Nicnl · May 19, 2020 17:51
diff --git a/certificates.json b/certificates.json
 This is the empty file you have to create in traefik/certificates.json, as mentioned in Traefik's docker-compose.yml file
 This file will contain your private keys, so remember to perform a 'chmod 600' on it or else Traefik won't store anything in it
diff --git a/my-go-app_docker-compose.yml b/my-go-app_docker-compose.yml
 # This is your go app's docker-compose file, place it here : my-go-app/docker-compose.yml
 # It does not need any ports opening since HTTP traffic is handled by Traefik

 version: '3'

 services:
  my-go-app:
    image: 'my-go-app:1.0'
    networks: [default, traefik]
    labels:
      - 'traefik.enable=true'
      - 'traefik.docker.network=traefik'
      - 'traefik.frontend.rule=Host:mysubdomain.mydomain.com'
        # The HTTP port your app is listening to, it's the port you normally would have forwarded with 'ports:'
        # But don't worry, Traefik will make it available on it's port 80/443
      - 'traefik.port=9000'

 networks:
  traefik:
    external:
      name: traefik
diff --git a/traefik.toml b/traefik.toml
 # This is traefik's config file, place it here : traefik/traefik.toml

 # Log
 logLevel = "DEBUG"

 # Entrypoints
 defaultEntryPoints = ["https", "http"]
 [entryPoints]
  [entryPoints.http]
  address = ":80"
     [entryPoints.http.redirect]
       entryPoint = "https"
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]

 [docker]
 endpoint = "unix:///var/run/docker.sock"
 watch = true
 # So that traefik will just create backend/frontend rules for the containers that have the 'traefik.enable=true' label
 exposedbydefault = false

 [acme]
 # Enter your email here
 email = "[email protected]"
 storageFile = "certificates.json"
 onDemand = true
 entryPoint = "https"
 [acme.httpChallenge]
  entryPoint = "http"
diff --git a/traefik_docker-compose.yml b/traefik_docker-compose.yml
 # This is Traefik's docker-compose file, place it here : traefik/docker-compose.yml
 # I like to have it in a separate container so that it keeps running even if I do havoc with my other apps

 version: '3'

 services:
  traefik:
    image: 'traefik:1.6'
    restart: always
      # This argument provides a web interface monitoring purposes, if you want you can remove it along with the 8080 port forwarding
    command: --web
    networks: [traefik]
    ports:
      - '80:80'
      - '443:443'
      - '8080:8080'
    volumes:
      - './traefik.toml:/etc/traefik/traefik.toml:ro'
        # You have to create the 'certificates.json' file (not dir!) beforehand and do a 'chmod 600 certificates.json' on it, or else Traefik won't store your private keys in it.
      - './certificates.json:/certificates.json'
      - '/var/run/docker.sock:/var/run/docker.sock'
    logging:
      options:
          # It generates quite a lot of logs when traefik.toml's log level is set to debug, so let's not keep it all
        max-size: '25m'
        max-file: '3'

 networks:
  traefik:
    external:
      name: traefik
	This is the empty file you have to create in traefik/certificates.json, as mentioned in Traefik's docker-compose.yml file
	This file will contain your private keys, so remember to perform a 'chmod 600' on it or else Traefik won't store anything in it
	# This is your go app's docker-compose file, place it here : my-go-app/docker-compose.yml
	# It does not need any ports opening since HTTP traffic is handled by Traefik

	version: '3'

	services:
	my-go-app:
	image: 'my-go-app:1.0'
	networks: [default, traefik]
	labels:
	- 'traefik.enable=true'
	- 'traefik.docker.network=traefik'
	- 'traefik.frontend.rule=Host:mysubdomain.mydomain.com'
	# The HTTP port your app is listening to, it's the port you normally would have forwarded with 'ports:'
	# But don't worry, Traefik will make it available on it's port 80/443
	- 'traefik.port=9000'

	networks:
	traefik:
	external:
	name: traefik
	# This is traefik's config file, place it here : traefik/traefik.toml

	# Log
	logLevel = "DEBUG"

	# Entrypoints
	defaultEntryPoints = ["https", "http"]
	[entryPoints]
	[entryPoints.http]
	address = ":80"
	[entryPoints.http.redirect]
	entryPoint = "https"
	[entryPoints.https]
	address = ":443"
	[entryPoints.https.tls]

	[docker]
	endpoint = "unix:///var/run/docker.sock"
	watch = true
	# So that traefik will just create backend/frontend rules for the containers that have the 'traefik.enable=true' label
	exposedbydefault = false

	[acme]
	# Enter your email here
	email = "[email protected]"
	storageFile = "certificates.json"
	onDemand = true
	entryPoint = "https"
	[acme.httpChallenge]
	entryPoint = "http"
	# This is Traefik's docker-compose file, place it here : traefik/docker-compose.yml
	# I like to have it in a separate container so that it keeps running even if I do havoc with my other apps

	version: '3'

	services:
	traefik:
	image: 'traefik:1.6'
	restart: always
	# This argument provides a web interface monitoring purposes, if you want you can remove it along with the 8080 port forwarding
	command: --web
	networks: [traefik]
	ports:
	- '80:80'
	- '443:443'
	- '8080:8080'
	volumes:
	- './traefik.toml:/etc/traefik/traefik.toml:ro'
	# You have to create the 'certificates.json' file (not dir!) beforehand and do a 'chmod 600 certificates.json' on it, or else Traefik won't store your private keys in it.
	- './certificates.json:/certificates.json'
	- '/var/run/docker.sock:/var/run/docker.sock'
	logging:
	options:
	# It generates quite a lot of logs when traefik.toml's log level is set to debug, so let's not keep it all
	max-size: '25m'
	max-file: '3'

	networks:
	traefik:
	external:
	name: traefik