Disable Traefik dashboard and update TLS settings
- Set dashboard to false by default for security - Rename ENABLE_TLS to DASHBOARD_TLS for clarity - Link traefik.enable to DASHBOARD environment variable
This commit is contained in:
parent
0c72db2690
commit
a6f1a59628
@ -38,19 +38,18 @@ Here's a brief explanation of the variables used in the docker-compose files:
|
|||||||
- `NAME`: The name assigned to the created container (default: `traefik`).
|
- `NAME`: The name assigned to the created container (default: `traefik`).
|
||||||
|
|
||||||
### Traefik Settings
|
### Traefik Settings
|
||||||
- `DASHBOARD`: Enable(=true) or disable(=false) the Traefik API dashboard (default: `true`).
|
- `DASHBOARD`: Enable(=true) or disable(=false) the Traefik API dashboard (default: `false`).
|
||||||
- `DOMAIN`: The domain name where Traefik's dashboard is accessible (default: `traefik.local.krislamo.org`).
|
- `DOMAIN`: The domain name where Traefik's dashboard is accessible (default: `traefik.local.krislamo.org`).
|
||||||
- `ENTRYPOINT`: The entry point for the dashboard (default: `local`).
|
- `ENTRYPOINT`: The entry point for the dashboard (default: `local`).
|
||||||
- `EXPOSED_BY_DEFAULT`: Expose Docker containers by default without needing specific labels (default: `false`).
|
- `EXPOSED_BY_DEFAULT`: Expose Docker containers by default without needing specific labels (default: `false`).
|
||||||
|
|
||||||
### Network Settings
|
### Network Settings
|
||||||
- `NETWORK`: The Docker network to be used (default: `traefik`).
|
- `NETWORK`: The Docker network to be used (default: `traefik`).
|
||||||
- `WEB_PORT`: Binding for the regular HTTP traffic (default: `0.0.0.0:80:80`).
|
- `WEB_PORT`: Binding for the regular HTTP traffic (defaults vary).
|
||||||
- `WEBSECURE_PORT`: Binding for HTTPS traffic (default: `0.0.0.0:443:443`).
|
- `WEBSECURE_PORT`: Binding for HTTPS traffic (default: `0.0.0.0:443:443`, only on HTTPS version).
|
||||||
- `LOCAL_PORT`: Binding for local HTTPS traffic (default: `127.0.0.1:8443:8443`).
|
- `LOCAL_PORT`: Binding for local HTTPS traffic (default: `127.0.0.1:8443:8443`).
|
||||||
|
|
||||||
### Other Settings
|
### Other Settings
|
||||||
- `ENABLE`: Enable(=true) or disable(=false) Traefik to expose its API and dashboard (default: `false`).
|
|
||||||
- `LOG_LEVEL`: Logging level (default: `ERROR`).
|
- `LOG_LEVEL`: Logging level (default: `ERROR`).
|
||||||
- `DEBUG`: Enable(=true) or turn off(=false) API debugging (default: `false`).
|
- `DEBUG`: Enable(=true) or turn off(=false) API debugging (default: `false`).
|
||||||
|
|
||||||
|
@ -14,7 +14,7 @@ services:
|
|||||||
command:
|
command:
|
||||||
- --providers.docker=true
|
- --providers.docker=true
|
||||||
- --providers.docker.exposedbydefault=${EXPOSED_BY_DEFAULT:-false}
|
- --providers.docker.exposedbydefault=${EXPOSED_BY_DEFAULT:-false}
|
||||||
- --api.dashboard=${DASHBOARD:-true}
|
- --api.dashboard=${DASHBOARD:-false}
|
||||||
- --api.debug=${DEBUG:-false}
|
- --api.debug=${DEBUG:-false}
|
||||||
- --log.level=${LOG_LEVEL:-ERROR}
|
- --log.level=${LOG_LEVEL:-ERROR}
|
||||||
- --entrypoints.web.address=:80
|
- --entrypoints.web.address=:80
|
||||||
@ -31,9 +31,9 @@ services:
|
|||||||
- "traefik.http.routers.${ROUTER:-traefik}.rule=Host(`${DOMAIN:-traefik.local.krislamo.org}`)"
|
- "traefik.http.routers.${ROUTER:-traefik}.rule=Host(`${DOMAIN:-traefik.local.krislamo.org}`)"
|
||||||
- "traefik.http.routers.${ROUTER:-traefik}.service=api@internal"
|
- "traefik.http.routers.${ROUTER:-traefik}.service=api@internal"
|
||||||
- "traefik.http.routers.${ROUTER:-traefik}.entrypoints=${ENTRYPOINT:-local}"
|
- "traefik.http.routers.${ROUTER:-traefik}.entrypoints=${ENTRYPOINT:-local}"
|
||||||
- "traefik.http.routers.${ROUTER:-traefik}.tls=${ENABLE_TLS:-true}"
|
- "traefik.http.routers.${ROUTER:-traefik}.tls=${DASHBOARD_TLS:-true}"
|
||||||
- "traefik.docker.network=${NETWORK:-traefik}"
|
- "traefik.docker.network=${NETWORK:-traefik}"
|
||||||
- "traefik.enable=${ENABLE:-false}"
|
- "traefik.enable=${DASHBOARD:-false}"
|
||||||
networks:
|
networks:
|
||||||
- traefik
|
- traefik
|
||||||
volumes:
|
volumes:
|
||||||
|
@ -14,7 +14,7 @@ services:
|
|||||||
command:
|
command:
|
||||||
- --providers.docker=true
|
- --providers.docker=true
|
||||||
- --providers.docker.exposedbydefault=${EXPOSED_BY_DEFAULT:-false}
|
- --providers.docker.exposedbydefault=${EXPOSED_BY_DEFAULT:-false}
|
||||||
- --api.dashboard=${DASHBOARD:-true}
|
- --api.dashboard=${DASHBOARD:-false}
|
||||||
- --api.debug=${DEBUG:-false}
|
- --api.debug=${DEBUG:-false}
|
||||||
- --log.level=${LOG_LEVEL:-ERROR}
|
- --log.level=${LOG_LEVEL:-ERROR}
|
||||||
- --entrypoints.web.address=:80
|
- --entrypoints.web.address=:80
|
||||||
@ -26,9 +26,9 @@ services:
|
|||||||
- "traefik.http.routers.${ROUTER:-traefik}.rule=Host(`${DOMAIN:-traefik.local.krislamo.org}`)"
|
- "traefik.http.routers.${ROUTER:-traefik}.rule=Host(`${DOMAIN:-traefik.local.krislamo.org}`)"
|
||||||
- "traefik.http.routers.${ROUTER:-traefik}.service=api@internal"
|
- "traefik.http.routers.${ROUTER:-traefik}.service=api@internal"
|
||||||
- "traefik.http.routers.${ROUTER:-traefik}.entrypoints=${ENTRYPOINT:-local}"
|
- "traefik.http.routers.${ROUTER:-traefik}.entrypoints=${ENTRYPOINT:-local}"
|
||||||
- "traefik.http.routers.${ROUTER:-traefik}.tls=${ENABLE_TLS:-true}"
|
- "traefik.http.routers.${ROUTER:-traefik}.tls=${DASHBOARD_TLS:-true}"
|
||||||
- "traefik.docker.network=${NETWORK:-traefik}"
|
- "traefik.docker.network=${NETWORK:-traefik}"
|
||||||
- "traefik.enable=${ENABLE:-false}"
|
- "traefik.enable=${DASHBOARD:-false}"
|
||||||
networks:
|
networks:
|
||||||
- traefik
|
- traefik
|
||||||
volumes:
|
volumes:
|
||||||
|
Loading…
Reference in New Issue
Block a user