Compare commits

...

4 Commits

Author SHA1 Message Date
d62bd06b37
version is obsolete 2024-04-19 23:52:47 -04:00
a6f1a59628
Disable Traefik dashboard and update TLS settings
- Set dashboard to false by default for security
- Rename ENABLE_TLS to DASHBOARD_TLS for clarity
- Link traefik.enable to DASHBOARD environment variable
2024-04-19 23:20:57 -04:00
0c72db2690
Move the HTTP version to docker-compose.yml
This is part of a bigger move to put nginx in front of Traefik instances
2024-04-19 22:22:26 -04:00
db3b3e332b
Move the HTTPS version to docker-compose.https.yml
This is part of a bigger move to put nginx in front of Traefik instances
2024-04-19 22:21:02 -04:00
3 changed files with 16 additions and 21 deletions

View File

@ -38,19 +38,18 @@ Here's a brief explanation of the variables used in the docker-compose files:
- `NAME`: The name assigned to the created container (default: `traefik`). - `NAME`: The name assigned to the created container (default: `traefik`).
### Traefik Settings ### Traefik Settings
- `DASHBOARD`: Enable(=true) or disable(=false) the Traefik API dashboard (default: `true`). - `DASHBOARD`: Enable(=true) or disable(=false) the Traefik API dashboard (default: `false`).
- `DOMAIN`: The domain name where Traefik's dashboard is accessible (default: `traefik.local.krislamo.org`). - `DOMAIN`: The domain name where Traefik's dashboard is accessible (default: `traefik.local.krislamo.org`).
- `ENTRYPOINT`: The entry point for the dashboard (default: `local`). - `ENTRYPOINT`: The entry point for the dashboard (default: `local`).
- `EXPOSED_BY_DEFAULT`: Expose Docker containers by default without needing specific labels (default: `false`). - `EXPOSED_BY_DEFAULT`: Expose Docker containers by default without needing specific labels (default: `false`).
### Network Settings ### Network Settings
- `NETWORK`: The Docker network to be used (default: `traefik`). - `NETWORK`: The Docker network to be used (default: `traefik`).
- `WEB_PORT`: Binding for the regular HTTP traffic (default: `0.0.0.0:80:80`). - `WEB_PORT`: Binding for the regular HTTP traffic (defaults vary).
- `WEBSECURE_PORT`: Binding for HTTPS traffic (default: `0.0.0.0:443:443`). - `WEBSECURE_PORT`: Binding for HTTPS traffic (default: `0.0.0.0:443:443`, only on HTTPS version).
- `LOCAL_PORT`: Binding for local HTTPS traffic (default: `127.0.0.1:8443:8443`). - `LOCAL_PORT`: Binding for local HTTPS traffic (default: `127.0.0.1:8443:8443`).
### Other Settings ### Other Settings
- `ENABLE`: Enable(=true) or disable(=false) Traefik to expose its API and dashboard (default: `false`).
- `LOG_LEVEL`: Logging level (default: `ERROR`). - `LOG_LEVEL`: Logging level (default: `ERROR`).
- `DEBUG`: Enable(=true) or turn off(=false) API debugging (default: `false`). - `DEBUG`: Enable(=true) or turn off(=false) API debugging (default: `false`).

View File

@ -1,5 +1,3 @@
version: '3.8'
volumes: volumes:
traefik: traefik:
@ -14,21 +12,26 @@ services:
command: command:
- --providers.docker=true - --providers.docker=true
- --providers.docker.exposedbydefault=${EXPOSED_BY_DEFAULT:-false} - --providers.docker.exposedbydefault=${EXPOSED_BY_DEFAULT:-false}
- --api.dashboard=${DASHBOARD:-true} - --api.dashboard=${DASHBOARD:-false}
- --api.debug=${DEBUG:-false} - --api.debug=${DEBUG:-false}
- --log.level=${LOG_LEVEL:-ERROR} - --log.level=${LOG_LEVEL:-ERROR}
- --entrypoints.web.address=:80 - --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --entrypoints.local.address=:8443 - --entrypoints.local.address=:8443
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
- --entrypoints.web.http.redirections.entrypoint.permanent=true
ports: ports:
- "${WEB_PORT:-127.0.0.1:8000:80}" - "${WEB_PORT:-0.0.0.0:80:80}"
- "${WEBSECURE_PORT:-0.0.0.0:443:443}"
- "${LOCAL_PORT:-127.0.0.1:8443:8443}" - "${LOCAL_PORT:-127.0.0.1:8443:8443}"
labels: labels:
- "traefik.http.routers.${ROUTER:-traefik}.rule=Host(`${DOMAIN:-traefik.local.krislamo.org}`)" - "traefik.http.routers.${ROUTER:-traefik}.rule=Host(`${DOMAIN:-traefik.local.krislamo.org}`)"
- "traefik.http.routers.${ROUTER:-traefik}.service=api@internal" - "traefik.http.routers.${ROUTER:-traefik}.service=api@internal"
- "traefik.http.routers.${ROUTER:-traefik}.entrypoints=${ENTRYPOINT:-local}" - "traefik.http.routers.${ROUTER:-traefik}.entrypoints=${ENTRYPOINT:-local}"
- "traefik.http.routers.${ROUTER:-traefik}.tls=${ENABLE_TLS:-true}" - "traefik.http.routers.${ROUTER:-traefik}.tls=${DASHBOARD_TLS:-true}"
- "traefik.docker.network=${NETWORK:-traefik}" - "traefik.docker.network=${NETWORK:-traefik}"
- "traefik.enable=${ENABLE:-false}" - "traefik.enable=${DASHBOARD:-false}"
networks: networks:
- traefik - traefik
volumes: volumes:

View File

@ -1,5 +1,3 @@
version: '3.8'
volumes: volumes:
traefik: traefik:
@ -14,26 +12,21 @@ services:
command: command:
- --providers.docker=true - --providers.docker=true
- --providers.docker.exposedbydefault=${EXPOSED_BY_DEFAULT:-false} - --providers.docker.exposedbydefault=${EXPOSED_BY_DEFAULT:-false}
- --api.dashboard=${DASHBOARD:-true} - --api.dashboard=${DASHBOARD:-false}
- --api.debug=${DEBUG:-false} - --api.debug=${DEBUG:-false}
- --log.level=${LOG_LEVEL:-ERROR} - --log.level=${LOG_LEVEL:-ERROR}
- --entrypoints.web.address=:80 - --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --entrypoints.local.address=:8443 - --entrypoints.local.address=:8443
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
- --entrypoints.web.http.redirections.entrypoint.permanent=true
ports: ports:
- "${WEB_PORT:-0.0.0.0:80:80}" - "${WEB_PORT:-127.0.0.1:8000:80}"
- "${WEBSECURE_PORT:-0.0.0.0:443:443}"
- "${LOCAL_PORT:-127.0.0.1:8443:8443}" - "${LOCAL_PORT:-127.0.0.1:8443:8443}"
labels: labels:
- "traefik.http.routers.${ROUTER:-traefik}.rule=Host(`${DOMAIN:-traefik.local.krislamo.org}`)" - "traefik.http.routers.${ROUTER:-traefik}.rule=Host(`${DOMAIN:-traefik.local.krislamo.org}`)"
- "traefik.http.routers.${ROUTER:-traefik}.service=api@internal" - "traefik.http.routers.${ROUTER:-traefik}.service=api@internal"
- "traefik.http.routers.${ROUTER:-traefik}.entrypoints=${ENTRYPOINT:-local}" - "traefik.http.routers.${ROUTER:-traefik}.entrypoints=${ENTRYPOINT:-local}"
- "traefik.http.routers.${ROUTER:-traefik}.tls=${ENABLE_TLS:-true}" - "traefik.http.routers.${ROUTER:-traefik}.tls=${DASHBOARD_TLS:-true}"
- "traefik.docker.network=${NETWORK:-traefik}" - "traefik.docker.network=${NETWORK:-traefik}"
- "traefik.enable=${ENABLE:-false}" - "traefik.enable=${DASHBOARD:-false}"
networks: networks:
- traefik - traefik
volumes: volumes: