50 lines
1.5 KiB
YAML
50 lines
1.5 KiB
YAML
version: '3.9'
|
|
|
|
services:
|
|
traefik:
|
|
image: traefik:v3.0
|
|
command:
|
|
- --providers.docker.swarmMode=true
|
|
- --providers.docker.exposedbydefault=false
|
|
- --entrypoints.web.address=:80
|
|
- --entrypoints.websecure.address=:443
|
|
- --api.dashboard=false
|
|
- --serversTransport.insecureSkipVerify=false
|
|
- --entrypoints.web.http.redirections.entryPoint.to=websecure
|
|
- --entrypoints.web.http.redirections.entryPoint.scheme=https
|
|
# ACME config: edit or mount DNS challenge as needed
|
|
# - --certificatesresolvers.le.acme.tlschallenge=true
|
|
# - --certificatesresolvers.le.acme.email=you@example.com
|
|
# - --certificatesresolvers.le.acme.storage=/letsencrypt/acme.json
|
|
ports:
|
|
- target: 80
|
|
published: 18080
|
|
mode: host
|
|
- target: 443
|
|
published: 18443
|
|
mode: host
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- traefik_letsencrypt:/letsencrypt
|
|
- /root/stacks/core/dynamic:/dynamic:ro
|
|
networks:
|
|
- traefik-public
|
|
deploy:
|
|
placement:
|
|
constraints:
|
|
- node.role == manager
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.traefik-rtr.rule=Host(`traefik.localhost`)
|
|
- traefik.http.routers.traefik-rtr.entrypoints=websecure
|
|
- traefik.http.routers.traefik-rtr.tls=true
|
|
- traefik.http.services.traefik-svc.loadbalancer.server.port=8080
|
|
|
|
volumes:
|
|
traefik_letsencrypt:
|
|
driver: local
|
|
|
|
networks:
|
|
traefik-public:
|
|
external: true
|