47 lines
1.2 KiB
YAML
47 lines
1.2 KiB
YAML
services:
|
|
traefik:
|
|
image: traefik:v2.11
|
|
|
|
command:
|
|
# Providers
|
|
- "--providers.swarm=true"
|
|
- "--providers.swarm.exposedbydefault=false"
|
|
|
|
# EntryPoints
|
|
- "--entrypoints.web.address=:80"
|
|
- "--entrypoints.websecure.address=:443"
|
|
|
|
# Let's Encrypt
|
|
- "--certificatesresolvers.le.acme.email=you@example.com"
|
|
- "--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json"
|
|
- "--certificatesresolvers.le.acme.httpchallenge=true"
|
|
- "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web"
|
|
|
|
# Dashboard
|
|
- "--api.dashboard=true"
|
|
- "--api.insecure=false"
|
|
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- ./letsencrypt:/letsencrypt
|
|
|
|
deploy:
|
|
mode: replicated
|
|
replicas: 1
|
|
restart_policy:
|
|
condition: any
|
|
placement:
|
|
constraints:
|
|
- node.role == manager
|
|
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.traefik.rule=Host(`traefik.example.com`)"
|
|
- "traefik.http.routers.traefik.entrypoints=websecure"
|
|
- "traefik.http.routers.traefik.tls.certresolver=le"
|
|
- "traefik.http.routers.traefik.service=api@internal"
|