forked from Islandora-Devops/isle-dc
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathdocker-compose.traefik.yml
58 lines (58 loc) · 2.4 KB
/
docker-compose.traefik.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# Allows traefik to work as the edge router for multiple projects.
#
# By default the rules will redirect to ${SERVICE}.${COMPOSE_PROJECT_NAME}.traefik.me
# if working on localhost and ${SERVICE}-${COMPOSE_PROJECT_NAME}-XX-XX-XX-XX.traefik.me
# if working remotely, where XX-XX-XX-XX is the dashed version of your IP address.
#
# For a traefik to be able to route traffic to a given container, that
# container needs to be on the `gateway` network, otherwise traefik will
# discover it via Docker but will not be able to redirect traffic to it.
version: "3.7"
networks:
default:
gateway:
name: gateway
driver: bridge
internal: false
services:
traefik:
image: traefik:2.2.1
container_name: traefik
# Do not set `api.insecure`, `api.dashboard`, `api.debug` to `true` in production.
# Also do not expose database 3306/5432, as an entry point.
command: >
--api.insecure=true
--api.dashboard=true
--api.debug=true
--entryPoints.http.address=:80
--entryPoints.https.address=:443
--entryPoints.mysql.address=:3306
--entryPoints.postgresql.address=:5432
--providers.docker
--providers.docker.network=gateway
--providers.docker.exposedByDefault=false
--providers.file.filename=/etc/traefik/tls.yml
'--providers.docker.defaultRule=Host(`{{ index .Labels "com.docker.compose.service" }}-{{ index .Labels "com.docker.compose.project" }}.${DRUPAL_SITE_HOST:-traefik.me}`,`{{ index .Labels "com.docker.compose.service" }}-{{ index .Labels "com.docker.compose.project" }}-${DRUPAL_SITE_HOST:-traefik.me}`)'
ports:
# Has to be bind mounted to 80/443 for assumptions
# around internal network alias to work as intended.
- 80:80
- 443:443
# Allows direct connection to the database for using
# drush on the host machine. Do not do in production.
- 3306:3306
- 5432:5432
# The Web UI (enabled by --api.insecure=true)
- ${TRAEFIK_WEB_UI_PORT-8080}:8080
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./tls.yml:/etc/traefik/tls.yml
- ./certs:/etc/ssl/traefik
labels:
# Do not expose in production.
- traefik.http.routers.api.service=api@internal
networks:
default:
aliases:
- islandora-${COMPOSE_PROJECT_NAME-isle-dc}.${DRUPAL_SITE_HOST-traefik.me}
- islandora-${COMPOSE_PROJECT_NAME-isle-dc}-${DRUPAL_SITE_HOST-traefik.me}