diff --git a/Vagrantfile b/Vagrantfile index d41b9a2..705631f 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -6,7 +6,7 @@ Vagrant.configure("2") do |config| apt-get install -y curl curl -fsSL https://get.docker.com | sh docker swarm init - cd /vagrant || exit 1 + cd /vagrant/traefik || exit 1 docker compose up -d SHELL end diff --git a/docker-compose.yml b/docker-compose.yml index cb4eedb..254fbd5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -49,63 +49,3 @@ networks: traefik: name: traefik_proxy_net external: true - - -############################################################################ -Traefik config -############################################################################ - -version: "3.3" - -services: - - traefik: - image: "traefik:v2.10" - networks: - - proxy_net - command: - - "--log.level=TRACE" - - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" -#- "--log.level=DEBUG" - - "--api.insecure=true" - - "--api.dashboard=true" - - "--providers.docker=true" -# - "--providers.docker.swarmMode=true" - - "--providers.docker.exposedbydefault=false" - - "--entrypoints.web.address=:80" - - "--entrypoints.websecure.address=:443" - - "--certificatesresolvers.myresolver.acme.httpchallenge=true" - - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web" - #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" - - "--certificatesresolvers.myresolver.acme.email=noreply@example.com" - - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" - ports: - - "80:80" - - "443:443" - volumes: - - "./letsencrypt:/letsencrypt" - - "/var/run/docker.sock:/var/run/docker.sock:ro" - labels: - - "traefik.enable=true" - - "traefik.http.routers.traefik.rule=Host(`traefik.local.coulter.info`)" - - "traefik.http.routers.traefik.entrypoints=websecure" - - "traefik.http.routers.traefik.middlewares=localonly" - - "traefik.http.routers.traefik.service=api@internal" - - "traefik.http.routers.traefik.tls=true" - - "traefik.http.middlewares.localonly.ipwhitelist.sourcerange=10.0.0.0/8" - whoami: - image: "traefik/whoami" - networks: - - proxy_net - labels: - - "traefik.enable=true" - - "traefik.http.routers.whoami.rule=Host(`whoami.local.coulter.info`)" - - "traefik.http.routers.whoami.entrypoints=websecure" - - "traefik.http.routers.whoami.tls.certresolver=myresolver" - - "traefik.http.routers.whoami.tls=true" - - "traefik.http.services.whoami.loadbalancer.server.port=80" - - "traefik.docker.network=proxy_net" - -networks: - proxy_net: - diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml new file mode 100644 index 0000000..b129072 --- /dev/null +++ b/traefik/docker-compose.yml @@ -0,0 +1,53 @@ +version: "3.3" + +services: + + traefik: + image: "traefik:v2.10" + networks: + - proxy_net + command: + - "--log.level=TRACE" + - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" +#- "--log.level=DEBUG" + - "--api.insecure=true" + - "--api.dashboard=true" + - "--providers.docker=true" +# - "--providers.docker.swarmMode=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + - "--entrypoints.websecure.address=:443" + - "--certificatesresolvers.myresolver.acme.httpchallenge=true" + - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web" + #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" + - "--certificatesresolvers.myresolver.acme.email=noreply@example.com" + - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" + ports: + - "80:80" + - "443:443" + volumes: + - "./letsencrypt:/letsencrypt" + - "/var/run/docker.sock:/var/run/docker.sock:ro" + labels: + - "traefik.enable=true" + - "traefik.http.routers.traefik.rule=Host(`traefik.local.coulter.info`)" + - "traefik.http.routers.traefik.entrypoints=websecure" + - "traefik.http.routers.traefik.middlewares=localonly" + - "traefik.http.routers.traefik.service=api@internal" + - "traefik.http.routers.traefik.tls=true" + - "traefik.http.middlewares.localonly.ipwhitelist.sourcerange=10.0.0.0/8" + whoami: + image: "traefik/whoami" + networks: + - proxy_net + labels: + - "traefik.enable=true" + - "traefik.http.routers.whoami.rule=Host(`whoami.local.coulter.info`)" + - "traefik.http.routers.whoami.entrypoints=websecure" + - "traefik.http.routers.whoami.tls.certresolver=myresolver" + - "traefik.http.routers.whoami.tls=true" + - "traefik.http.services.whoami.loadbalancer.server.port=80" + - "traefik.docker.network=proxy_net" + +networks: + proxy_net: