From 3178c8fe405dfe75f9153717667d857e89fc25a3 Mon Sep 17 00:00:00 2001 From: Florestan Bredow Date: Wed, 25 Nov 2020 15:19:15 +0100 Subject: [PATCH] Initial commit --- .gitignore | 1 + README.md | 51 ++++++++++++++++++++++++++++++++++++++++++++++ conf/traefik.toml | 32 +++++++++++++++++++++++++++++ docker-compose.yml | 20 ++++++++++++++++++ 4 files changed, 104 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 conf/traefik.toml create mode 100644 docker-compose.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a271d2e --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +conf/acme.json diff --git a/README.md b/README.md new file mode 100644 index 0000000..2e96b43 --- /dev/null +++ b/README.md @@ -0,0 +1,51 @@ +Configuration Traefic. +===================== + +Pour démarrer : +--------------- +```bash +touch conf/acme.json +chmod 600 conf/acme.json +docker network create web +``` + +Pour ajouter un service : +------------------------- +Dans le fichier `docker-compose.yml` de ce service , ajouter le réseau `web` : +```yaml +networks: + web: + external: true + backend: +``` +Dans ce même fichier sur le service qui va être lié au proxy le connecter au réseau et ajouter les paramètres qui vont bien : +```yaml +version: "3.8" + +services: + MonService: + [...] + networks: + - web + - backend + labels: + - traefik.http.routers.host_domaine_tld.rule=Host(`host.domain.tld`) + - traefik.http.routers.host_domaine_tld.tls=true + - traefik.http.routers.host_domaine_tld.tls.certresolver=myresolver + - traefik.http.services.host_domaine_tld.loadbalancer.server.port=80 + [...] +``` +**Penser à remplacer `host.domaine.tls` et `host_domain_tld` par les valeurs qui vont bien.** + +Les services qui ne sont pas publié doivent être ajouté au réseau `backend`. + +```yaml +services: + MonService: + [...] + networks: + - backend + [...] +``` + +Si il n'y a qu'un service, inutile d'ajouter le réseau `backend` \ No newline at end of file diff --git a/conf/traefik.toml b/conf/traefik.toml new file mode 100644 index 0000000..88ad34f --- /dev/null +++ b/conf/traefik.toml @@ -0,0 +1,32 @@ +[global] + checkNewVersion=true + sendAnonymousUsage=false + +[accesslog] + +[log] + level = "WARNING" + +[api] + insecure = true + dashboard = true + +[entryPoints] + [entryPoints.web] + address = ":80" + [entryPoints.web.http] + [entryPoints.web.http.redirections] + [entryPoints.web.http.redirections.entryPoint] + to = "websecure" + scheme = "https" + [entryPoints.websecure] + address = ":443" + +[certificatesResolvers.myresolver.acme] + email = "florestan@bredow.fr" + storage = "acme.json" + [certificatesResolvers.myresolver.acme.httpChallenge] + entryPoint = "web" + +[providers.docker] + network = "web" diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..7be31ea --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,20 @@ +version: '3.8' + +services: + traefik: + image: traefik:2.3 + ports: + - "80:80" + - "443:443" + - "8080:8080" + networks: + - web + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ./conf/traefik.toml:/etc/traefik/traefik.toml:ro + - ./conf/acme.json:/acme.json + - ./conf/custom:/etc/traefik/custom:ro + +networks: + web: + external: true