Created
October 30, 2016 20:15
-
-
Save nknapp/20c7cd89f1f128b8425dd89cbad0b802 to your computer and use it in GitHub Desktop.
Traefik setup as reverse-proxy with docker and letsencrypt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '2' | |
| services: | |
| traefik: | |
| build: . | |
| # command: --logLevel=DEBUG | |
| ports: | |
| - "80:80" | |
| - "443:443" | |
| - "127.0.0.1:8080:8080" | |
| restart: always | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| networks: | |
| - default | |
| cap_drop: | |
| - all | |
| cap_add: | |
| - net_bind_service |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM traefik:camembert | |
| ADD traefik.toml . | |
| EXPOSE 80 | |
| EXPOSE 8080 | |
| EXPOSE 443 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # defaultEntryPoints must be at the top because it should not be in any table below | |
| defaultEntryPoints = ["http", "https"] | |
| [web] | |
| # Port for the status page | |
| address = ":8080" | |
| # Entrypoints, http and https | |
| [entryPoints] | |
| # http should be redirected to https | |
| [entryPoints.http] | |
| address = ":80" | |
| [entryPoints.http.redirect] | |
| entryPoint = "https" | |
| # https is the default | |
| [entryPoints.https] | |
| address = ":443" | |
| [entryPoints.https.tls] | |
| # Enable ACME (Let's Encrypt): automatic SSL | |
| [acme] | |
| # caServer = "https://acme-staging.api.letsencrypt.org/directory" | |
| email = "letsencrypt@example.com" | |
| storage = "acme.json" # or "traefik/acme/account" if using KV store | |
| entryPoint = "https" | |
| onDemand = false | |
| OnHostRule = true | |
| [docker] | |
| endpoint = "unix:///var/run/docker.sock" | |
| domain = "example.com" | |
| watch = true | |
| exposedbydefault = false | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
SUPER HELPFUL. Thank you!