computer_science:docker:traefik_docker_https_ssl_for_containers

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Last revisionBoth sides next revision
computer_science:docker:traefik_docker_https_ssl_for_containers [2020/08/19 09:36] – [Create the traefik docker-compose.yml] carlossousacomputer_science:docker:traefik_docker_https_ssl_for_containers [2020/08/19 09:46] carlossousa
Line 24: Line 24:
 chmod 600 "$STORAGE_PATH"/storage/traefik/data/acme.json chmod 600 "$STORAGE_PATH"/storage/traefik/data/acme.json
 touch "$STORAGE_PATH"/storage/traefik/data/traefik.yml touch "$STORAGE_PATH"/storage/traefik/data/traefik.yml
-docker volume create --driver local --opt type=none --opt device="$STORAGE_PATH"/storage/data --opt o=bind traefik 
  
  
Line 94: Line 93:
       - /etc/localtime:/etc/localtime:ro       - /etc/localtime:/etc/localtime:ro
       - /var/run/docker.sock:/var/run/docker.sock:ro       - /var/run/docker.sock:/var/run/docker.sock:ro
-      - traefik_data/data/traefik.yml:/traefik.yml:ro +      - ./storage/traefik/data/traefik.yml:/traefik.yml:ro 
-      - traefik_data/data/acme.json:/acme.json+      - ./storage/traefik/data/acme.json:/acme.json
     labels:     labels:
       - "traefik.enable=true"       - "traefik.enable=true"
Line 113: Line 112:
   proxy:   proxy:
     external: true     external: true
 +"traefik.http.routers.traefik-secure.tls=true"
 +      - "traefik.http.routers.traefik-secure.tls.certresolver=http"
 +      - "traefik.http.routers.traefik-secure.service=api@internal"
  
-volumes+networks
-  traefik_data:+  proxy:
     external: true     external: true
  
  
 </code> </code>
- 
  
 ===== Adding Services to Traefik ===== ===== Adding Services to Traefik =====
Line 131: Line 132:
  
 **Before** **Before**
 +
 +<code yaml>
 +version: '3'
 +
 +volumes:
 +    dokuwiki_data:
 +        external: true
 +    dokuwiki_conf:
 +        external: true
 +    dokuwiki_lib-plugins:
 +        external: true
 +    dokuwiki_lib-tpl:
 +        external: true
 +    dokuwiki_logs:
 +        external: true
 +
 +services:
 +  dokuwiki:
 +    image: 'mprasil/dokuwiki'
 +    container_name: 'dokuwiki_zebra'
 +    ports:
 +      - '80:80'
 +    volumes:
 +        - dokuwiki_data:/dokuwiki/data
 +        - dokuwiki_conf:/dokuwiki/conf
 +        - dokuwiki_lib-plugins:/dokuwiki/lib/plugins
 +        - dokuwiki_lib-tpl:/dokuwiki/lib/tpl
 +        - dokuwiki_logs:/var/log
 +
 +
 +</code>
  
 **After** **After**
 +
 +  * You can uncomment the "ports:" so, if you start just that container, it will be reachable over your domain.tld. Sometimes it is usefull for troubleshooting
 +  * Add the "labels". You have/should replace [...].dokuwiki.[...] with the name of the service, so it is easier to identify on the Traefik WebUI
 +  * Don't forget to change the "rule=Host" and "[...]-secure.rule=Host" to your "sub.domain.tld"
 +  * Don't forget to change the ".server.port" to the Port where the Service is listening
 +  * For complex services (for example Wordpress + MySQL), add an extra network, for eg. "wordpress_network" so the MySQL instant is only reachable via the Wordpress Service, and not over the Proxy configuration
 +
 +<code yaml>
 +version: '3'
 +
 +volumes:
 +    dokuwiki_data:
 +        external: true
 +    dokuwiki_conf:
 +        external: true
 +    dokuwiki_lib-plugins:
 +        external: true
 +    dokuwiki_lib-tpl:
 +        external: true
 +    dokuwiki_logs:
 +        external: true
 +
 +services:
 +  dokuwiki:
 +    image: 'mprasil/dokuwiki'
 +    container_name: 'dokuwiki'
 +    restart: unless-stopped
 +    networks:
 +        - proxy
 +    #ports:
 +    #  - '80:80'
 +    volumes:
 +        - dokuwiki_data:/dokuwiki/data
 +        - dokuwiki_conf:/dokuwiki/conf
 +        - dokuwiki_lib-plugins:/dokuwiki/lib/plugins
 +        - dokuwiki_lib-tpl:/dokuwiki/lib/tpl
 +        - dokuwiki_logs:/var/log
 +    labels:
 +      - "traefik.enable=true"
 +      - "traefik.http.routers.dokuwiki.entrypoints=http"
 +      - "traefik.http.routers.dokuwiki.rule=Host(`wiki.carlossousa.tech`)"
 +      - "traefik.http.middlewares.dokuwiki-https-redirect.redirectscheme.scheme=https"
 +      - "traefik.http.routers.dokuwiki.middlewares=dokuwiki-https-redirect"
 +      - "traefik.http.routers.dokuwiki-secure.entrypoints=https"
 +      - "traefik.http.routers.dokuwiki-secure.rule=Host(`wiki.carlossousa.tech`)"
 +      - "traefik.http.routers.dokuwiki-secure.tls=true"
 +      - "traefik.http.routers.dokuwiki-secure.tls.certresolver=http"
 +      - "traefik.http.routers.dokuwiki-secure.service=dokuwiki"
 +      - "traefik.http.services.dokuwiki.loadbalancer.server.port=80"
 +      - "traefik.docker.network=proxy"
 +
 +networks:
 +   proxy:
 +     external: true
 +
 +
 +</code>
 +
 +After starting the service, it should now be available.
  
  
  • computer_science/docker/traefik_docker_https_ssl_for_containers.txt
  • Last modified: 2023/12/01 12:07
  • by 127.0.0.1