Added working traefik config but a draft with gitea

2019-12-06 21:11:32 +01:00 · 2019-12-06 21:11:32 +01:00 · ee6265aefc
parent bf3a47016d
commit ee6265aefc
3 changed files with 49 additions and 24 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -62,12 +62,13 @@ services:
    volumes:
      - ${DIR}/gitea:/data
    ports:
-      - "2221:22"
+      - "127.0.0.1:2222:22"
    labels:
      - "traefik.enable=true"
-      - "traefik.http.routers.gitea.rule=Host(`gitea.${DOMAIN}`)"
-      - "traefik.http.routers.gitea.entrypoints=web"
      - "traefik.http.services.gitea-service.loadbalancer.server.port=3000"
+      - "traefik.http.routers.gitea-secure.entrypoints=web-secure"
+      - "traefik.http.routers.gitea-secure.rule=Host(`gitea.${DOMAIN}`)"
+      - "traefik.http.routers.gitea-secure.tls.certresolver=milvert"


  whoami:
@ -81,7 +82,7 @@ services:
      - "traefik.http.routers.whoami.entrypoints=web"
      - "traefik.http.routers.whoami-secure.entrypoints=web-secure"
      - "traefik.http.routers.whoami-secure.rule=Host(`whoami.${DOMAIN}`)"
-      - "traefik.http.routers.whoami-secure.tls.certresolver=default"
+      - "traefik.http.routers.whoami-secure.tls.certresolver=milvert"

  mqtt:
    image: eclipse-mosquitto:1.6.7
@ -89,12 +90,12 @@ services:
    networks:
      - frontend
      - backend
-
+    restart: always
    ports:
      - "1885:1883"
      - "9001:9001"
    volumes:
-      - "${DIR}/mosquitto/config:/mosquitto/config"
+      #- ${DIR}/mosquitto/config:/mosquitto/config
      - ${DIR}/mosquitto/data:/mosquitto/data
      - ${DIR}/mosquitto/log:/mosquitto/log
    labels:
@ -119,9 +120,12 @@ services:
    volumes:
      - ${DIR}/nodered:/data
    labels:
-      - "traefik.http.routers.node-red.rule=Host(`node.${DOMAIN}`)"
+      - "traefik.http.routers.node-red.rule=Host(`nodered.${DOMAIN}`)"
      - "traefik.http.routers.node-red.entrypoints=web"
      - "traefik.http.services.node-red-service.loadbalancer.server.port=1880"
+      - "traefik.http.routers.node-red-secure.entrypoints=web-secure"
+      - "traefik.http.routers.node-red-secure.rule=Host(`nodered.${DOMAIN}`)"
+      - "traefik.http.routers.node-red-secure.tls.certresolver=milvert"
      - "traefik.enable=true"

  domoticz:
@ -150,7 +154,7 @@ services:

  reverse-proxy:
    # The official v2.0 Traefik docker image
-    image: traefik:v2.0.2
+    image: traefik:v2.0.6
    container_name: "traefik"
    networks:
      - backend
@ -166,19 +170,23 @@ services:
      - ./traefik.yml:/etc/traefik/traefik.yml
      - ./static_config.yml:/etc/traefik/static_config.yml
        #      - "./log.json:/etc/traefik/log.json"
-        #      - "./traefik/acme.json:/acme.json"
+        #- ./acme.json:/acme.json
+      - ./letsencrypt:/letsencrypt
    dns:
      - 8.8.8.8

    labels:
-      - "traefik.http.routers.traefik.rule=Host(`tr.${DOMAIN}`)"
+      - "traefik.http.routers.traefik.rule=Host(`tra.${DOMAIN}`)"
+      - "traefik.http.routers.traefik.middlewares=redirect@file"
      - "traefik.http.routers.traefik.entrypoints=web"
      - "traefik.http.routers.traefik-secure.entrypoints=web-secure"
-      - "traefik.http.routers.traefik-secure.rule=Host(`tr.${DOMAIN}`)"
-      - "traefik.http.routers.traefik-secure.tls.certresolver=default"
+      - "traefik.http.routers.traefik-secure.rule=Host(`tra.${DOMAIN}`)"
+      - "traefik.http.routers.traefik-secure.tls.certresolver=milvert"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.services.traefik-service.loadbalancer.server.port=8080"
      - "traefik.enable=true"
+      - "traefik.http.routers.traefik-secure.middlewares=test-auth"
+      - "traefik.http.middlewares.test-auth.basicauth.users=simon:$$apr1$$o3vIe.DX$$3XExiBMe8rUo3HujDSYEo0"

 networks:
  frontend:
--- a/static_config.yml
+++ b/static_config.yml
@ -1,14 +1,29 @@
 http:
  routers:
-    test-router:
-      rule: "Host(`test.localhost`)"
-      service: my-service
+    lampa-router:
+      rule: "Host(`lampa.milvert.com`)"
+      middlewares:
+        - redirect
+      service: lampa-service
      entryPoints:
         - web

+    lampa-router:
+      rule: "Host(`lampa.milvert.com`)"
+      service: lampa-service
+      entryPoints:
+         - web-secure
+      tls:
+       certResolver: milvert
+
  services:
-    my-service:
+    lampa-service:
      loadBalancer:
        servers:
-          - url: https://milvert.com
+          - url: "http://10.0.0.3:8084"
+
+  middlewares:
+    redirect:
+      redirectScheme:
+        scheme: https

--- a/traefik.yml
+++ b/traefik.yml
@ -1,12 +1,8 @@
-log:
-  level: DEBUG
-
 api:
  insecure: true
  dashboard: true
  debug: true

-
 providers:
  docker:
    exposedbydefault: false
@ -20,15 +16,21 @@ log:
  #  filePath: /etc/traefik/log.json
  # format: json

+
 certificatesResolvers:
-  default:
+  milvert:
    acme:
      email: simon@milvert.com
-      storage: "acme.json"
+      storage: "/letsencrypt/acme.json"
      httpChallenge:
-        # used during the challenge
        entryPoint: web
+      tlsChallenge: {}

+http:
+  middlewares:
+    redirect:
+      redirectScheme:
+        scheme: https

 entryPoints:
  web: