steinerkelvin · November 24, 2022 16:41
diff --git a/README.md b/README.md
diff --git a/docker-compose.yml b/docker-compose.yml
 version: "3.3"

 services:
  traefik:
    container_name: "traefik"
    hostname: "traefik"
    image: "traefik:v2.6"
    command:
      - "--configfile=/srv/traefik/traefik.yml"
    ports:
      - "80:80"
      - "443:443"
      # - "8080:8080"  # Traefik Dashboard
    extra_hosts:
      - "host.docker.internal:host-gateway"  # Only needed to bind Traefik to a service running on the host instead of a container
    volumes:
      - "/srv/traefik/:/srv/traefik/"
    # environment:
    # # Needed for the DigitalOcean DNS challenge, in case you can't use the HTTP one.
    # # There are other methods, but do not bother if you can serve Traefik on port 80.
    #   DO_AUTH_TOKEN: "${DO_AUTH_TOKEN}"
diff --git a/site.yml b/site.yml
 http:
  routers:
    # HTTP
    # Can be disabled or redirected with a middleware
    # TODO: add redirection config example
    to-my-service:    
      service: my-service
      rule: "PathPrefix(`/`)"
      entryPoints:
        - web
    # HTTPS
    to-my-service-secure:
      service: my-service
      rule: "Host(`<my.domain.com>`)"
      entryPoints:
        - web-secure
      tls:
        certResolver: lets-encrypt
        domains:
          - main: "<my.domain.com>"

  services:
    my-service:
      loadBalancer:
        servers:
          - url: "http://host.docker.internal:8000"   # this is redirecting to a port on the host. would be better to redirec to another container
diff --git a/traefik.yml b/traefik.yml
 api:
  # dashboard: true
  # insecure: true

 log:
  level: DEBUG

 accessLog:
  filePath: "/srv/traefik/access_log.log"

 providers:
  # Enable the file provider to define routers / middlewares / services in file
  file:
    filename: /srv/traefik/site.yml

 entryPoints:
  web:
    address: ":80"
  web-secure:
    address: ":443"
    http:
      tls:
        certResolver: lets-encrypt

 certificatesResolvers:
  lets-encrypt:
    acme:
      email: "[email protected]"
      storage: "/srv/traefik/acme.json"
      caServer: "https://acme-v02.api.letsencrypt.org/directory"   # production (has rate limit. it's pretty high, but you could mess up if testing dozens of times)
      caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"   # testing
      httpChallenge:
        entryPoint: web

      # # There are other forms to authenticate to issue TLS certificates, 
      # # e.g. this DigitalOcean DNS one, but do not bother if you can
      # # serve traefik on port 80.
      # dnsChallenge:
      #   provider: digitalocean
      #   delayBeforeCheck: 10
	version: "3.3"

	services:
	traefik:
	container_name: "traefik"
	hostname: "traefik"
	image: "traefik:v2.6"
	command:
	- "--configfile=/srv/traefik/traefik.yml"
	ports:
	- "80:80"
	- "443:443"
	# - "8080:8080" # Traefik Dashboard
	extra_hosts:
	- "host.docker.internal:host-gateway" # Only needed to bind Traefik to a service running on the host instead of a container
	volumes:
	- "/srv/traefik/:/srv/traefik/"
	# environment:
	# # Needed for the DigitalOcean DNS challenge, in case you can't use the HTTP one.
	# # There are other methods, but do not bother if you can serve Traefik on port 80.
	# DO_AUTH_TOKEN: "${DO_AUTH_TOKEN}"
	http:
	routers:
	# HTTP
	# Can be disabled or redirected with a middleware
	# TODO: add redirection config example
	to-my-service:
	service: my-service
	rule: "PathPrefix(`/`)"
	entryPoints:
	- web
	# HTTPS
	to-my-service-secure:
	service: my-service
	rule: "Host(`<my.domain.com>`)"
	entryPoints:
	- web-secure
	tls:
	certResolver: lets-encrypt
	domains:
	- main: "<my.domain.com>"

	services:
	my-service:
	loadBalancer:
	servers:
	- url: "http://host.docker.internal:8000" # this is redirecting to a port on the host. would be better to redirec to another container
	api:
	# dashboard: true
	# insecure: true

	log:
	level: DEBUG

	accessLog:
	filePath: "/srv/traefik/access_log.log"

	providers:
	# Enable the file provider to define routers / middlewares / services in file
	file:
	filename: /srv/traefik/site.yml

	entryPoints:
	web:
	address: ":80"
	web-secure:
	address: ":443"
	http:
	tls:
	certResolver: lets-encrypt

	certificatesResolvers:
	lets-encrypt:
	acme:
	email: "[email protected]"
	storage: "/srv/traefik/acme.json"
	caServer: "https://acme-v02.api.letsencrypt.org/directory" # production (has rate limit. it's pretty high, but you could mess up if testing dozens of times)
	caServer: "https://acme-staging-v02.api.letsencrypt.org/directory" # testing
	httpChallenge:
	entryPoint: web

	# # There are other forms to authenticate to issue TLS certificates,
	# # e.g. this DigitalOcean DNS one, but do not bother if you can
	# # serve traefik on port 80.
	# dnsChallenge:
	# provider: digitalocean
	# delayBeforeCheck: 10