-
-
Save ismailyenigul/0d25f37337bf9b56f537488670121365 to your computer and use it in GitHub Desktop.
| ## Trafik Multi Network Deployment | |
| 1. Create Traefik network | |
| ` # docker network create --driver=bridge --attachable --internal=false traefik ` | |
| 2. Edit `traefik2/docker-compose.yml` | |
| - Change ACME email | |
| - Change --providers.docker.network=traefik value if you created different network then `traefik` | |
| 3. Deploy traefik | |
| `docker-compose -f traefik2/docker-compose.yml up -d` | |
| 4. Edit `nextcloud/docker-compose.yml` | |
| - Change traefik.http.routers.nextcloud.rule Host | |
| - Remove `traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue` and `contentSecurityPolicy` | |
| if you dont need to iframe access from your external website | |
| - Change PostgreSQL environments | |
| - Edit `TRUSTED_PROXIES` with your traefik network address | |
| 5. Deploy nextcloud | |
| `docker-compose -f nextcloud/docker-compose.yml up -d` | |
| $ cat traefik2/docker-compose.yml | |
| # Create network first | |
| # docker network create --driver=bridge --attachable --internal=false traefik | |
| #NOTES: | |
| #1. [email protected] | |
| # cat docker-compose.yml | |
| version: '3.3' | |
| volumes: | |
| letsencrypt: | |
| driver: local | |
| services: | |
| traefik: | |
| image: traefik:v2.2 | |
| container_name: traefik | |
| restart: always | |
| command: | |
| - "--log.level=DEBUG" | |
| - "--api.insecure=true" | |
| - "--providers.docker=true" | |
| - "--providers.docker.network=traefik" | |
| - "--providers.docker.exposedbydefault=true" | |
| - "--entrypoints.web.address=:80" | |
| - "--entrypoints.websecure.address=:443" | |
| - "--entrypoints.web.http.redirections.entryPoint.to=websecure" | |
| - "--entrypoints.web.http.redirections.entryPoint.scheme=https" | |
| - "--certificatesresolvers.myresolver.acme.httpchallenge=true" | |
| - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web" | |
| - "[email protected]" | |
| - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" | |
| ports: | |
| - 80:80 | |
| - 443:443 | |
| networks: | |
| - default | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| - letsencrypt:/letsencrypt | |
| networks: | |
| default: | |
| external: | |
| name: traefik | |
| $ cat nextcloud/docker-compose.yml | |
| # Create netxcloud network first | |
| # docker network create nextcloud | |
| #NOTES: | |
| #1. [email protected] | |
| #2. TRUSTED_PROXIES values based on your 'traefik docker network run docker network inspect traefik' to see the network | |
| #3. remove traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy and | |
| #traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue if you don't want to allow iframe your domain | |
| version: '3.3' | |
| volumes: | |
| nextcloud-www: | |
| driver: local | |
| nextcloud-db: | |
| driver: local | |
| redis: | |
| driver: local | |
| services: | |
| db: | |
| restart: always | |
| image: postgres:11 | |
| networks: | |
| - nextcloud | |
| environment: | |
| - POSTGRES_USER=nextcloud | |
| - POSTGRES_PASSWORD=password | |
| - POSTGRES_DB=nextcloud | |
| volumes: | |
| - nextcloud-db:/var/lib/postgresql/data | |
| redis: | |
| image: redis:latest | |
| restart: always | |
| networks: | |
| - nextcloud | |
| volumes: | |
| - redis:/var/lib/redis | |
| nextcloud: | |
| image: nextcloud:latest | |
| restart: always | |
| networks: | |
| - default | |
| - nextcloud | |
| depends_on: | |
| - redis | |
| - db | |
| labels: | |
| - traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud_redirect | |
| - traefik.http.routers.nextcloud.tls.certresolver=myresolver | |
| - traefik.http.routers.nextcloud.rule=Host(`nextcloud.mydomain.com`) | |
| - traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue=ALLOW-FROM https://mydomain.com | |
| - traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy=frame-ancestors 'self' mydomain.com *.mydomain.net | |
| - traefik.http.middlewares.nextcloud.headers.stsSeconds=155520011 | |
| - traefik.http.middlewares.nextcloud.headers.stsIncludeSubdomains=true | |
| - traefik.http.middlewares.nextcloud.headers.stsPreload=true | |
| - traefik.http.middlewares.nextcloud_redirect.redirectregex.regex=/.well-known/(card|cal)dav | |
| - traefik.http.middlewares.nextcloud_redirect.redirectregex.replacement=/remote.php/dav/ | |
| environment: | |
| - POSTGRES_DB=nextcloud | |
| - POSTGRES_USER=nextcloud | |
| - POSTGRES_PASSWORD=password | |
| - POSTGRES_HOST=db | |
| - NEXTCLOUD_ADMIN_USER=admin | |
| - NEXTCLOUD_ADMIN_PASSWORD=adminpass | |
| - REDIS_HOST=redis | |
| - NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.mydomain.com | |
| - TRUSTED_PROXIES=172.19.0.0/16 | |
| volumes: | |
| - nextcloud-www:/var/www/html | |
| networks: | |
| default: | |
| external: | |
| name: traefik | |
| nextcloud: | |
| internal: true | |
404 means that treafik can't map your requested hostname to the nextcloud container.
you can check traefik container logs. Above apache logs is not an issue.
Ensure that Host value - traefik.http.routers.nextcloud.rule=Host(nextcloud.mydomain.com) is same as your domain name.
Hi, thanks for sharing your compose files. I have a question I am trying to get nextcloud working with:
"traefik.http.routers.nextcloud-secure.rule=Host(my.example.net)" && PathPrefix(/nx)"
and somehow I can't get it working I allways get redirection errors have you ever tryed a solution like that? with traefik 1 it worked like a charm but somehow I can't get it running with traefik 2.
Greetings and thanks
wHyEt
Hi @wHyEt
Please check https://docs.traefik.io/migration/v1-to-v2/#frontends-and-backends-are-dead-long-live-routers-middlewares-and-services
- "traefik.http.routers.router0.rule=Host(`test.localhost`) && PathPrefix(`/test`)"
Hi @ismailyenigul
thanks a lot for your files, help me so much.
I have one question, when deploy nextcloud file, this created another internal network
b81dd7d84cf0 nextcloud bridge local 1265ff7689c2 nextcloud_nextcloud bridge local
Do you know what happened?
I copy/paste your code, change domains and create network nextcloud that you say for persistent network. I want to add another service, in future.
thx
Hello thanks for writing this up. This is exactly what i was looking for so that I can use Traefik for other containers also and not just nextcloud.
everything went smoothly but i am getting "404 page not found" when I am trying to set up next cloud in the browser.
I am getting this log for nextcloud from portainer
`
Configuring Redis as session handler
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.23.0.4. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.23.0.4. Set the 'ServerName' directive globally to suppress this message
[Thu Jun 25 03:12:05.835939 2020] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.38 (Debian) PHP/7.4.7 configured -- resuming normal operations
[Thu Jun 25 03:12:05.836109 2020] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
only thing I changed is the - POSTGRES_DB=nextcloud to default or else it was showing errors
other container db and redis saying both says ready to accept connections.
I am on raspberry pi 4 running OMV5 with dockers
any help will be appreciated