abc`)"
|
||||||
|
- "traefik.http.routers.api.entrypoints=https"
|
||||||
|
|
||||||
|
- "traefik.http.routers.api.service=api@internal"
|
||||||
|
- "traefik.http.services.dummy.loadbalancer.server.port=9999"
|
||||||
|
|
||||||
|
- "traefik.http.routers.api.tls=true"
|
||||||
|
- "traefik.http.routers.api.tls.domains[0].main=xyz.abc"
|
||||||
|
- "traefik.http.routers.api.tls.domains[0].sans=*.xyz.abc"
|
||||||
|
- "traefik.http.routers.api.tls.certresolver=cloudflare"
|
||||||
|
networks:
|
||||||
|
- traefik_public
|
||||||
|
logging:
|
||||||
|
driver: "json-file"
|
||||||
|
options:
|
||||||
|
max-size: "2m"
|
||||||
|
max-file: "2"
|
||||||
|
|
||||||
|
networks:
|
||||||
|
traefik_public:
|
||||||
|
external: true
|
3
resources/lxc/100/data/config/traefikv2/traefik.env
Normal file
3
resources/lxc/100/data/config/traefikv2/traefik.env
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
# CloudFlare example
|
||||||
|
CLOUDFLARE_EMAIL=me@xyz.abc
|
||||||
|
CLOUDFLARE_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
52
resources/lxc/100/data/config/traefikv2/traefik.toml
Normal file
52
resources/lxc/100/data/config/traefikv2/traefik.toml
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
[global]
|
||||||
|
checkNewVersion = true
|
||||||
|
|
||||||
|
# Enable the Dashboard
|
||||||
|
[api]
|
||||||
|
dashboard = true
|
||||||
|
|
||||||
|
# Write out Traefik logs
|
||||||
|
[log]
|
||||||
|
level = "INFO"
|
||||||
|
filePath = "/traefik.log"
|
||||||
|
|
||||||
|
# [accessLog]
|
||||||
|
# filePath = "/access.log"
|
||||||
|
|
||||||
|
[entryPoints.http]
|
||||||
|
address = ":80"
|
||||||
|
# Redirect to HTTPS (why wouldn't you?)
|
||||||
|
[entryPoints.http.http.redirections.entryPoint]
|
||||||
|
to = "https"
|
||||||
|
scheme = "https"
|
||||||
|
|
||||||
|
[entryPoints.http.forwardedHeaders]
|
||||||
|
trustedIPs = ["10.0.0.0/8", "172.16.0.0/16", "192.168.0.0/16", "fc00::/7"]
|
||||||
|
|
||||||
|
[entryPoints.https]
|
||||||
|
address = ":443"
|
||||||
|
[entryPoints.https.http.tls]
|
||||||
|
certResolver = "cloudflare"
|
||||||
|
|
||||||
|
[entryPoints.https.forwardedHeaders]
|
||||||
|
trustedIPs = ["10.0.0.0/8", "172.16.0.0/16", "192.168.0.0/16", "fc00::/7"]
|
||||||
|
|
||||||
|
|
||||||
|
# Cloudflare
|
||||||
|
[certificatesResolvers.infomaniak.acme]
|
||||||
|
email = "me@xyz.abc"
|
||||||
|
storage = "acme.json"
|
||||||
|
[certificatesResolvers.infomaniak.acme.dnsChallenge]
|
||||||
|
provider = "cloudflare"
|
||||||
|
resolvers = ["1.1.1.1:53", "8.8.8.8:53"]
|
||||||
|
|
||||||
|
# Docker Traefik provider
|
||||||
|
[providers.docker]
|
||||||
|
endpoint = "unix:///var/run/docker.sock"
|
||||||
|
swarmMode = false
|
||||||
|
watch = true
|
||||||
|
exposedByDefault = false
|
||||||
|
|
||||||
|
[providers.file]
|
||||||
|
directory = "/dyn"
|
||||||
|
watch = true
|
1
resources/lxc/100/data/traefikv2/acme.json
Normal file
1
resources/lxc/100/data/traefikv2/acme.json
Normal file
@ -0,0 +1 @@
|
|||||||
|
{}
|
0
resources/lxc/100/data/traefikv2/treafik.log
Normal file
0
resources/lxc/100/data/traefikv2/treafik.log
Normal file
Loading…
Reference in New Issue
Block a user