forked from Haxxnet/Compose-Examples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
32 lines (31 loc) · 1.38 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
version: '3'
services:
traefik:
container_name: traefik
image: traefik:v3.1
ports:
- 80:80/tcp # HTTP
- 443:443/tcp # HTTPS
- 443:443/udp # HTTPS via HTTP/3 QUIC UDP
- 127.0.0.1:8080:8080 # MGMT WEB UI
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro # ro = read-only access to the docker.sock
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/traefik:/etc/traefik/ # put the provided traefik.yml and fileConfig.yml files at this location
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/traefik/logs:/logs
networks:
- proxy
environment:
- TZ=Europe/Berlin
- CF_DNS_API_TOKEN=MyCloudflareApiToken # change this if you use Cloudflare
labels:
- traefik.enable=true
- traefik.http.routers.api.rule=Host(`traefik.example.com`) # Define the subdomain for the traefik dashboard.
- traefik.http.routers.api.service=api@internal # Enable Traefik API.
- traefik.http.routers.api.middlewares=local-ipwhitelist@file,basic-auth@file # protect dashboard with basic auth and restrict access to private class subnets only
#- traefik.http.middlewares.basic-auth-global.basicauth.users=admin:$$apr1$$epoKf5li$$QfTMJZOCS/halv3CiIUEu0 # protect the traefik dashboard by basic auth (pw=password)
restart: always
extra_hosts:
- host.docker.internal:172.17.0.1
networks:
proxy:
external: true