alexhyett/traefik-vs-nginx-docker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add SSL version

Browse source
This commit is contained in:
Alex Hyett 2021-01-20 12:34:15 +00:00
parent 446cdd5c70
commit 9da2ccb0f7
5 changed files with 83 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
README.md
View file

@ -23,3 +23,15 @@ docker-compose -f docker-compose.traefik.yml up
``` ```
You will then be able to access whoami from http://localhost/whoami and the Traefik dashboard from http://localhost:8080. You will then be able to access whoami from http://localhost/whoami and the Traefik dashboard from http://localhost:8080.
### Secure version
You need to replace `youremailhere` in `traefik.toml` and `yourdomain.com` in `traefik_dynamic.toml` for this to work.
```
docker-compose -f docker-compose.traefik-ssl.yml up
```
You will then be able to access whoami from https://localhost/whoami and the Traefik dashboard from https://localhost/dashboard.
The username is `admin` and the password is `admin`. Read my blog post on how to set this up, [Traefik vs Nginx for Reverse Proxy with Docker on a Raspberry Pi](https://www.alexhyett.com/traefik-vs-nginx-docker-raspberry-pi)

31
docker-compose.traefik-ssl.yml Normal file
View file

@ -0,0 +1,31 @@
version: '3.4'
services:
traefik:
image: 'traefik:2.3'
container_name: 'traefik'
restart: 'unless-stopped'
ports:
- '80:80'
- '443:443'
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
- './traefik-ssl/traefik.toml:/traefik.toml'
- './traefik-ssl/traefik_dynamic.toml:/traefik_dynamic.toml'
- './traefik-ssl/acme.json:/acme.json'
networks:
- pi
whoami:
image: 'traefik/whoami'
restart: 'unless-stopped'
labels:
- 'traefik.enable=true'
- 'traefik.http.routers.whoami.rule=PathPrefix(`/whoami{regex:$$|/.*}`)'
- 'traefik.http.services.whoami.loadbalancer.server.port=80'
- 'traefik.http.routers.whoami.middlewares=simpleAuth@file'
networks:
- pi
networks:
pi:
external: true

0
traefik-ssl/acme.json Normal file
View file

28
traefik-ssl/traefik.toml Normal file
View file

@ -0,0 +1,28 @@
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web.http.redirections.entryPoint]
to = "websecure"
scheme = "https"
[entryPoints.websecure]
address = ":443"
[entryPoints.websecure.http.tls]
certResolver = "lets-encrypt"
[api]
dashboard = true
[certificatesResolvers.lets-encrypt.acme]
email = "youremailhere"
storage = "acme.json"
[certificatesResolvers.lets-encrypt.acme.tlsChallenge]
[providers.docker]
watch = true
network = "web"
exposedByDefault = false
[providers.file]
filename = "traefik_dynamic.toml"

12
traefik-ssl/traefik_dynamic.toml Normal file
View file

@ -0,0 +1,12 @@
[http.middlewares.simpleAuth.basicAuth]
users = [
"admin:$apr1$86fC1Dr4$tDIyf.Zhg4z.NSf3uHY./."
]
[http.routers.api]
rule = "Host(`yourdomain.com`)"
entrypoints = ["web","websecure"]
middlewares = ["simpleAuth"]
service = "api@internal"
[http.routers.api.tls]
certResolver = "lets-encrypt"