From: Giorgio Ravera Date: Sun, 18 Jan 2026 21:36:31 +0000 (+0100) Subject: Minor updates to the docker-compose files X-Git-Url: http://git.giorgioravera.it/?a=commitdiff_plain;h=01fa6d14331e53c15f1ec3c137f3f54340c0080c;p=docker.git Minor updates to the docker-compose files --- diff --git a/dns-server/docker-compose.yaml b/dns-server/docker-compose.yaml new file mode 100644 index 0000000..1a91725 --- /dev/null +++ b/dns-server/docker-compose.yaml @@ -0,0 +1,64 @@ +services: + dns-server: + container_name: dns-server + image: technitium/dns-server:latest + restart: always + #ports: + #- "5380:5380/tcp" #DNS web console (HTTP) + #- "53443:53443/tcp" #DNS web console (HTTPS) + #- "53:53/udp" #DNS service + #- "53:53/tcp" #DNS service + # - "853:853/udp" #DNS-over-QUIC service + # - "853:853/tcp" #DNS-over-TLS service + # - "443:443/udp" #DNS-over-HTTPS service (HTTP/3) + # - "443:443/tcp" #DNS-over-HTTPS service (HTTP/1.1, HTTP/2) + # - "80:80/tcp" #DNS-over-HTTP service (use with reverse proxy or certbot certificate renewal) + # - "8053:8053/tcp" #DNS-over-HTTP service (use with reverse proxy) + # - "67:67/udp" #DHCP service + environment: + - TZ=${DOCKER_TZ} + # - DNS_SERVER_DOMAIN=dns-server #The primary domain name used by this DNS Server to identify itself. + # - DNS_SERVER_ADMIN_PASSWORD=password #DNS web console admin user password. + # - DNS_SERVER_ADMIN_PASSWORD_FILE=password.txt #The path to a file that contains a plain text password for the DNS web console admin user. + # - DNS_SERVER_PREFER_IPV6=false #DNS Server will use IPv6 for querying whenever possible with this option enabled. + # - DNS_SERVER_WEB_SERVICE_LOCAL_ADDRESSES=172.17.0.1,127.0.0.1 #Comma separated list of network interface IP addresses that you want the web service to listen on for requests. The "172.17.0.1" address is the built-in Docker bridge. The "[::]" is the default value if not specified. Note! This must be used only with "host" network mode. + # - DNS_SERVER_WEB_SERVICE_HTTP_PORT=5380 #The TCP port number for the DNS web console over HTTP protocol. + # - DNS_SERVER_WEB_SERVICE_HTTPS_PORT=53443 #The TCP port number for the DNS web console over HTTPS protocol. + # - DNS_SERVER_WEB_SERVICE_ENABLE_HTTPS=false #Enables HTTPS for the DNS web console. + # - DNS_SERVER_WEB_SERVICE_USE_SELF_SIGNED_CERT=false #Enables self signed TLS certificate for the DNS web console. + # - DNS_SERVER_WEB_SERVICE_TLS_CERTIFICATE_PATH=/etc/dns/tls/cert.pfx #The file path to the TLS certificate for the DNS web console. + # - DNS_SERVER_WEB_SERVICE_TLS_CERTIFICATE_PASSWORD=password #The password for the TLS certificate for the DNS web console. + # - DNS_SERVER_WEB_SERVICE_HTTP_TO_TLS_REDIRECT=false #Enables HTTP to HTTPS redirection for the DNS web console. + # - DNS_SERVER_OPTIONAL_PROTOCOL_DNS_OVER_HTTP=false #Enables DNS server optional protocol DNS-over-HTTP on TCP port 8053 to be used with a TLS terminating reverse proxy like nginx. + # - DNS_SERVER_RECURSION=AllowOnlyForPrivateNetworks #Recursion options: Allow, Deny, AllowOnlyForPrivateNetworks, UseSpecifiedNetworkACL. + # - DNS_SERVER_RECURSION_NETWORK_ACL=192.168.10.0/24, !192.168.10.2 #Comma separated list of IP addresses or network addresses to allow access. Add ! character at the start to deny access, e.g. !192.168.10.0/24 will deny entire subnet. The ACL is processed in the same order its listed. If no networks match, the default policy is to deny all except loopback. Valid only for `UseSpecifiedNetworkACL` recursion option. + # - DNS_SERVER_RECURSION_DENIED_NETWORKS=1.1.1.0/24 #Comma separated list of IP addresses or network addresses to deny recursion. Valid only for `UseSpecifiedNetworkACL` recursion option. This option is obsolete and DNS_SERVER_RECURSION_NETWORK_ACL should be used instead. + # - DNS_SERVER_RECURSION_ALLOWED_NETWORKS=127.0.0.1, 192.168.1.0/24 #Comma separated list of IP addresses or network addresses to allow recursion. Valid only for `UseSpecifiedNetworkACL` recursion option. This option is obsolete and DNS_SERVER_RECURSION_NETWORK_ACL should be used instead. + # - DNS_SERVER_ENABLE_BLOCKING=false #Sets the DNS server to block domain names using Blocked Zone and Block List Zone. + # - DNS_SERVER_ALLOW_TXT_BLOCKING_REPORT=false #Specifies if the DNS Server should respond with TXT records containing a blocked domain report for TXT type requests. + # - DNS_SERVER_BLOCK_LIST_URLS= #A comma separated list of block list URLs. + # - DNS_SERVER_FORWARDERS=1.1.1.1, 8.8.8.8 #Comma separated list of forwarder addresses. + # - DNS_SERVER_FORWARDER_PROTOCOL=Tcp #Forwarder protocol options: Udp, Tcp, Tls, Https, HttpsJson. + # - DNS_SERVER_LOG_USING_LOCAL_TIME=true #Enable this option to use local time instead of UTC for logging. + volumes: + - ${DOCKER_CFG_DIR}/dns-server:/etc/dns + network_mode: host + labels: + - "traefik.enable=true" + # Router: HTTP + - "traefik.http.routers.dns-server.entrypoints=http" + - "traefik.http.routers.dns-server.rule=Host(`network.giorgioravera.it`) && PathPrefix(`/dns-server`)" + - "traefik.http.routers.dns-server.middlewares=dns-server-stripprefix" + - "traefik.http.routers.dns-server.middlewares=dns-server-https-redirect" + # Router: HTTPS + - "traefik.http.routers.dns-server-secure.entrypoints=https" + - "traefik.http.routers.dns-server-secure.rule=Host(`network.giorgioravera.it`) && PathPrefix(`/dns-server`)" + - "traefik.http.routers.dns-server-secure.tls=true" + - "traefik.http.routers.dns-server-secure.service=dns-server" + - "traefik.http.routers.dns-server-secure.middlewares=dns-server-stripprefix" + # Middlewares: Redirect http to https + - "traefik.http.middlewares.dns-server-https-redirect.redirectscheme.scheme=https" + # Middlewares: Prefix + - "traefik.http.middlewares.dns-server-stripprefix.stripprefix.prefixes=/dns-server" + # Services: Loadbalancer + - "traefik.http.services.dns-server.loadbalancer.server.port=5380" diff --git a/download/amule.yaml b/download/amule.yaml index 7cbe7bf..69ffdbb 100644 --- a/download/amule.yaml +++ b/download/amule.yaml @@ -33,10 +33,11 @@ services: - "traefik.http.routers.amule-secure.tls=true" - "traefik.http.routers.amule-secure.service=amule" - "traefik.http.routers.amule-secure.middlewares=amule-stripprefix" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.amule-https-redirect.redirectscheme.scheme=https" + # Middleware: Prefix - "traefik.http.middlewares.amule-stripprefix.stripprefix.prefixes=/amule" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.amule.loadbalancer.server.port=4711" networks: diff --git a/download/filebrowser.yaml b/download/filebrowser.yaml index 3ae9a15..0280e88 100644 --- a/download/filebrowser.yaml +++ b/download/filebrowser.yaml @@ -22,16 +22,15 @@ services: # Router: HTTP - "traefik.http.routers.filebrowser.entrypoints=http" - "traefik.http.routers.filebrowser.rule=Host(`download.giorgioravera.it`)" - #- "traefik.http.routers.filebrowser.service=filebrowser" - "traefik.http.routers.filebrowser.middlewares=filebrowser-https-redirect" # Router: HTTPS - "traefik.http.routers.filebrowser-secure.entrypoints=https" - "traefik.http.routers.filebrowser-secure.rule=Host(`download.giorgioravera.it`)" - "traefik.http.routers.filebrowser-secure.tls=true" - "traefik.http.routers.filebrowser-secure.service=filebrowser" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.filebrowser-https-redirect.redirectscheme.scheme=https" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.filebrowser.loadbalancer.server.port=80" networks: diff --git a/download/jackett.yaml b/download/jackett.yaml index b434bad..9d909ae 100644 --- a/download/jackett.yaml +++ b/download/jackett.yaml @@ -21,7 +21,6 @@ services: - "traefik.http.routers.jackett.entrypoints=http" - "traefik.http.routers.jackett.rule=Host(`download.giorgioravera.it`) && (PathPrefix(`/sources`) || PathPrefix(`/jackett`))" - #- "traefik.http.routers.jackett.service=jackett" - "traefik.http.routers.jackett.middlewares=jackett-stripprefix" - "traefik.http.routers.jackett.middlewares=jackett-https-redirect" # Router: HTTPS @@ -31,10 +30,11 @@ services: - "traefik.http.routers.jackett-secure.tls=true" - "traefik.http.routers.jackett-secure.service=jackett" - "traefik.http.routers.jackett-secure.middlewares=jackett-stripprefix" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.jackett-https-redirect.redirectscheme.scheme=https" + # Middleware: Prefix - "traefik.http.middlewares.jackett-stripprefix.stripprefix.prefixes=/sources" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.jackett.loadbalancer.server.port=9117" networks: diff --git a/download/radarr.yaml b/download/radarr.yaml index f6c8718..110c62c 100644 --- a/download/radarr.yaml +++ b/download/radarr.yaml @@ -22,7 +22,6 @@ services: - "traefik.http.routers.radarr.entrypoints=http" - "traefik.http.routers.radarr.rule=Host(`download.giorgioravera.it`) && (PathPrefix(`/film`) || PathPrefix(`/radarr`))" - #- "traefik.http.routers.radarr.service=radarr" - "traefik.http.routers.radarr.middlewares=radarr-stripprefix" - "traefik.http.routers.radarr.middlewares=radarr-https-redirect" # Router: HTTPS @@ -32,10 +31,11 @@ services: - "traefik.http.routers.radarr-secure.tls=true" - "traefik.http.routers.radarr-secure.service=radarr" - "traefik.http.routers.radarr-secure.middlewares=radarr-stripprefix" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.radarr-https-redirect.redirectscheme.scheme=https" + # Middleware: Prefix - "traefik.http.middlewares.radarr-stripprefix.stripprefix.prefixes=/film" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.radarr.loadbalancer.server.port=7878" networks: diff --git a/download/readarr.yaml b/download/readarr.yaml index 03e6ece..ca790f2 100644 --- a/download/readarr.yaml +++ b/download/readarr.yaml @@ -22,7 +22,6 @@ services: - "traefik.http.routers.readarr.entrypoints=http" - "traefik.http.routers.readarr.rule=Host(`download.giorgioravera.it`) && (PathPrefix(`/books`) || PathPrefix(`/readarr`))" - #- "traefik.http.routers.readarr.service=readarr" - "traefik.http.routers.readarr.middlewares=readarr-stripprefix" - "traefik.http.routers.readarr.middlewares=readarr-https-redirect" # Router: HTTPS @@ -32,10 +31,11 @@ services: - "traefik.http.routers.readarr-secure.tls=true" - "traefik.http.routers.readarr-secure.service=readarr" - "traefik.http.routers.readarr-secure.middlewares=readarr-stripprefix" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.readarr-https-redirect.redirectscheme.scheme=https" + # Middleware: Prefix - "traefik.http.middlewares.readarr-stripprefix.stripprefix.prefixes=/books" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.readarr.loadbalancer.server.port=8787" networks: diff --git a/download/sonarr.yaml b/download/sonarr.yaml index ac9dbd7..c795237 100644 --- a/download/sonarr.yaml +++ b/download/sonarr.yaml @@ -22,7 +22,6 @@ services: - "traefik.http.routers.sonarr.entrypoints=http" - "traefik.http.routers.sonarr.rule=Host(`download.giorgioravera.it`) && (PathPrefix(`/serietv`) || PathPrefix(`/sonarr`))" - #- "traefik.http.routers.sonarr.service=sonarr" - "traefik.http.routers.sonarr.middlewares=sonarr-stripprefix" - "traefik.http.routers.sonarr.middlewares=sonarr-https-redirect" # Router: HTTPS @@ -32,10 +31,11 @@ services: - "traefik.http.routers.sonarr-secure.tls=true" - "traefik.http.routers.sonarr-secure.service=sonarr" - "traefik.http.routers.sonarr-secure.middlewares=sonarr-stripprefix" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.sonarr-https-redirect.redirectscheme.scheme=https" + # Middleware: Prefix - "traefik.http.middlewares.sonarr-stripprefix.stripprefix.prefixes=/serietv" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.sonarr.loadbalancer.server.port=8989" networks: diff --git a/download/transmission.yaml b/download/transmission.yaml index 15f0194..afda758 100644 --- a/download/transmission.yaml +++ b/download/transmission.yaml @@ -30,7 +30,6 @@ services: - "traefik.http.routers.transmission.entrypoints=http" - "traefik.http.routers.transmission.rule=Host(`download.giorgioravera.it`) && (PathPrefix(`/torrent`) || PathPrefix(`/transmission`))" - #- "traefik.http.routers.transmission.service=transmission" - "traefik.http.routers.transmission.middlewares=transmission-stripprefix" - "traefik.http.routers.transmission.middlewares=transmission-https-redirect" # Router: HTTPS @@ -40,10 +39,11 @@ services: - "traefik.http.routers.transmission-secure.tls=true" - "traefik.http.routers.transmission-secure.service=transmission" - "traefik.http.routers.transmission-secure.middlewares=transmission-stripprefix" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.transmission-https-redirect.redirectscheme.scheme=https" + # Middleware: Prefix - "traefik.http.middlewares.transmission-stripprefix.stripprefix.prefixes=/torrent" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.transmission.loadbalancer.server.port=9091" networks: diff --git a/esphome/docker-compose.yaml b/esphome/docker-compose.yaml index fda0f90..5d435a7 100644 --- a/esphome/docker-compose.yaml +++ b/esphome/docker-compose.yaml @@ -1,5 +1,3 @@ -version: '3' - services: esphome: container_name: esphome @@ -22,7 +20,6 @@ services: # Router: HTTP - "traefik.http.routers.esphome.entrypoints=http" - "traefik.http.routers.esphome.rule=Host(`home.giorgioravera.it`) && PathPrefix(`/esphome`)" - #- "traefik.http.routers.esphome.service=esphome" - "traefik.http.routers.esphome.middlewares=esphome-stripprefix" - "traefik.http.routers.esphome.middlewares=esphome-https-redirect" # Router: HTTPS @@ -31,10 +28,11 @@ services: - "traefik.http.routers.esphome-secure.tls=true" - "traefik.http.routers.esphome-secure.service=esphome" - "traefik.http.routers.esphome-secure.middlewares=esphome-stripprefix" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.esphome-https-redirect.redirectscheme.scheme=https" + # Middleware: Prefix - "traefik.http.middlewares.esphome-stripprefix.stripprefix.prefixes=/esphome" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.esphome.loadbalancer.server.port=6052" #networks: diff --git a/homeassistant/docker-compose.yaml b/homeassistant/docker-compose.yaml index 8b07ccc..92499fa 100644 --- a/homeassistant/docker-compose.yaml +++ b/homeassistant/docker-compose.yaml @@ -20,16 +20,15 @@ services: # Router: HTTPS - "traefik.http.routers.homeassistant.entrypoints=http" - "traefik.http.routers.homeassistant.rule=Host(`home.giorgioravera.it`)" - #- "traefik.http.routers.homeassistant.service=homeassistant" - "traefik.http.routers.homeassistant.middlewares=homeassistant-https-redirect" # Router: HTTPS - "traefik.http.routers.homeassistant-secure.entrypoints=https" - "traefik.http.routers.homeassistant-secure.rule=Host(`home.giorgioravera.it`)" - "traefik.http.routers.homeassistant-secure.tls=true" - "traefik.http.routers.homeassistant-secure.service=homeassistant" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.homeassistant-https-redirect.redirectscheme.scheme=https" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.homeassistant.loadbalancer.server.port=8123" zigbee2mqtt: @@ -59,7 +58,6 @@ services: # Router: HTTP - "traefik.http.routers.zigbee2mqtt.entrypoints=http" - "traefik.http.routers.zigbee2mqtt.rule=Host(`home.giorgioravera.it`) && PathPrefix(`/zigbee2mqtt`)" - #- "traefik.http.routers.zigbee2mqtt.service=zigbee2mqtt" - "traefik.http.routers.zigbee2mqtt.middlewares=zigbee2mqtt-stripprefix" - "traefik.http.routers.zigbee2mqtt.middlewares=zigbee2mqtt-https-redirect" # Router: HTTPS @@ -68,10 +66,11 @@ services: - "traefik.http.routers.zigbee2mqtt-secure.tls=true" - "traefik.http.routers.zigbee2mqtt-secure.service=zigbee2mqtt" - "traefik.http.routers.zigbee2mqtt-secure.middlewares=zigbee2mqtt-stripprefix" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.zigbee2mqtt-https-redirect.redirectscheme.scheme=https" + # Middleware: Prefix - "traefik.http.middlewares.zigbee2mqtt-stripprefix.stripprefix.prefixes=/zigbee2mqtt" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.zigbee2mqtt.loadbalancer.server.port=8080" mosquitto: diff --git a/openvscode-server/docker-compose.yaml b/openvscode-server/docker-compose.yaml index 3048efc..2c5322d 100644 --- a/openvscode-server/docker-compose.yaml +++ b/openvscode-server/docker-compose.yaml @@ -27,9 +27,6 @@ services: # Router: HTTP - "traefik.http.routers.openvscode-server.entrypoints=http" - "traefik.http.routers.openvscode-server.rule=Host(`code.giorgioravera.it`)" - #- "traefik.http.routers.openvscode-server.service=openvscode-server" - #- "traefik.http.routers.openvscode-server.middlewares=openvscode-server-auth-passwd" - #- "traefik.http.routers.openvscode-server.middlewares=openvscode-server-auth-ldap" - "traefik.http.routers.openvscode-server.middlewares=openvscode-server-https-redirect" # Router: HTTPS - "traefik.http.routers.openvscode-server-secure.entrypoints=https" @@ -38,18 +35,18 @@ services: - "traefik.http.routers.openvscode-server-secure.service=openvscode-server" #- "traefik.http.routers.openvscode-server-secure.middlewares=openvscode-server-passwd" - "traefik.http.routers.openvscode-server-secure.middlewares=openvscode-server-auth-ldap" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.openvscode-server-https-redirect.redirectscheme.scheme=https" - # Middlewares: Passwd Auth + # Middleware: Passwd Auth #- "traefik.http.middlewares.openvscode-server-auth-passwd.basicauth.usersfile=/passwd/openvscode" - # Middlewares: LDAP Auth + # Middleware: LDAP Auth - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.enabled=true" - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.url=ldaps://ldap.giorgioravera.it" - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.port=636" - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.useTLS=true" - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.baseDN=ou=Users,dc=giorgioravera,dc=it" - "traefik.http.middlewares.openvscode-server-auth-ldap.plugin.ldapAuth.attribute=uid" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.openvscode-server.loadbalancer.server.port=3000" networks: diff --git a/portainer/docker-compose.yaml b/portainer/docker-compose.yaml index 50cf06b..d69b972 100644 --- a/portainer/docker-compose.yaml +++ b/portainer/docker-compose.yaml @@ -17,31 +17,17 @@ services: # Router: HTTP - "traefik.http.routers.portainer.entrypoints=http" - "traefik.http.routers.portainer.rule=Host(`docker.giorgioravera.it`)" - #- "traefik.http.routers.portainer.service=portainer" - "traefik.http.routers.portainer.middlewares=portainer-https-redirect" # Router: HTTPS - "traefik.http.routers.portainer-secure.entrypoints=https" - "traefik.http.routers.portainer-secure.rule=Host(`docker.giorgioravera.it`)" - "traefik.http.routers.portainer-secure.tls=true" - "traefik.http.routers.portainer-secure.service=portainer" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.portainer-https-redirect.redirectscheme.scheme=https" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.portainer.loadbalancer.server.port=9000" - - #portariner_agent: - # container_name: portainer_agent - # image: portainer/agent:lts - # restart: always - # ports: - # - 9000:9001 - # volumes: - # - /var/run/docker.sock:/var/run/docker.sock - # - /var/lib/docker/volumes:/var/lib/docker/volumes - # networks: - # - proxy - networks: proxy: external: true diff --git a/portainer_agent/docker-compose.yaml b/portainer_agent/docker-compose.yaml index bfb8794..77979bd 100644 --- a/portainer_agent/docker-compose.yaml +++ b/portainer_agent/docker-compose.yaml @@ -5,6 +5,8 @@ services: restart: always ports: - 9001:9001 + environment: + - TZ=${DOCKER_TZ} volumes: - /var/run/docker.sock:/var/run/docker.sock - /var/lib/docker/volumes:/var/lib/docker/volumes diff --git a/portal/docker-compose.yaml b/portal/docker-compose.yaml new file mode 100644 index 0000000..7026171 --- /dev/null +++ b/portal/docker-compose.yaml @@ -0,0 +1,24 @@ +service: + portal: + image: busybox:latest + container_name: portal + command: httpd -f -v -p 80 -h /www + environment: + - TZ=${DOCKER_TZ} + volumes: + - ${DOCKER_CFG_DIR}/portal:/www:ro + labels: + - "traefik.enable=true" + # Router HTTP + - "traefik.http.routers.portal.entrypoints=http" + - "traefik.http.routers.portal.rule=Host(`network.giorgioravera.it`)" + - "traefik.http.routers.portal.middlewares=portal-https-redirect" + # Router HTTPS + - "traefik.http.routers.portal-secure.entrypoints=https" + - "traefik.http.routers.portal-secure.rule=Host(`network.giorgioravera.it`)" + - "traefik.http.routers.portal-secure.tls=true" + - "traefik.http.routers.portal-secure.service=portal" + # Middleware: Redirect http to https + - "traefik.http.middlewares.portal-https-redirect.redirectscheme.scheme=https" + # Service: Loadbalancer + - "traefik.http.services.portal.loadbalancer.server.port=80" diff --git a/traefik/docker-compose.yaml b/traefik/docker-compose.yaml index 5177e2f..0e8df18 100644 --- a/traefik/docker-compose.yaml +++ b/traefik/docker-compose.yaml @@ -32,8 +32,6 @@ services: # Router: HTTP - "traefik.http.routers.traefik.entrypoints=http" - "traefik.http.routers.traefik.rule=Host(`traefik.giorgioravera.it`)" - #- "traefik.http.routers.traefik.service=api@internal" - #- "traefik.http.routers.traefik.middlewares=traefik-auth-passwd" - "traefik.http.routers.traefik.middlewares=traefik-https-redirect" # Router: HTTPS - "traefik.http.routers.traefik-secure.entrypoints=https" @@ -41,9 +39,9 @@ services: - "traefik.http.routers.traefik-secure.tls=true" - "traefik.http.routers.traefik-secure.service=api@internal" - "traefik.http.routers.traefik-secure.middlewares=traefik-auth-passwd" - # Middlewares: Redirect http to https + # Middleware: Redirect http to https - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https" - # Middlewares: Passwd Auth + # Middleware: Passwd Auth - "traefik.http.middlewares.traefik-auth-passwd.basicauth.usersfile=/passwd/traefik" - # Services: Loadbalancer + # Service: Loadbalancer - "traefik.http.services.traefik.loadbalancer.server.port=9999" diff --git a/traefik/docker-compose.yaml.agent b/traefik/docker-compose.yaml.agent deleted file mode 100644 index 87b3530..0000000 --- a/traefik/docker-compose.yaml.agent +++ /dev/null @@ -1,74 +0,0 @@ -services: - traefik: - container_name: traefik - image: traefik:latest - command: - # Enable Hub communication (open the port 9900 and 9901 by default) - - --experimental.hub=true - - --hub.tls.insecure=true - - --metrics.prometheus.addrouterslabels=true -# - --api -# - --api.dashboard -# - --entrypoints.http.address=:80 -# - --entrypoints.https.address=:443 -# - --providers.docker=true -# - --providers.file.watch=true -# - --log.level=DEBUG - restart: always - #ports: - # - 80:80 - # - 443:443 - environment: - - TZ=${DOCKER_TZ} - volumes: - - ${DOCKER_CFG_DIR}/traefik/traefik.yml:/traefik.yml:ro - - ${DOCKER_CFG_DIR}/traefik/passwd:/passwd - #- ${DOCKER_CFG_DIR}/traefik/acme.json:/acme.json - - ${DOCKER_CFG_DIR}/traefik/config:/config - - ${DOCKER_CFG_DIR}/traefik/traefik.log:/traefik.log - - ${DOCKER_CFG_DIR}/traefik/access.log:/access.log - - /etc/ssl/giorgioravera.it/fullchain.pem:/certs/fullchain.pem - - /etc/ssl/giorgioravera.it/privkey.pem:/certs/privkey.pem - - /var/run/docker.sock:/var/run/docker.sock - network_mode: host - labels: - - "traefik.enable=true" - # Router: HTTP - - "traefik.http.routers.traefik.entrypoints=http" - - "traefik.http.routers.traefik.rule=Host(`traefik.giorgioravera.it`)" - #- "traefik.http.routers.traefik.service=api@internal" - - "traefik.http.routers.traefik.middlewares=traefik-auth" - - "traefik.http.routers.traefik.middlewares=traefik-https-redirect" - # Router: HTTPS - - "traefik.http.routers.traefik-secure.entrypoints=https" - - "traefik.http.routers.traefik-secure.rule=Host(`traefik.giorgioravera.it`)" - - "traefik.http.routers.traefik-secure.tls=true" - - "traefik.http.routers.traefik-secure.service=api@internal" - - "traefik.http.routers.traefik-secure.middlewares=traefik-auth" - # Middlewares: Redirect http to https - - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https" - - "traefik.http.middlewares.traefik-auth.basicauth.usersfile=/passwd" - # Services: Loadbalancer - - "traefik.http.services.workaround.loadbalancer.server.port=9999" - - # Start the agent with the latest version - hub-agent: - container_name: hub-agent - image: ghcr.io/traefik/hub-agent-traefik:v1.0.0 - command: - - run - - --hub.token=efabfa58-21b6-489c-8d5d-da82f64e5f73 - - --auth-server.advertise-url=http://hub-agent - - --traefik.host=traefik - - --traefik.tls.insecure=true - restart: "on-failure" - environment: - - TZ=${DOCKER_TZ} - volumes: - - /var/run/docker.sock:/var/run/docker.sock - depends_on: - - traefik - network_mode: host - labels: - - "traefik.enable=false" -