Traefik 2.2 with openvpn failover with udp+tcp protocol

docker-compose.yml

version: '3'

networks:
web:
    external: true
bridge:
    external: true

services:
traefik:
    image: traefik:v2.2
    container_name: traefik
    ports:
    - "80:80"
    - "443:443"
    - "1194:1194/udp"
    networks:
    - web
    - bridge
    volumes:
    - /var/www/traefik/traefik.toml:/etc/traefik/traefik.toml:rw
    - /var/www/traefik/acme.json:/acme.json:rw
    - /var/www/traefik/traefik.log:/traefik.log:rw
    - /var/run/docker.sock:/var/run/docker.sock:ro
    restart: always

openvpn-udp:
    image: kylemanna/openvpn
    container_name: ovpn-udp
    cap_add:
    - NET_ADMIN
    depends_on:
    - "traefik"
    networks:
    - web
    command: ovpn_run --proto udp
    labels:
    - "traefik.udp.routers.openvpn.entrypoints=openvpn"
    - "traefik.udp.routers.openvpn.service=openvpn"
    - "traefik.udp.services.openvpn.loadbalancer.server.port=1194"
    volumes:
    - openvpn:/etc/openvpn
    restart: always

openvpn-tcp:
    image: kylemanna/openvpn
    container_name: ovpn-tcp
    cap_add:
    - NET_ADMIN
    depends_on:
    - "traefik"
    networks:
    - web
    command: ovpn_run --proto tcp
    labels:
    - "traefik.tcp.routers.openvpn.rule=HostSNI(`*`)"
    - "traefik.tcp.routers.openvpn.entrypoints=websecure"
    - "traefik.tcp.routers.openvpn.service=openvpn"
    - "traefik.tcp.services.openvpn.loadbalancer.server.port=1194"
    volumes:
    - openvpn:/etc/openvpn
    restart: always

traefik.toml

[entryPoints]
  [entryPoints.web]
    address = ":80"

  [entryPoints.websecure]
    address = ":443"

  [entryPoints.openvpn]
    address = ":1194/udp"

@asifma this gist is used in this post: https://jurian.slui.mn/posts/openvpn-with-traefik-2.2/