computer_science:docker:traefik_docker_https_ssl_for_containers

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
computer_science:docker:traefik_docker_https_ssl_for_containers [2020/08/19 09:36] – [Create the traefik docker-compose.yml] carlossousacomputer_science:docker:traefik_docker_https_ssl_for_containers [2023/12/01 12:07] (current) – external edit 127.0.0.1
Line 24: Line 24:
 chmod 600 "$STORAGE_PATH"/storage/traefik/data/acme.json chmod 600 "$STORAGE_PATH"/storage/traefik/data/acme.json
 touch "$STORAGE_PATH"/storage/traefik/data/traefik.yml touch "$STORAGE_PATH"/storage/traefik/data/traefik.yml
-docker volume create --driver local --opt type=none --opt device="$STORAGE_PATH"/storage/data --opt o=bind traefik 
  
  
Line 94: Line 93:
       - /etc/localtime:/etc/localtime:ro       - /etc/localtime:/etc/localtime:ro
       - /var/run/docker.sock:/var/run/docker.sock:ro       - /var/run/docker.sock:/var/run/docker.sock:ro
-      - traefik_data/data/traefik.yml:/traefik.yml:ro +      - ./storage/traefik/data/traefik.yml:/traefik.yml:ro 
-      - traefik_data/data/acme.json:/acme.json+      - ./storage/traefik/data/acme.json:/acme.json
     labels:     labels:
       - "traefik.enable=true"       - "traefik.enable=true"
Line 113: Line 112:
   proxy:   proxy:
     external: true     external: true
 +"traefik.http.routers.traefik-secure.tls=true"
 +      - "traefik.http.routers.traefik-secure.tls.certresolver=http"
 +      - "traefik.http.routers.traefik-secure.service=api@internal"
  
-volumes+networks
-  traefik_data:+  proxy:
     external: true     external: true
  
  
 </code> </code>
- 
  
 ===== Adding Services to Traefik ===== ===== Adding Services to Traefik =====
Line 131: Line 132:
  
 **Before** **Before**
 +
 +<code yaml>
 +version: '3'
 +
 +volumes:
 +    dokuwiki_data:
 +        external: true
 +    dokuwiki_conf:
 +        external: true
 +    dokuwiki_lib-plugins:
 +        external: true
 +    dokuwiki_lib-tpl:
 +        external: true
 +    dokuwiki_logs:
 +        external: true
 +
 +services:
 +  dokuwiki:
 +    image: 'mprasil/dokuwiki'
 +    container_name: 'dokuwiki_zebra'
 +    ports:
 +      - '80:80'
 +    volumes:
 +        - dokuwiki_data:/dokuwiki/data
 +        - dokuwiki_conf:/dokuwiki/conf
 +        - dokuwiki_lib-plugins:/dokuwiki/lib/plugins
 +        - dokuwiki_lib-tpl:/dokuwiki/lib/tpl
 +        - dokuwiki_logs:/var/log
 +
 +
 +</code>
  
 **After** **After**
 +
 +  * You can uncomment the "ports:" so, if you start just that container, it will be reachable over your domain.tld. Sometimes it is usefull for troubleshooting
 +  * Add the "labels". You have/should replace [...].dokuwiki.[...] with the name of the service, so it is easier to identify on the Traefik WebUI
 +  * Don't forget to change the "rule=Host" and "[...]-secure.rule=Host" to your "sub.domain.tld"
 +  * Don't forget to change the ".server.port" to the Port where the Service is listening
 +  * For complex services (for example Wordpress + MySQL), add an extra network, for eg. "wordpress_network" so the MySQL instant is only reachable via the Wordpress Service, and not over the Proxy configuration
 +
 +<code yaml>
 +version: '3'
 +
 +volumes:
 +    dokuwiki_data:
 +        external: true
 +    dokuwiki_conf:
 +        external: true
 +    dokuwiki_lib-plugins:
 +        external: true
 +    dokuwiki_lib-tpl:
 +        external: true
 +    dokuwiki_logs:
 +        external: true
 +
 +services:
 +  dokuwiki:
 +    image: 'mprasil/dokuwiki'
 +    container_name: 'dokuwiki'
 +    restart: unless-stopped
 +    networks:
 +        - proxy
 +    #ports:
 +    #  - '80:80'
 +    volumes:
 +        - dokuwiki_data:/dokuwiki/data
 +        - dokuwiki_conf:/dokuwiki/conf
 +        - dokuwiki_lib-plugins:/dokuwiki/lib/plugins
 +        - dokuwiki_lib-tpl:/dokuwiki/lib/tpl
 +        - dokuwiki_logs:/var/log
 +    labels:
 +      - "traefik.enable=true"
 +      - "traefik.http.routers.dokuwiki.entrypoints=http"
 +      - "traefik.http.routers.dokuwiki.rule=Host(`wiki.carlossousa.tech`)"
 +      - "traefik.http.middlewares.dokuwiki-https-redirect.redirectscheme.scheme=https"
 +      - "traefik.http.routers.dokuwiki.middlewares=dokuwiki-https-redirect"
 +      - "traefik.http.routers.dokuwiki-secure.entrypoints=https"
 +      - "traefik.http.routers.dokuwiki-secure.rule=Host(`wiki.carlossousa.tech`)"
 +      - "traefik.http.routers.dokuwiki-secure.tls=true"
 +      - "traefik.http.routers.dokuwiki-secure.tls.certresolver=http"
 +      - "traefik.http.routers.dokuwiki-secure.service=dokuwiki"
 +      - "traefik.http.services.dokuwiki.loadbalancer.server.port=80"
 +      - "traefik.docker.network=proxy"
 +
 +networks:
 +   proxy:
 +     external: true
 +
 +
 +</code>
 +
 +After starting the service, it should now be available.
  
  
  • computer_science/docker/traefik_docker_https_ssl_for_containers.1597829768.txt.gz
  • Last modified: 2023/12/01 12:07
  • (external edit)