commit fd8d1ec9f0a8b2736e0703134d745ffd0b39072e Author: Kris Lamoureux Date: Thu Nov 2 21:45:49 2023 -0400 Raw copy and paste (slight modifications) diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..cb4eedb --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,111 @@ +############################################################################ +Docker compose file for the site in question +############################################################################ +version: "3.7" + +services: + nginx: + image: "nginx:1.21.4" + ports: + - target: 80 + - target: 443 + published: ${goodPort} + protocol: tcp + mode: ingress + volumes: + - ./htdocs:/usr/share/nginx/html + - ./nginx/nginx.conf:/etc/nginx/nginx.conf + - ./nginx/default.conf:/etc/nginx/conf.d/default.conf + + + +############################################################################ +Traefik config file that is with the website +############################################################################ +version: "3.7" + +services: + nginx: + networks: + - traefik + # ports: - target: 80 published: ${goodPort} protocol: tcp mode: ingress + deploy: + labels: + - "traefik.enable=true" + - "traefik.docker.network=traefik_proxy_net" + - "traefik.http.routers.${SiteName}_router.rule=Host(`${DOMAIN}`)" + - "traefik.http.services.${SiteName}_service.loadbalancer.server.port=80" + - "traefik.port=80" + - "traefik.site.port=80" + - "traefik.http.routers.${SiteName}_webserver.entrypoints=web" + - "traefik.http.routers.${SiteName}_webserver.middlewares=redirect" + - "traefik.http.middlewares.redirect.redirectscheme.scheme=https" + - "traefik.http.routers.${SiteName}_webserver2.tls=true" + - "traefik.http.routers.${SiteName}_webserver2.rule=Host(`${DOMAIN}`)" + - "traefik.http.routers.${SiteName}_webserver2.entrypoints=websecure" + - "traefik.http.routers.${SiteName}_webserver2.tls.certresolver=le" + +networks: + traefik: + name: traefik_proxy_net + external: true + + +############################################################################ +Traefik config +############################################################################ + +version: "3.3" + +services: + + traefik: + image: "traefik:v2.10" + networks: + - proxy_net + command: + - "--log.level=TRACE" + - "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" +#- "--log.level=DEBUG" + - "--api.insecure=true" + - "--api.dashboard=true" + - "--providers.docker=true" +# - "--providers.docker.swarmMode=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + - "--entrypoints.websecure.address=:443" + - "--certificatesresolvers.myresolver.acme.httpchallenge=true" + - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web" + #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory" + - "--certificatesresolvers.myresolver.acme.email=noreply@example.com" + - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" + ports: + - "80:80" + - "443:443" + volumes: + - "./letsencrypt:/letsencrypt" + - "/var/run/docker.sock:/var/run/docker.sock:ro" + labels: + - "traefik.enable=true" + - "traefik.http.routers.traefik.rule=Host(`traefik.local.coulter.info`)" + - "traefik.http.routers.traefik.entrypoints=websecure" + - "traefik.http.routers.traefik.middlewares=localonly" + - "traefik.http.routers.traefik.service=api@internal" + - "traefik.http.routers.traefik.tls=true" + - "traefik.http.middlewares.localonly.ipwhitelist.sourcerange=10.0.0.0/8" + whoami: + image: "traefik/whoami" + networks: + - proxy_net + labels: + - "traefik.enable=true" + - "traefik.http.routers.whoami.rule=Host(`whoami.local.coulter.info`)" + - "traefik.http.routers.whoami.entrypoints=websecure" + - "traefik.http.routers.whoami.tls.certresolver=myresolver" + - "traefik.http.routers.whoami.tls=true" + - "traefik.http.services.whoami.loadbalancer.server.port=80" + - "traefik.docker.network=proxy_net" + +networks: + proxy_net: +