### networks
networks:
  back_network:
    driver: bridge
    attachable: true
  front_network:
    driver: bridge
    attachable: true

### Volumes
#volumes:
#  traefik-logs:

### services
services:
# traefik
  traefik:
    container_name: traefik-app
    hostname: traefik-app
    image: traefik:latest
    restart: always
    ports:
      - "80:80"
      - "443:443"
      - "8181:8181"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "./configs/traefik.yml:/etc/traefik/traefik.yml"
      - "./configs/dynamic:/etc/traefik/dynamic"
      - "./certificates/acme.json:/etc/traefik/acme/acme.json"
      - "./certificates:/etc/traefik/ssl"
      - "./log:/var/log/traefik"
#      - traefik-logs:/var/log/traefik
#    environment:
#      - CF_DNS_API_TOKEN=3836286773f145fb8f7c0758f2ce8896hb9dusqpsm6b3scn
    networks:
      - back_network
      - front_network

### crowdsec
#  crowdsec:
#    container_name: crowdsec
#    hostname: crowdsec
#    image: crowdsecurity/crowdsec
#    environment:
#      PGID: "1000"
#      COLLECTIONS: "crowdsecurity/traefik crowdsecurity/http-cve"
#    expose:
#      - "8080"
#    volumes:
#      - ./log/crowdsec:/var/log/crowdsec:ro
#      - ./crowdsec-db:/var/lib/crowdsec/data
#      - ./log/auth.log:/var/log/auth.log:ro
#      - ./crowdsec:/etc/crowdsec
#      - ./log:/var/log/traefik:ro
#    restart: unless-stopped
#    labels:
#      - traefik.enable=false
#    networks:
#      - front_network
#      - back_network

### Certificats
  certificat:
    container_name: traefik-certificat
    hostname: traefik-certificat
    image: alpine:latest
    command: sh -c "cd /etc/traefik/ssl
      && wget traefik.me/cert.pem -O cert.pem
      && wget traefik.me/privkey.pem -O privkey.pem"
    volumes:
      - "./certificates:/etc/traefik/ssl"
    networks:
      - front_network

# whoami
  whoami:
    container_name: traefik-whoami
    hostname: traefik-whoami
    image: traefik/whoami:latest
    restart: unless-stopped
    networks:
      - front_network
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=front_network"
# HTTP
      - "traefik.http.routers.whoami-http.rule=Host(`whoami.traefik.me`)"
      - "traefik.http.routers.whoami-http.entrypoints=http"
# HTTPS
      - "traefik.http.routers.whoami-https.rule=Host(`whoami.traefik.me`)"
      - "traefik.http.routers.whoami-https.entrypoints=https"
      - "traefik.http.routers.whoami-https.tls=true"
#      - "traefik.http.routers.whoami-https.middlewares=whoami-crowdsec"
# Middleware
#      - "traefik.http.middlewares.whoami-crowdsec.plugin.crowdsec-bouncer-traefik-plugin.enabled=true"
#      - "traefik.http.middlewares.whoami-crowdsec.plugin.crowdsec-bouncer-traefik-plugin.crowdseclapikey=3836286773f145fb8f7c0758f2ce8896hb9dusqpsm6b3scn"
# Service