thistac · March 7, 2021 02:12 · paulschmeida · Oct 11, 2023
diff --git a/docker-compose.yml b/docker-compose.yml
 version: "3.9"
 services:

  traefik:
    image: "traefik:v2.4"
    container_name: "traefik"
    command:
      #- "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      # Enable a dns challenge named "cfresolver"
      - "--certificatesresolvers.cfresolver.acme.dnschallenge=true"
      # Tell which provider to use
      - "--certificatesresolvers.cfresolver.acme.dnschallenge.provider=cloudflare"
      # Uncomment to use test server, after everthing ok remove file acme.json and comment again
      #- "--certificatesresolvers.cfresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
      # The email to provide to let's encrypt
      - "--certificatesresolvers.cfresolver.acme.email=email@xxxx"
      # Tell to store the certificate on a path under our volume
      - "--certificatesresolvers.cfresolver.acme.storage=/letsencrypt/acme.json"
      - "--certificatesResolvers.cfresolver.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53"
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    # expose the predefined secret to the container by name
    secrets:
      - cf_api_key
      - cf_api_email
    # expose the path to file provided by docker containing the value we want for ENDPOINT.
    environment:
      CF_API_KEY_FILE: /run/secrets/cf_api_key
      CF_API_EMAIL_FILE: /run/secrets/cf_api_email
    volumes:
      # Create a letsencrypt dir within the folder where the docker-compose file is
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    networks: 
      - traefik_public

  whoami:
    image: "traefik/whoami"
    container_name: "simple-service"
    labels:
      traefik.enable: "true"
      traefik.http.routers.whoami.rule: "Host(`whoami.example.com/`)"
      traefik.http.routers.whoami.entrypoints: "websecure"
      # Uses the Host rule to define which certificate to issue
      traefik.http.routers.whoami.tls.certresolver: "cfresolver"
    networks: 
      - traefik_public

 networks:
  traefik_public:
    ipam:
      config:
        - subnet: "192.168.100.0/24"

 secrets:
  # secret name also used to name the file exposed within the container
  cf_api_key:
    # path on the host ( $ echo xxxxx > ./secrets/cf_api_key.secret)
    file: ./secrets/cf_api_key.secret
  cf_api_email:
    file: ./secrets/cf_api_email.secret
	version: "3.9"
	services:

	traefik:
	image: "traefik:v2.4"
	container_name: "traefik"
	command:
	#- "--log.level=DEBUG"
	- "--api.insecure=true"
	- "--providers.docker=true"
	- "--providers.docker.exposedbydefault=false"
	- "--entrypoints.web.address=:80"
	- "--entrypoints.websecure.address=:443"
	# Enable a dns challenge named "cfresolver"
	- "--certificatesresolvers.cfresolver.acme.dnschallenge=true"
	# Tell which provider to use
	- "--certificatesresolvers.cfresolver.acme.dnschallenge.provider=cloudflare"
	# Uncomment to use test server, after everthing ok remove file acme.json and comment again
	#- "--certificatesresolvers.cfresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
	# The email to provide to let's encrypt
	- "--certificatesresolvers.cfresolver.acme.email=email@xxxx"
	# Tell to store the certificate on a path under our volume
	- "--certificatesresolvers.cfresolver.acme.storage=/letsencrypt/acme.json"
	- "--certificatesResolvers.cfresolver.acme.dnsChallenge.resolvers=1.1.1.1:53,1.0.0.1:53"
	ports:
	- "80:80"
	- "443:443"
	- "8080:8080"
	# expose the predefined secret to the container by name
	secrets:
	- cf_api_key
	- cf_api_email
	# expose the path to file provided by docker containing the value we want for ENDPOINT.
	environment:
	CF_API_KEY_FILE: /run/secrets/cf_api_key
	CF_API_EMAIL_FILE: /run/secrets/cf_api_email
	volumes:
	# Create a letsencrypt dir within the folder where the docker-compose file is
	- "./letsencrypt:/letsencrypt"
	- "/var/run/docker.sock:/var/run/docker.sock:ro"
	networks:
	- traefik_public

	whoami:
	image: "traefik/whoami"
	container_name: "simple-service"
	labels:
	traefik.enable: "true"
	traefik.http.routers.whoami.rule: "Host(`whoami.example.com/`)"
	traefik.http.routers.whoami.entrypoints: "websecure"
	# Uses the Host rule to define which certificate to issue
	traefik.http.routers.whoami.tls.certresolver: "cfresolver"
	networks:
	- traefik_public

	networks:
	traefik_public:
	ipam:
	config:
	- subnet: "192.168.100.0/24"

	secrets:
	# secret name also used to name the file exposed within the container
	cf_api_key:
	# path on the host ( $ echo xxxxx > ./secrets/cf_api_key.secret)
	file: ./secrets/cf_api_key.secret
	cf_api_email:
	file: ./secrets/cf_api_email.secret