From 0387f346f234aa3bbe7a559aa3e1848a5df8219e Mon Sep 17 00:00:00 2001 From: Gurulandia Date: Sun, 2 Feb 2025 12:02:09 +0200 Subject: [PATCH] Modify labes --- docker/compose/dc-traefik.yml | 54 +++++++++++++++++------------------ 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/docker/compose/dc-traefik.yml b/docker/compose/dc-traefik.yml index b20b626..eabe31f 100644 --- a/docker/compose/dc-traefik.yml +++ b/docker/compose/dc-traefik.yml @@ -46,12 +46,12 @@ services: - --entrypoints.mailsecure.address=:465 - --entrypoints.maildefault.address=:587 # - --entryPoints.traefik.address=:8080 - #(- --entryPoints.ping.address=:8081) +# - --entryPoints.ping.address=:8081 - --api=true - #(- --api.insecure=true) +# - --api.insecure=true) - --api.dashboard=true - #(- --ping=true) - #(- --pilot.token=$TRAEFIK_PILOT_TOKEN) +# - --ping=true) +# - --pilot.token=$TRAEFIK_PILOT_TOKEN) - --serversTransport.insecureSkipVerify=true - --log=true - --log.level=INFO # (Default: error) DEBUG, INFO, WARN, ERROR, FATAL, PANIC @@ -59,15 +59,15 @@ services: - --accessLog=true - --accessLog.filePath=/var/log/traefik/access.log - --accessLog.bufferingSize=100 # Configuring a buffer of 100 lines - #- --accessLog.filters.statusCodes=400-499 +# - --accessLog.filters.statusCodes=400-499 - --providers.docker=true - --providers.docker.endpoint=${DOCKER_ENDPOINT} # Use Docker Socket Proxy instead for improved security # Automatically set Host rule for services - #(- --providers.docker.defaultrule=Host(`{{ index .Labels "com.docker.compose.service" }}.$DOMAINNAME0`)) +# - --providers.docker.defaultrule=Host(`{{ index .Labels "com.docker.compose.service" }}.$DOMAINNAME0`) - --providers.docker.exposedByDefault=false - #- --providers.redis=true - #- --providers.redis.endpoints=redis:6379 - #- --entrypoints.https.http.middlewares=middlewares-crowdsec-bouncer@file +# - --providers.redis=true +# - --providers.redis.endpoints=redis:6379 +# - --entrypoints.https.http.middlewares=middlewares-crowdsec-bouncer@file - --entrypoints.https.http.tls.options=tls-opts@file # Add dns-cloudflare as default certresolver for all services. Also enables TLS and no need to specify on individual services - --entrypoints.https.http.tls.certresolver=${CERTRESOLVER} @@ -83,19 +83,19 @@ services: - --providers.docker.network=proxy - --providers.file.directory=/config # Load dynamic configuration from one or more .toml or .yml files in a directory - --providers.file.watch=true # Only works on top level files in the rules folder - #- --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing +# - --certificatesResolvers.dns-cloudflare.acme.caServer=https://acme-staging-v02.api.letsencrypt.org/directory # LetsEncrypt Staging Server - uncomment when testing - --certificatesResolvers.$CERTRESOLVER.acme.email=${CF_API_EMAIL} - --certificatesResolvers.$CERTRESOLVER.acme.storage=/acme.json - --certificatesResolvers.$CERTRESOLVER.acme.dnsChallenge.provider=${DNS_PROVIDER} - --certificatesResolvers.$CERTRESOLVER.acme.dnsChallenge.resolvers=${RESOLVER0} #,$RESOLVER1 - --certificatesResolvers.$CERTRESOLVER.acme.dnsChallenge.delayBeforeCheck=90 # To delay DNS check and reduce LE hitrate - #healthcheck: - # test: ["CMD", "traefik", "healthcheck", "--ping"] - # interval: 5s - # retries: 3 +# healthcheck: +# test: ["CMD", "traefik", "healthcheck", "--ping"] +# interval: 5s +# retries: 3 volumes: - /etc/localtime:/etc/localtime:ro - #- ${DOCKERDIR}/traefik/traefik.yml:/traefik.yml:ro +# - ${DOCKERDIR}/traefik/traefik.yml:/traefik.yml:ro - ${DOCKERDIR}/traefik/config:/config:ro # file provider directory - ${DOCKERDIR}/traefik/acme.json:/acme.json # cert location - you must touch this file and change permissions to 600 - ${DOCKERDIR}/traefik/logs:/var/log/traefik # for crowdsec - make sure to touch file before starting container @@ -104,15 +104,15 @@ services: - cloudflare_api_key - cloudflare_api_token labels: - - "traefik.enable=true" - - "traefik.http.routers.traefik.entrypoints=http" - - "traefik.http.routers.traefik.rule=Host(`${PROXYNAME}.${DOMAINNAME1}`)" - - "traefik.http.middlewares.traefik-auth.basicauth.users=${BASICAUTHUSER}" - - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https" - - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https" - - "traefik.http.routers.traefik.middlewares=traefik-https-redirect" - - "traefik.http.routers.traefik-secure.entrypoints=https" - - "traefik.http.routers.traefik-secure.rule=Host(`${PROXYNAME}.${DOMAINNAME1}`)" - - "traefik.http.routers.traefik-secure.middlewares=chain-no-auth@file" - #- "traefik.http.routers.traefik-secure.middlewares=traefik-auth" - - "traefik.http.routers.traefik-secure.service=api@internal" + traefik.enable: true + traefik.http.routers.traefik.entrypoints: http + traefik.http.routers.traefik.rule: Host(`${PROXYNAME}.${DOMAINNAME1}`) + traefik.http.middlewares.traefik-auth.basicauth.users: ${BASICAUTHUSER} + traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme: https + traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto: https + traefik.http.routers.traefik.middlewares: traefik-https-redirect + traefik.http.routers.traefik-secure.entrypoints: https + traefik.http.routers.traefik-secure.rule: Host(`${PROXYNAME}.${DOMAINNAME1}`) + traefik.http.routers.traefik-secure.middlewares: chain-no-auth@file +# traefik.http.routers.traefik-secure.middlewares: traefik-auth + traefik.http.routers.traefik-secure.service: api@internal