100 lines
2.8 KiB
YAML
100 lines
2.8 KiB
YAML
### networks
|
|
networks:
|
|
back_network:
|
|
driver: bridge
|
|
attachable: true
|
|
front_network:
|
|
driver: bridge
|
|
attachable: true
|
|
|
|
### Volumes
|
|
#volumes:
|
|
# traefik-logs:
|
|
|
|
### services
|
|
services:
|
|
# traefik
|
|
traefik:
|
|
container_name: traefik-app
|
|
hostname: traefik-app
|
|
image: traefik:latest
|
|
restart: always
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
- "8181:8181"
|
|
volumes:
|
|
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "./configs/traefik.yml:/etc/traefik/traefik.yml"
|
|
- "./configs/dynamic:/etc/traefik/dynamic"
|
|
- "./certificates/acme.json:/etc/traefik/acme/acme.json"
|
|
- "./certificates:/etc/traefik/ssl"
|
|
- "./log:/var/log/traefik"
|
|
# - traefik-logs:/var/log/traefik
|
|
# environment:
|
|
# - CF_DNS_API_TOKEN=3836286773f145fb8f7c0758f2ce8896hb9dusqpsm6b3scn
|
|
networks:
|
|
- back_network
|
|
- front_network
|
|
|
|
### crowdsec
|
|
# crowdsec:
|
|
# container_name: crowdsec
|
|
# hostname: crowdsec
|
|
# image: crowdsecurity/crowdsec
|
|
# environment:
|
|
# PGID: "1000"
|
|
# COLLECTIONS: "crowdsecurity/traefik crowdsecurity/http-cve"
|
|
# expose:
|
|
# - "8080"
|
|
# volumes:
|
|
# - ./log/crowdsec:/var/log/crowdsec:ro
|
|
# - ./crowdsec-db:/var/lib/crowdsec/data
|
|
# - ./log/auth.log:/var/log/auth.log:ro
|
|
# - ./crowdsec:/etc/crowdsec
|
|
# - ./log:/var/log/traefik:ro
|
|
# restart: unless-stopped
|
|
# labels:
|
|
# - traefik.enable=false
|
|
# networks:
|
|
# - front_network
|
|
# - back_network
|
|
|
|
### Certificats
|
|
certificat:
|
|
container_name: traefik-certificat
|
|
hostname: traefik-certificat
|
|
image: alpine:latest
|
|
command: sh -c "cd /etc/traefik/ssl
|
|
&& wget traefik.me/cert.pem -O cert.pem
|
|
&& wget traefik.me/privkey.pem -O privkey.pem"
|
|
volumes:
|
|
- "./certificates:/etc/traefik/ssl"
|
|
networks:
|
|
- front_network
|
|
|
|
# whoami
|
|
whoami:
|
|
container_name: traefik-whoami
|
|
hostname: traefik-whoami
|
|
image: traefik/whoami:latest
|
|
restart: unless-stopped
|
|
networks:
|
|
- front_network
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=front_network"
|
|
# HTTP
|
|
- "traefik.http.routers.whoami-http.rule=Host(`whoami.traefik.me`)"
|
|
- "traefik.http.routers.whoami-http.entrypoints=http"
|
|
# HTTPS
|
|
- "traefik.http.routers.whoami-https.rule=Host(`whoami.traefik.me`)"
|
|
- "traefik.http.routers.whoami-https.entrypoints=https"
|
|
- "traefik.http.routers.whoami-https.tls=true"
|
|
# - "traefik.http.routers.whoami-https.middlewares=whoami-crowdsec"
|
|
# Middleware
|
|
# - "traefik.http.middlewares.whoami-crowdsec.plugin.crowdsec-bouncer-traefik-plugin.enabled=true"
|
|
# - "traefik.http.middlewares.whoami-crowdsec.plugin.crowdsec-bouncer-traefik-plugin.crowdseclapikey=3836286773f145fb8f7c0758f2ce8896hb9dusqpsm6b3scn"
|
|
# Service
|