-
Notifications
You must be signed in to change notification settings - Fork 2
/
docker-compose.production.yml
42 lines (39 loc) · 1.45 KB
/
docker-compose.production.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
version: '3'
services:
traefik:
image: traefik:v2.11
restart: always
command:
- '--api.insecure=true'
- '--providers.docker=true'
- '--providers.docker.exposedbydefault=false'
- '--entrypoints.web.address=:80'
- '--entrypoints.websecure.address=:443'
# redirect all HTTP to HTTPS:
- '--entrypoints.web.http.redirections.entrypoint.to=websecure'
- '--entrypoints.web.http.redirections.entrypoint.scheme=https'
# Handle Lets Encrypt certificates:
- '--certificatesresolvers.myresolver.acme.httpchallenge=true'
- '--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web'
- '--certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}'
- '--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json'
# Enable debugging:
#- '--log.level=DEBUG'
# Use Lets Encrypt staging environment for testing:
#- '--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory'
ports:
- '80:80'
- '443:443'
# - '8080:8080' # Traefik admin dashboard
networks:
- traefik-network
volumes:
# Add Docker as a mounted volume, so that Traefik can read the labels of other services (read-only)
- '/var/run/docker.sock:/var/run/docker.sock:ro'
- 'traefik-letsencrypt:/letsencrypt'
networks:
traefik-network:
external: true
volumes:
traefik-letsencrypt:
driver: local