diff --git a/_traefik/static.yml b/_traefik/static.yml new file mode 100644 index 0000000..f7ead6f --- /dev/null +++ b/_traefik/static.yml @@ -0,0 +1,48 @@ + # log: + # level: INFO + + api: + dashboard: true + insecure: true + + providers: + docker: + endpoint: "unix:///var/run/docker.sock" + watch: true + exposedByDefault: false + file: + directory: /srv/traefik/dynamic + watch: true + + entryPoints: + web: + address: ':80' + forwardedHeaders: + trustedIPs: + - "127.0.0.1/32" + - "172.16.0.0/12" + http: + redirections: + entryPoint: + to: 'websecure' + scheme: 'https' + websecure: + address: ':443' + forwardedHeaders: + trustedIPs: + - "127.0.0.1/32" + - "172.16.0.0/12" + + certificatesResolvers: + myresolver: + acme: + # email: acme@thisprops.com + storage: /shared/acme.json + # httpChallenge: + # entryPoint: web + #logging: true + dnsChallenge: + provider: cloudflare + resolvers: + - 1.1.1.1:53 # - --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers[0]=1.1.1.1:53 + - 8.8.8.8:53 # - --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers[1]=8.8.8.8:53 \ No newline at end of file diff --git a/_traefik/traefik.yml b/_traefik/traefik.yml deleted file mode 100644 index f9c5d0e..0000000 --- a/_traefik/traefik.yml +++ /dev/null @@ -1,48 +0,0 @@ -api: - dashboard: true - insecure: true - -providers: - docker: - endpoint: "unix:///var/run/docker.sock" - watch: true - exposedByDefault: false - file: - directory: /etc/traefik/dynamic - watch: true - -entryPoints: - web: - address: ':80' - forwardedHeaders: - trustedIPs: - - "127.0.0.1/32" - - "172.16.0.0/12" - http: - redirections: - entryPoint: - to: 'websecure' - scheme: 'https' - websecure: - address: ':443' - forwardedHeaders: - trustedIPs: - - "127.0.0.1/32" - - "172.16.0.0/12" - -certificatesResolvers: - myresolver: - acme: - # email: acme@thisprops.com - storage: /shared/acme.json - # httpChallenge: - # entryPoint: web - #logging: true - dnsChallenge: - provider: cloudflare - resolvers: - - 1.1.1.1:53 # - --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers[0]=1.1.1.1:53 - - 8.8.8.8:53 # - --certificatesresolvers.cloudflare.acme.dnschallenge.resolvers[1]=8.8.8.8:53 - -log: - level: INFO diff --git a/tipi-compose.yml b/tipi-compose.yml index b9b6d50..71e87d0 100644 --- a/tipi-compose.yml +++ b/tipi-compose.yml @@ -1,21 +1,5 @@ services: runtipi-reverse-proxy: - ports: - - 8080:8080 - command: - - '--providers.docker' - - '--providers.file.directory=/etc/traefik/dynamic' - - '--certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}' - - '--certificatesresolvers.myresolver.acme.storage=/shared/acme.json' - - '--certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare' - - "--certificatesresolvers.myresolver.acme.dnschallenge.resolvers=1.1.1.1:53,1.0.0.1:53" - - '--log.level=INFO' - environment: - CF_API_EMAIL: "${ACME_EMAIL:?}" - CF_DNS_API_TOKEN: "${CF_DNS_API_TOKEN:?}" - networks: - - tipi_main_network - - tipi_internal_network volumes: - type: bind source: ./traefik/shared @@ -23,16 +7,34 @@ services: read_only: false - type: bind source: ./traefik - target: /etc/traefik + target: /srv/traefik read_only: false - type: bind - source: ./user-config/_traefik/dynamic/ - target: /etc/traefik/dynamic/ + source: ./user-config/_traefik/dynamic/ + target: /srv/traefik/dynamic/ read_only: true - type: bind - source: ./user-config/_traefik/traefik.yml - target: /etc/traefik/traefik.yml + source: ./user-config/_traefik/static.yml + target: /srv/traefik/static.yml read_only: true + logging: + driver: "json-file" + options: + max-size: "2m" + max-file: "3" + ports: + - 8080:8080 + command: + - '--log.level=DEBUG' + - '--configFile=/srv/traefik/static.yml' + - '--certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}' + environment: + CF_API_EMAIL: "${ACME_EMAIL:?}" + CF_DNS_API_TOKEN: "${CF_DNS_API_TOKEN:?}" + TRAEFIK_API_DISABLEDASHBOARDAD: "true" + networks: + - tipi_main_network + - tipi_internal_network networks: tipi_internal_network: