Created
April 16, 2020 07:08
-
-
Save ivankatliarchuk/1c327ea35cdd8cc8cef4b8d507438456 to your computer and use it in GitHub Desktop.
traefik 2 with docker-compose
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3.7' | |
| networks: | |
| traefik: | |
| external: true | |
| volumes: | |
| db_data: | |
| secrets: | |
| trusted_ca: | |
| file: ./trusted_ca.pem | |
| services: | |
| proxy: | |
| image: traefik:v2.1 | |
| command: | |
| - '--providers.docker=true' | |
| - '--entryPoints.web.address=:80' | |
| - '--entryPoints.websecure.address=:443' | |
| - '--entryPoints.metrics.address=:8082' | |
| - '--providers.providersThrottleDuration=2s' | |
| - '--providers.docker.watch=true' | |
| - '--providers.docker.swarmMode=true' | |
| - '--providers.docker.swarmModeRefreshSeconds=15s' | |
| - '--providers.docker.exposedbydefault=false' | |
| - '--providers.docker.defaultRule=Host("wshihadeh.cloud")' | |
| - '--providers.docker.constraints=Label(`traefik.tags`,`public`)' | |
| - '--accessLog.bufferingSize=0' | |
| - '--api=true' | |
| - '--api.dashboard=true' | |
| - '--api.insecure=true' | |
| - '--ping.entryPoint=web' | |
| - '--metrics.prometheus=true' | |
| - '--metrics.prometheus.addEntryPointsLabels=true' | |
| - '--metrics.prometheus.addServicesLabels=true' | |
| - '--metrics.prometheus.manualrouting=true' | |
| - '--certificatesresolvers.route53.acme.dnschallenge=true' | |
| - '--certificatesresolvers.route53.acme.dnschallenge.provider=route53' | |
| - '[email protected]' | |
| - '--certificatesresolvers.route53.acme.storage=/var/lib/traefik/acme.json' | |
| - '--providers.file.filename=/run/traefik.toml' | |
| environment: | |
| AWS_ACCESS_KEY_ID: '${TRAEFIK_AWS_ACCESS_KEY_ID}' | |
| AWS_SECRET_ACCESS_KEY: '${TRAEFIK_AWS_SECRET_ACCESS_KEY}' | |
| volumes: | |
| - '/var/run/docker.sock:/var/run/docker.sock:ro' | |
| - './cert:/var/lib/traefik' | |
| - './traefik.toml:/run/traefik.toml' | |
| secrets: | |
| - trusted_ca | |
| ports: | |
| - '80:80' | |
| - '443:443' | |
| - '8080:8080' | |
| - '8082:8082' | |
| deploy: | |
| labels: | |
| - traefik.enable=true | |
| - traefik.tags=public | |
| - traefik.docker.network=traefik | |
| - traefik.http.middlewares.my-basic-auth.basicauth.users=traefik:$$apr1$$SnHDtk1N$$cpc7xSXXrMVnPYdF01WdC0 | |
| - traefik.http.services.prometheus.loadbalancer.server.port=8082 | |
| - traefik.http.routers.prometheus.rule=PathPrefix(`/metrics`) | |
| - traefik.http.routers.prometheus.service=prometheus@internal | |
| - traefik.http.routers.prometheus.entrypoints=metrics | |
| - traefik.http.routers.prometheus.middlewares=my-basic-auth | |
| - traefik.http.routers.wildcard.tls=true | |
| - traefik.http.routers.wildcard.tls.certresolver=route53 | |
| - traefik.http.routers.wildcard.tls.domains[0].main=wshihadeh.cloud | |
| - traefik.http.routers.wildcard.tls.domains[0].sans=*.wshihadeh.cloud | |
| - traefik.http.middlewares.https_redirect.redirectscheme.scheme=https | |
| - traefik.http.middlewares.https_redirect.redirectscheme.permanent=true | |
| - traefik.http.routers.http_catchall.rule=HostRegexp(`{any:.+}`) | |
| - traefik.http.routers.http_catchall.entrypoints=web | |
| - traefik.http.routers.http_catchall.middlewares=https_redirect | |
| restart_policy: | |
| condition: any | |
| delay: 5s | |
| max_attempts: 3 | |
| window: 120s | |
| update_config: | |
| delay: 10s | |
| order: start-first | |
| parallelism: 1 | |
| rollback_config: | |
| parallelism: 0 | |
| order: stop-first | |
| logging: | |
| driver: json-file | |
| options: | |
| 'max-size': '10m' | |
| 'max-file': '5' | |
| networks: | |
| - traefik | |
| mysql: | |
| image: mysql:5.7 | |
| command: mysqld --general-log=1 --general-log-file=/var/log/mysql/general-log.log | |
| deploy: | |
| restart_policy: | |
| condition: any | |
| delay: 5s | |
| max_attempts: 3 | |
| window: 120s | |
| update_config: | |
| delay: 10s | |
| order: start-first | |
| parallelism: 1 | |
| rollback_config: | |
| parallelism: 0 | |
| order: stop-first | |
| logging: | |
| driver: json-file | |
| options: | |
| 'max-size': '10m' | |
| 'max-file': '5' | |
| networks: | |
| - traefik | |
| volumes: | |
| - db_data:/var/lib/mysql | |
| environment: | |
| MYSQL_ROOT_PASSWORD: dummy | |
| MYSQL_DATABASE: rails_blog_production | |
| rails_blog_web: | |
| image: wshihadeh/rails_blog:demo-v1 | |
| command: 'web' | |
| deploy: | |
| labels: | |
| - traefik.enable=true | |
| - traefik.tags=public | |
| - traefik.http.services.blog.loadbalancer.server.port=8080 | |
| - traefik.http.middlewares.my-http-headers.headers.customrequestheaders.X-REQUEST-SOURCE=public | |
| - traefik.http.middlewares.my-http-headers.headers.customresponseheaders.X-RESPONSE-SOURCE=rails | |
| - traefik.http.middlewares.blog-redirect.redirectregex.regex=^(https?://)www.wshihadeh.cloud/(.*)$$ | |
| - traefik.http.middlewares.blog-redirect.redirectregex.replacement=$${1}blog.wshihadeh.cloud/users/sign_up | |
| - traefik.http.middlewares.blog-redirect.redirectregex.permanent=true | |
| - traefik.http.middlewares.blog-client-cert.passtlsclientcert.pem=true | |
| - traefik.http.routers.blog.tls=true | |
| - traefik.http.routers.blog.tls.options=my-tls-opt@file | |
| - traefik.http.routers.blog.rule=Host(`blog.wshihadeh.cloud`) || Host(`wshihadeh.cloud`) || Host(`www.wshihadeh.cloud`) | |
| - traefik.http.routers.blog.service=blog | |
| - traefik.http.routers.blog.entrypoints=websecure | |
| - traefik.http.routers.blog.middlewares=my-http-headers,blog-redirect,my-basic-auth,blog-client-cert | |
| - traefik.docker.network=traefik | |
| restart_policy: | |
| condition: any | |
| delay: 5s | |
| max_attempts: 3 | |
| window: 120s | |
| update_config: | |
| delay: 10s | |
| order: start-first | |
| parallelism: 1 | |
| rollback_config: | |
| parallelism: 0 | |
| order: stop-first | |
| logging: | |
| driver: json-file | |
| options: | |
| 'max-size': '10m' | |
| 'max-file': '5' | |
| networks: | |
| - traefik | |
| depends_on: | |
| - mysql | |
| environment: | |
| DATABASE_URL: mysql2://root:dummy@mysql/rails_blog_production | |
| RAILS_SERVE_STATIC_FILES: 'true' | |
| mailcatcher: | |
| image: sj26/mailcatcher | |
| deploy: | |
| labels: | |
| - traefik.enable=true | |
| - traefik.tags=public | |
| - traefik.http.services.mailcatcher.loadbalancer.server.port=1080 | |
| - traefik.http.routers.mailcatcher.tls=true | |
| - traefik.http.routers.mailcatcher.rule=Host(`mailcatcher.wshihadeh.cloud`) | |
| - traefik.http.routers.mailcatcher.service=mailcatcher | |
| - traefik.http.routers.mailcatcher.entrypoints=web | |
| - traefik.docker.network=traefik | |
| restart_policy: | |
| condition: any | |
| delay: 5s | |
| max_attempts: 3 | |
| window: 120s | |
| update_config: | |
| delay: 10s | |
| order: start-first | |
| parallelism: 1 | |
| rollback_config: | |
| parallelism: 0 | |
| order: stop-first | |
| logging: | |
| driver: json-file | |
| options: | |
| 'max-size': '10m' | |
| 'max-file': '5' | |
| networks: | |
| - traefik |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment