mirror of
https://github.com/Haxxnet/Compose-Examples
synced 2024-12-18 16:20:19 +00:00
37 lines
1.5 KiB
YAML
37 lines
1.5 KiB
YAML
services:
|
|
|
|
traefik:
|
|
image: traefik:v3.2
|
|
container_name: traefik
|
|
restart: always
|
|
ports:
|
|
- 80:80/tcp # http
|
|
- 443:443/tcp # https
|
|
- 443:443/udp # https http3 quic
|
|
- 127.0.0.1:8080:8080 # http api dashboard
|
|
expose:
|
|
- 80 # http
|
|
- 443 # https
|
|
- 8080 # http api dashboard
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro # ro = read-only access to the docker.sock
|
|
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/traefik:/etc/traefik/ # put the provided traefik.yml and fileConfig.yml files at this location
|
|
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/traefik/logs:/logs
|
|
environment:
|
|
- TZ=Europe/Berlin
|
|
- CF_DNS_API_TOKEN=MyCloudflareApiToken # change this if you use Cloudflare
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.api.rule=Host(`traefik.example.com`) # Define the subdomain for the traefik dashboard.
|
|
- traefik.http.routers.api.service=api@internal # Enable Traefik API.
|
|
- traefik.http.routers.api.middlewares=local-ipwhitelist@file,basic-auth@file # protect dashboard with basic auth and restrict access to private class subnets only
|
|
#- traefik.http.middlewares.basic-auth-global.basicauth.users=admin:$$apr1$$epoKf5li$$QfTMJZOCS/halv3CiIUEu0 # protect the traefik dashboard by basic auth (pw=password)
|
|
extra_hosts:
|
|
- host.docker.internal:172.17.0.1
|
|
networks:
|
|
- proxy
|
|
|
|
networks:
|
|
proxy:
|
|
external: true
|