Created
May 10, 2019 16:33
-
-
Save pozylon/7b49d59af57cb5ba2b8e28e46340f607 to your computer and use it in GitHub Desktop.
Docker Compose Unchained Setup for a Docker Machine with swarm mode activated
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: "3.4" | |
services: | |
traefik: | |
image: traefik:tetedemoine-alpine | |
network_mode: host | |
ports: | |
- target: 80 | |
published: 80 | |
protocol: tcp | |
mode: host | |
- target: 443 | |
published: 443 | |
protocol: tcp | |
mode: host | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock:ro | |
- traefik-conf:/etc/traefik | |
command: traefik -l WARN | |
deploy: | |
mode: global | |
placement: | |
constraints: [ node.role == manager ] | |
restart_policy: | |
condition: any | |
delay: 10s | |
rs1: | |
image: mongo:4 | |
volumes: | |
- rs1-data:/data/db | |
command: --noprealloc --smallfiles | |
deploy: | |
replicas: 1 | |
placement: | |
constraints: [ node.role == manager ] | |
restart_policy: | |
condition: any | |
unchained: | |
build: | |
context: ./unchained | |
image: unchained:latest | |
volumes: | |
- unchained-uploads:/unchained-uploads | |
environment: | |
DEBUG: 1 | |
BYPASS_CORS: 1 | |
NODE_ENV: production | |
MONGO_URL: mongodb://rs1/unchained | |
UI_ENDPOINT: https://xxx.com | |
ROOT_URL: https://unchained.xxx.com | |
FILE_STORAGE_PATH: /unchained-uploads | |
MAIL_URL: smtp://....com:587 | |
EMAIL_FROM: [email protected] | |
EMAIL_TO: [email protected] | |
UI_ENDPOINT: https://unchained.xxx.com | |
deploy: | |
replicas: 1 | |
update_config: | |
parallelism: 1 | |
delay: 30s | |
order: start-first | |
labels: | |
- traefik.port=3000 | |
- traefik.backend=unchained | |
- traefik.backend.loadbalancer.swarm=true | |
- traefik.docker.network=traefik_webnet | |
- traefik.frontend.redirect.entryPoint=https | |
- traefik.frontend.rule=Host:unchained.xxx.com;PathPrefix:/graphql,/cdn,/rest | |
restart_policy: | |
condition: on-failure | |
storefront: | |
build: | |
context: ./storefront | |
image: storefront:latest | |
environment: | |
- UNCHAINED_ENDPOINT=https://unchained.xxx.com/graphql | |
- GRAPHCMS_ENDPOINT=https://api-euwest.graphcms.com/v1/... | |
- GRAPHCMS_TOKEN=... | |
- GRAPHQL_ENDPOINT=https://xxx.com/graphql | |
- NODE_ENV=production | |
deploy: | |
replicas: 1 | |
update_config: | |
parallelism: 1 | |
delay: 30s | |
order: start-first | |
labels: | |
- traefik.port=3000 | |
- traefik.backend=storefront | |
- traefik.backend.loadbalancer.swarm=true | |
- traefik.docker.network=traefik_webnet | |
- traefik.frontend.redirect.entryPoint=https | |
- traefik.frontend.rule=Host:xxx.com | |
restart_policy: | |
condition: on-failure | |
controlpanel: | |
build: | |
context: ./controlpanel | |
image: controlpanel:latest | |
environment: | |
- NODE_ENV=production | |
- GRAPHQL_ENDPOINT=https://unchained.xxx.com/graphql | |
networks: | |
- traefik_webnet | |
restart: always | |
deploy: | |
replicas: 1 | |
update_config: | |
parallelism: 1 | |
delay: 30s | |
order: start-first | |
labels: | |
- traefik.port=3000 | |
- traefik.backend=controlpanel | |
- traefik.backend.loadbalancer.swarm=true | |
- traefik.docker.network=traefik_webnet | |
- traefik.frontend.redirect.entryPoint=https | |
- traefik.frontend.rule=Host:unchained.xxx.com | |
restart_policy: | |
condition: on-failure | |
volumes: | |
unchained-uploads: | |
traefik-conf: | |
traefik-acme: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
################################################################ | |
# Global configuration | |
################################################################ | |
# Duration to give active requests a chance to finish during hot-reloads. | |
# Can be provided in a format supported by Go's time.ParseDuration function or | |
# as raw values (digits). If no units are provided, the value is parsed assuming | |
# seconds. | |
# | |
# Optional | |
# Default: "10s" | |
# | |
# graceTimeOut = "10s" | |
# Enable debug mode | |
# | |
# Optional | |
# Default: false | |
# | |
# debug = true | |
# Periodically check if a new version has been released | |
# | |
# Optional | |
# Default: true | |
# | |
# checkNewVersion = false | |
# Traefik logs file | |
# If not defined, logs to stdout | |
# | |
# Optional | |
# | |
# traefikLogsFile = "log/traefik.log" | |
# Access logs file | |
# | |
# Optional | |
# | |
# accessLogsFile = "log/access.log" | |
# Log level | |
# | |
# Optional | |
# Default: "ERROR" | |
# | |
# logLevel = "ERROR" | |
# Backends throttle duration: minimum duration in seconds between 2 events from providers | |
# before applying a new configuration. It avoids unnecessary reloads if multiples events | |
# are sent in a short amount of time. | |
# Can be provided in a format supported by Go's time.ParseDuration function or | |
# as raw values (digits). If no units are provided, the value is parsed assuming | |
# seconds. | |
# | |
# Optional | |
# Default: "2s" | |
# | |
# ProvidersThrottleDuration = "5s" | |
# Controls the maximum idle (keep-alive) connections to keep per-host. If zero, DefaultMaxIdleConnsPerHost | |
# from the Go standard library net/http module is used. | |
# If you encounter 'too many open files' errors, you can either increase this | |
# value or change the `ulimit`. | |
# | |
# Optional | |
# Default: 200 | |
# | |
# MaxIdleConnsPerHost = 200 | |
# If set to true invalid SSL certificates are accepted for backends. | |
# Note: This disables detection of man-in-the-middle attacks so should only be used on secure backend networks. | |
# Optional | |
# Default: false | |
# | |
# InsecureSkipVerify = true | |
# Entrypoints to be used by frontends that do not specify any entrypoint. | |
# Each frontend can specify its own entrypoints. | |
# | |
# Optional | |
# Default: ["http"] | |
# | |
defaultEntryPoints = ["http", "https"] | |
# Constraints definition | |
# | |
# Optional | |
# | |
# Simple matching constraint | |
# constraints = ["tag==api"] | |
# | |
# Simple mismatching constraint | |
# constraints = ["tag!=api"] | |
# | |
# Globbing | |
# constraints = ["tag==us-*"] | |
# | |
# Backend-specific constraint | |
# [consulCatalog] | |
# endpoint = "127.0.0.1:8500" | |
# constraints = ["tag==api"] | |
# | |
# Multiple constraints | |
# - "tag==" must match with at least one tag | |
# - "tag!=" must match with none of tags | |
# constraints = ["tag!=us-*", "tag!=asia-*"] | |
# [consulCatalog] | |
# endpoint = "127.0.0.1:8500" | |
# constraints = ["tag==api", "tag!=v*-beta"] | |
# Enable ACME (Let's Encrypt): automatic SSL | |
# | |
# Optional | |
# | |
[acme] | |
# Email address used for registration | |
# | |
# Required | |
# | |
email = "[email protected]" | |
# File or key used for certificates storage. | |
# WARNING, if you use Traefik in Docker, you have 2 options: | |
# - create a file on your host and mount it as a volume | |
# storageFile = "acme.json" | |
# $ docker run -v "/my/host/acme.json:acme.json" traefik | |
# - mount the folder containing the file as a volume | |
# storageFile = "/etc/traefik/acme/acme.json" | |
# $ docker run -v "/my/host/acme:/etc/traefik/acme" traefik | |
# | |
# Required | |
# | |
storage = "/etc/traefik/acme.json" # or "traefik/acme/account" if using KV store | |
entryPoint = "https" | |
acmeLogging = true | |
OnHostRule = true | |
# CA server to use | |
# Uncomment the line to run on the staging let's encrypt server | |
# caServer = "https://acme-staging.api.letsencrypt.org/directory" | |
# [acme.dnsChallenge] | |
# provider = "exoscale" | |
# delayBeforeCheck = 0 | |
[acme.httpChallenge] | |
entryPoint = "http" | |
# Entrypoints definition | |
# | |
# Optional | |
# Default: | |
# [entryPoints] | |
# [entryPoints.http] | |
# address = ":80" | |
# | |
# To redirect an http entrypoint to an https entrypoint (with SNI support): | |
[entryPoints] | |
[entryPoints.http] | |
address = ":80" | |
[entryPoints.http.redirect] | |
entryPoint = "https" | |
[entryPoints.https] | |
compress = true | |
address = ":443" | |
[entryPoints.https.tls] | |
# | |
# To redirect an entrypoint rewriting the URL: | |
# [entryPoints] | |
# [entryPoints.http] | |
# address = ":80" | |
# [entryPoints.http.redirect] | |
# regex = "^http://localhost/(.*)" | |
# replacement = "http://mydomain/$1" | |
# | |
# To enable basic auth on an entrypoint | |
# with 2 user/pass: test:test and test2:test2 | |
# Passwords can be encoded in MD5, SHA1 and BCrypt: you can use htpasswd to generate those ones | |
# Users can be specified directly in the toml file, or indirectly by referencing an external file; if both are provided, the two are merged, with external file contents having precedence | |
# [entryPoints] | |
# [entryPoints.http] | |
# address = ":80" | |
# [entryPoints.http.auth.basic] | |
# users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"] | |
# usersFile = "/path/to/.htpasswd" | |
# | |
# To enable digest auth on an entrypoint | |
# with 2 user/realm/pass: test:traefik:test and test2:traefik:test2 | |
# You can use htdigest to generate those ones | |
# Users can be specified directly in the toml file, or indirectly by referencing an external file; if both are provided, the two are merged, with external file contents having precedence | |
# [entryPoints] | |
# [entryPoints.http] | |
# address = ":80" | |
# [entryPoints.http.auth.basic] | |
# users = ["test:traefik:a2688e031edb4be6a3797f3882655c05 ", "test2:traefik:518845800f9e2bfb1f1f740ec24f074e"] | |
# usersFile = "/path/to/.htdigest" | |
# | |
# To specify an https entrypoint with a minimum TLS version, and specifying an array of cipher suites (from crypto/tls): | |
# [entryPoints] | |
# [entryPoints.https] | |
# address = ":443" | |
# [entryPoints.https.tls] | |
# MinVersion = "VersionTLS12" | |
# CipherSuites = ["TLS_RSA_WITH_AES_256_GCM_SHA384"] | |
# [[entryPoints.https.tls.certificates]] | |
# CertFile = "integration/fixtures/https/snitest.com.cert" | |
# KeyFile = "integration/fixtures/https/snitest.com.key" | |
# [[entryPoints.https.tls.certificates]] | |
# CertFile = "integration/fixtures/https/snitest.org.cert" | |
# KeyFile = "integration/fixtures/https/snitest.org.key" | |
# To enable compression support using gzip format: | |
# [entryPoints] | |
# [entryPoints.http] | |
# address = ":80" | |
# compress = true | |
# To bind to a particular IP address only: | |
# [entryPoints] | |
# [entryPoints.http] | |
# address = "10.42.13.37:80" | |
# Enable retry sending request if network error | |
# | |
# Optional | |
# | |
[retry] | |
# Number of attempts | |
# | |
# Optional | |
# Default: (number servers in backend) -1 | |
# | |
# attempts = 3 | |
# Enable custom health check options. | |
# | |
# Optional | |
# | |
# [healthcheck] | |
# Set the default health check interval. Will only be effective if health check | |
# paths are defined. Given provider-specific support, the value may be | |
# overridden on a per-backend basis. | |
# Can be provided in a format supported by Go's time.ParseDuration function or | |
# as raw values (digits). If no units are provided, the value is parsed assuming | |
# seconds. | |
# | |
# Optional | |
# Default: "30s" | |
# | |
# interval = "30s" | |
################################################################ | |
# Web configuration backend | |
################################################################ | |
# Enable web configuration backend | |
# | |
# Optional | |
# | |
# [web] | |
# Web administration port | |
# | |
# Required | |
# | |
# address = ":8080" | |
# SSL certificate and key used | |
# | |
# Optional | |
# | |
# CertFile = "traefik.crt" | |
# KeyFile = "traefik.key" | |
# | |
# Set REST API to read-only mode | |
# | |
# Optional | |
# ReadOnly = false | |
# | |
# Enable more detailed statistics | |
# [web.statistics] | |
# RecentErrors = 10 | |
# | |
# To enable Traefik to export internal metrics to Prometheus | |
# [web.metrics.prometheus] | |
# Buckets=[0.1,0.3,1.2,5.0] | |
# | |
# To enable basic auth on the webui | |
# with 2 user/pass: test:test and test2:test2 | |
# Passwords can be encoded in MD5, SHA1 and BCrypt: you can use htpasswd to generate those ones | |
# Users can be specified directly in the toml file, or indirectly by referencing an external file; if both are provided, the two are merged, with external file contents having precedence | |
# [web.auth.basic] | |
# users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"] | |
# usersFile = "/path/to/.htpasswd" | |
# To enable digest auth on the webui | |
# with 2 user/realm/pass: test:traefik:test and test2:traefik:test2 | |
# You can use htdigest to generate those ones | |
# Users can be specified directly in the toml file, or indirectly by referencing an external file; if both are provided, the two are merged, with external file contents having precedence | |
# [web.auth.digest] | |
# users = ["test:traefik:a2688e031edb4be6a3797f3882655c05 ", "test2:traefik:518845800f9e2bfb1f1f740ec24f074e"] | |
# usersFile = "/path/to/.htdigest" | |
################################################################ | |
# File configuration backend | |
################################################################ | |
# Enable file configuration backend | |
# | |
# Optional | |
# | |
# [file] | |
# Rules file | |
# If defined, traefik will load rules from this file, | |
# otherwise, it will load rules from current file (cf Sample rules below). | |
# | |
# Optional | |
# | |
# filename = "rules.toml" | |
# Enable watch file changes | |
# | |
# Optional | |
# | |
# watch = true | |
################################################################ | |
# Docker configuration backend | |
################################################################ | |
# Enable Docker configuration backend | |
# | |
# Optional | |
# | |
# [docker] | |
# Docker server endpoint. Can be a tcp or a unix socket endpoint. | |
# | |
# Required | |
# | |
# endpoint = "unix:///var/run/docker.sock" | |
# Default domain used. | |
# Can be overridden by setting the "traefik.domain" label on a container. | |
# | |
# Required | |
# | |
# domain = "docker.localhost" | |
# Enable watch docker changes | |
# | |
# Optional | |
# | |
# watch = true | |
# Override default configuration template. For advanced users :) | |
# | |
# Optional | |
# | |
# filename = "docker.tmpl" | |
# Expose containers by default in traefik | |
# | |
# Optional | |
# Default: true | |
# | |
# exposedbydefault = true | |
# Enable docker TLS connection | |
# | |
# Optional | |
# | |
# [docker.tls] | |
# ca = "/etc/ssl/ca.crt" | |
# cert = "/etc/ssl/docker.crt" | |
# key = "/etc/ssl/docker.key" | |
# insecureskipverify = true | |
################################################################ | |
# Docker Swarmmode configuration backend | |
################################################################ | |
# Enable Docker configuration backend | |
# | |
# Optional | |
# | |
[docker] | |
# Docker server endpoint. Can be a tcp or a unix socket endpoint. | |
# | |
# Required | |
# | |
endpoint = "unix:///var/run/docker.sock" | |
# Default domain used. | |
# Can be overridden by setting the "traefik.domain" label on a services. | |
# | |
# Required | |
# | |
domain = "reactive.one" | |
# Enable watch docker changes | |
# | |
# Optional | |
# | |
watch = true | |
# Use Docker Swarm Mode as data provider | |
# | |
# Optional | |
# | |
swarmmode = true | |
# Override default configuration template. For advanced users :) | |
# | |
# Optional | |
# | |
# filename = "docker.tmpl" | |
# Expose services by default in traefik | |
# | |
# Optional | |
# Default: true | |
# | |
exposedbydefault = true | |
# Enable docker TLS connection | |
# | |
# Optional | |
# | |
# [swarm.tls] | |
# ca = "/etc/ssl/ca.crt" | |
# cert = "/etc/ssl/docker.crt" | |
# key = "/etc/ssl/docker.key" | |
# insecureskipverify = true | |
# Constraints | |
# | |
# Optional | |
# | |
# constraints = ["tag==api", "tag==he*ld"] | |
# Matching with containers having the label "traefik.tags" set to "api,helloworld" | |
# ex: $ docker run -d -P --label traefik.tags=api,helloworld emilevauge/whoami | |
################################################################ | |
# Mesos/Marathon configuration backend | |
################################################################ | |
# Enable Marathon configuration backend | |
# | |
# Optional | |
# | |
# [marathon] | |
# Marathon server endpoint. | |
# You can also specify multiple endpoint for Marathon: | |
# endpoint := "http://10.241.1.71:8080,10.241.1.72:8080,10.241.1.73:8080" | |
# | |
# Required | |
# | |
# endpoint = "http://127.0.0.1:8080" | |
# Enable watch Marathon changes | |
# | |
# Optional | |
# | |
# watch = true | |
# Default domain used. | |
# Can be overridden by setting the "traefik.domain" label on an application. | |
# | |
# Required | |
# | |
# domain = "marathon.localhost" | |
# Override default configuration template. For advanced users :) | |
# | |
# Optional | |
# | |
# filename = "marathon.tmpl" | |
# Expose Marathon apps by default in traefik | |
# | |
# Optional | |
# Default: true | |
# | |
# exposedByDefault = true | |
# Convert Marathon groups to subdomains | |
# Default behavior: /foo/bar/myapp => foo-bar-myapp.{defaultDomain} | |
# with groupsAsSubDomains enabled: /foo/bar/myapp => myapp.bar.foo.{defaultDomain} | |
# | |
# Optional | |
# Default: false | |
# | |
# groupsAsSubDomains = true | |
# Override DialerTimeout | |
# Amount of time to allow the Marathon provider to wait to open a TCP connection | |
# to a Marathon master. | |
# Can be provided in a format supported by Go's time.ParseDuration function or | |
# as raw values (digits). If no units are provided, the value is parsed assuming | |
# seconds. | |
# | |
# Optional | |
# Default: "60s" | |
# dialerTimeout = "60s" | |
# Enable Marathon basic authentication | |
# | |
# Optional | |
# | |
# [marathon.basic] | |
# httpBasicAuthUser = "foo" | |
# httpBasicPassword = "bar" | |
# DCOSToken for DCOS environment, This will override the Authorization header | |
# | |
# Optional | |
# | |
# dcosToken = "xxxxxx" | |
# Set the TCP Keep Alive interval for the Marathon HTTP Client. | |
# Can be provided in a format supported by Go's time.ParseDuration function or | |
# as raw values (digits). If no units are provided, the value is parsed assuming | |
# seconds. | |
# | |
# Optional | |
# Default: "10s" | |
# | |
# keepAlive = "10s" | |
# By default, a task's IP address (as returned by the Marathon API) is used as | |
# backend server if an IP-per-task configuration can be found; otherwise, the | |
# name of the host running the task is used. | |
# The latter behavior can be enforced by enabling this switch. | |
# | |
# Optional | |
# Default: false | |
# | |
# forceTaskHostname: false | |
################################################################ | |
# Mesos configuration backend | |
################################################################ | |
# Enable Mesos configuration backend | |
# | |
# Optional | |
# | |
# [mesos] | |
# Mesos server endpoint. | |
# You can also specify multiple endpoint for Mesos: | |
# endpoint = "192.168.35.40:5050,192.168.35.41:5050,192.168.35.42:5050" | |
# endpoint = "zk://192.168.35.20:2181,192.168.35.21:2181,192.168.35.22:2181/mesos" | |
# | |
# Required | |
# | |
# endpoint = "http://127.0.0.1:8080" | |
# Enable watch Mesos changes | |
# | |
# Optional | |
# | |
# watch = true | |
# Default domain used. | |
# Can be overridden by setting the "traefik.domain" label on an application. | |
# | |
# Required | |
# | |
# domain = "mesos.localhost" | |
# Override default configuration template. For advanced users :) | |
# | |
# Optional | |
# | |
# filename = "mesos.tmpl" | |
# Expose Mesos apps by default in traefik | |
# | |
# Optional | |
# Default: false | |
# | |
# ExposedByDefault = true | |
# TLS client configuration. https://golang.org/pkg/crypto/tls/#Config | |
# | |
# Optional | |
# | |
# [mesos.TLS] | |
# InsecureSkipVerify = true | |
# Zookeeper timeout (in seconds) | |
# | |
# Optional | |
# Default: 30 | |
# | |
# ZkDetectionTimeout = 30 | |
# Polling interval (in seconds) | |
# | |
# Optional | |
# Default: 30 | |
# | |
# RefreshSeconds = 30 | |
# IP sources (e.g. host, docker, mesos, rkt) | |
# | |
# Optional | |
# | |
# IPSources = "host" | |
# HTTP Timeout (in seconds) | |
# | |
# Optional | |
# Default: 30 | |
# | |
# StateTimeoutSecond = "30" | |
################################################################ | |
# Kubernetes Ingress configuration backend | |
################################################################ | |
# Enable Kubernetes Ingress configuration backend | |
# | |
# Optional | |
# | |
# [kubernetes] | |
# Kubernetes server endpoint | |
# | |
# When deployed as a replication controller in Kubernetes, Traefik will use | |
# the environment variables KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT | |
# to construct the endpoint. | |
# Secure token will be found in /var/run/secrets/kubernetes.io/serviceaccount/token | |
# and SSL CA cert in /var/run/secrets/kubernetes.io/serviceaccount/ca.crt | |
# | |
# The endpoint may be given to override the environment variable values. | |
# | |
# When the environment variables are not found, Traefik will try to connect to | |
# the Kubernetes API server with an external-cluster client. In this case, the | |
# endpoint is required. Specifically, it may be set to the URL used by | |
# `kubectl proxy` to connect to a Kubernetes cluster from localhost. | |
# | |
# Optional for in-cluster configuration, required otherwise | |
# Default: empty | |
# | |
# endpoint = "http://127.0.0.1:8001" | |
# Bearer token used for the Kubernetes client configuration. | |
# | |
# Optional | |
# Default: empty | |
# | |
# token = "my token" | |
# Path to the certificate authority file used for the Kubernetes client | |
# configuration. | |
# | |
# Optional | |
# Default: empty | |
# | |
# certAuthFilePath = "/my/ca.crt" | |
# Array of namespaces to watch. | |
# | |
# Optional | |
# Default: ["default"]. | |
# | |
# namespaces = ["default"] | |
# See: http://kubernetes.io/docs/user-guide/labels/#list-and-watch-filtering | |
# labelselector = "A and not B" | |
################################################################ | |
# Consul KV configuration backend | |
################################################################ | |
# Enable Consul KV configuration backend | |
# | |
# Optional | |
# | |
# [consul] | |
# Consul server endpoint | |
# | |
# Required | |
# | |
# endpoint = "127.0.0.1:8500" | |
# Enable watch Consul changes | |
# | |
# Optional | |
# | |
# watch = true | |
# Prefix used for KV store. | |
# | |
# Optional | |
# | |
# prefix = "traefik" | |
# Override default configuration template. For advanced users :) | |
# | |
# Optional | |
# | |
# filename = "consul.tmpl" | |
# Enable consul TLS connection | |
# | |
# Optional | |
# | |
# [consul.tls] | |
# ca = "/etc/ssl/ca.crt" | |
# cert = "/etc/ssl/consul.crt" | |
# key = "/etc/ssl/consul.key" | |
# insecureskipverify = true | |
################################################################ | |
# Consul Catalog configuration backend | |
################################################################ | |
# Enable Consul Catalog configuration backend | |
# | |
# Optional | |
# | |
# [consulCatalog] | |
# Consul server endpoint | |
# | |
# Required | |
# | |
# endpoint = "127.0.0.1:8500" | |
# Default domain used. | |
# | |
# Optional | |
# | |
# domain = "consul.localhost" | |
# Prefix for Consul catalog tags | |
# | |
# Optional | |
# | |
# prefix = "traefik" | |
# Constraints | |
# | |
# Optional | |
# | |
# constraints = ["tag==api", "tag==he*ld"] | |
# Matching with containers having this tag: "traefik.tags=api,helloworld" | |
################################################################ | |
# Etcd configuration backend | |
################################################################ | |
# Enable Etcd configuration backend | |
# | |
# Optional | |
# | |
# [etcd] | |
# Etcd server endpoint | |
# | |
# Required | |
# | |
# endpoint = "127.0.0.1:2379" | |
# Enable watch Etcd changes | |
# | |
# Optional | |
# | |
# watch = true | |
# Prefix used for KV store. | |
# | |
# Optional | |
# | |
# prefix = "/traefik" | |
# Override default configuration template. For advanced users :) | |
# | |
# Optional | |
# | |
# filename = "etcd.tmpl" | |
# Use etcd user/pass authentication | |
# | |
# Optional | |
# | |
# username = foo | |
# password = bar | |
# Enable etcd TLS connection | |
# | |
# Optional | |
# | |
# [etcd.tls] | |
# ca = "/etc/ssl/ca.crt" | |
# cert = "/etc/ssl/etcd.crt" | |
# key = "/etc/ssl/etcd.key" | |
# insecureskipverify = true | |
################################################################ | |
# Zookeeper configuration backend | |
################################################################ | |
# Enable Zookeeperconfiguration backend | |
# | |
# Optional | |
# | |
# [zookeeper] | |
# Zookeeper server endpoint | |
# | |
# Required | |
# | |
# endpoint = "127.0.0.1:2181" | |
# Enable watch Zookeeper changes | |
# | |
# Optional | |
# | |
# watch = true | |
# Prefix used for KV store. | |
# | |
# Optional | |
# | |
# prefix = "/traefik" | |
# Override default configuration template. For advanced users :) | |
# | |
# Optional | |
# | |
# filename = "zookeeper.tmpl" | |
################################################################ | |
# BoltDB configuration backend | |
################################################################ | |
# Enable BoltDB configuration backend | |
# | |
# Optional | |
# | |
# [boltdb] | |
# BoltDB file | |
# | |
# Required | |
# | |
# endpoint = "/my.db" | |
# Enable watch BoltDB changes | |
# | |
# Optional | |
# | |
# watch = true | |
# Prefix used for KV store. | |
# | |
# Optional | |
# | |
# prefix = "/traefik" | |
# Override default configuration template. For advanced users :) | |
# | |
# Optional | |
# | |
# filename = "boltdb.tmpl" | |
################################################################ | |
# ECS configuration backend | |
################################################################ | |
# Enable ECS configuration backend | |
# | |
# Optional | |
# | |
# [ecs] | |
# ECS Cluster Name | |
# | |
# Optional | |
# Default: "default" | |
# | |
# Cluster = "default" | |
# Enable watch ECS changes | |
# | |
# Optional | |
# Default: true | |
# | |
# Watch = true | |
# Polling interval (in seconds) | |
# | |
# Optional | |
# Default: 15 | |
# | |
# RefreshSeconds = 15 | |
# Expose ECS services by default in traefik | |
# | |
# Optional | |
# Default: true | |
# | |
# ExposedByDefault = false | |
# Region to use when connecting to AWS | |
# | |
# Optional | |
# | |
# Region = "us-east-1" | |
# AccessKeyID to use when connecting to AWS | |
# | |
# Optional | |
# | |
# AccessKeyID = "abc" | |
# SecretAccessKey to use when connecting to AWS | |
# | |
# Optional | |
# | |
# SecretAccessKey = "123" | |
# Override default configuration template. For advanced users :) | |
# | |
# Optional | |
# | |
# filename = "ecs.tmpl" | |
################################################################ | |
# Rancher configuration backend | |
################################################################ | |
# Enable Rancher configuration backend | |
# | |
# Optional | |
# | |
# [rancher] | |
# Default domain used. | |
# Can be overridden by setting the "traefik.domain" label on an service. | |
# | |
# Required | |
# | |
# domain = "rancher.localhost" | |
# Enable watch Rancher changes | |
# | |
# Optional | |
# Default: true | |
# | |
# Watch = true | |
# Polling interval (in seconds) | |
# | |
# Optional | |
# | |
# RefreshSeconds = 15 | |
# Expose Rancher services by default in traefik | |
# | |
# Optional | |
# Default: true | |
# | |
# ExposedByDefault = false | |
# Filter services with unhealthy states and health states | |
# | |
# Optional | |
# Default: false | |
# | |
# EnableServiceHealthFilter = false | |
# Endpoint to use when connecting to Rancher | |
# | |
# Required | |
# Endpoint = "http://rancherserver.example.com/v1" | |
# AccessKey to use when connecting to Rancher | |
# | |
# Required | |
# AccessKey = "XXXXXXXXXXXXXXXXXXXX" | |
# SecretKey to use when connecting to Rancher | |
# | |
# Required | |
# SecretKey = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" | |
# Constraints | |
# | |
# Optional | |
# | |
# constraints = ["tag==api", "tag==chee*e"] | |
# Matching with containers having this tag: "traefik.tags=cheese,wine" | |
################################################################ | |
# DynamoDB configuration backend | |
################################################################ | |
# Enable DynamoDB configuration backend | |
# | |
# Optional | |
# | |
# [dynamodb] | |
# DynamoDB Table Name | |
# | |
# Optional | |
# | |
# TableName = "traefik" | |
# Enable watch DynamoDB changes | |
# | |
# Optional | |
# | |
# Watch = true | |
# Polling interval (in seconds) | |
# | |
# Optional | |
# | |
# RefreshSeconds = 15 | |
# Region to use when connecting to AWS | |
# | |
# Required | |
# | |
# Region = "us-east-1" | |
# AccessKeyID to use when connecting to AWS | |
# | |
# Optional | |
# | |
# AccessKeyID = "abc" | |
# SecretAccessKey to use when connecting to AWS | |
# | |
# Optional | |
# | |
# SecretAccessKey = "123" | |
# Endpoint of dynamodb when testing locally | |
# | |
# Optional | |
# | |
# Endpoint = "http://localhost:8080" | |
################################################################ | |
# Sample rules | |
################################################################ | |
# [backends] | |
# [backends.backend1] | |
# [backends.backend1.circuitbreaker] | |
# expression = "NetworkErrorRatio() > 0.5" | |
# [backends.backend1.servers.server1] | |
# url = "http://172.17.0.2:80" | |
# weight = 10 | |
# [backends.backend1.servers.server2] | |
# url = "http://172.17.0.3:80" | |
# weight = 1 | |
# [backends.backend2] | |
# [backends.backend2.LoadBalancer] | |
# method = "drr" | |
# [backends.backend2.servers.server1] | |
# url = "http://172.17.0.4:80" | |
# weight = 1 | |
# [backends.backend2.servers.server2] | |
# url = "http://172.17.0.5:80" | |
# weight = 2 | |
# | |
# [frontends] | |
# [frontends.frontend1] | |
# backend = "backend2" | |
# [frontends.frontend1.routes.test_1] | |
# rule = "Host: test.localhost, other.localhost" | |
# [frontends.frontend2] | |
# backend = "backend1" | |
# passHostHeader = true | |
# entrypoints = ["https"] # overrides defaultEntryPoints | |
# [frontends.frontend2.routes.test_1] | |
# rule = "Host:{subdomain:[a-z]+}.localhost" | |
# [frontends.frontend3] | |
# entrypoints = ["http", "https"] # overrides defaultEntryPoints | |
# backend = "backend2" | |
# rule = "Path: /test, /other" | |
[accessLog] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment