secrets:
# tipi_jwt_secret:
# file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/tipi_jwt_secret.txt
# # JWT_SECRET: /run/secrets/tipi_jwt_secret
# tipi_postgres_password:
# file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/tipi_postgres_password.txt
# # POSTGRES_PASSWORD: /run/secrets/tipi_postgres_password
# tipi_redis_password:
# file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/tipi_redis_password.txt
# # REDIS_PASSWORD: /run/secrets/tipi_redis_password
traefik_cf_dns_api_token:
file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/traefik_cf_dns_api_token.txt
services:
runtipi-reverse-proxy:
secrets:
- traefik_cf_dns_api_token
volumes:
- type: bind
source: ./traefik/shared
target: /shared
read_only: false
- type: bind
source: ./traefik
target: /srv/traefik
read_only: false
- type: bind
source: ./user-config/_traefik/dynamic/
target: /srv/traefik/dynamic/
read_only: true
- type: bind
source: ./user-config/_traefik/static.${TRAEFIK_STATIC:-full}.yml
target: /srv/traefik/static.yml
read_only: true
logging:
driver: "json-file"
options:
max-size: "2m"
max-file: "3"
ports:
- 8080:8080
- 80:80
- 443:443
command:
- '--log.level=DEBUG'
- '--configFile=/srv/traefik/static.yml'
- '--certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}'
environment:
CF_API_EMAIL: "${ACME_EMAIL:?}"
CF_DNS_API_TOKEN_FILE: /run/secrets/traefik_cf_dns_api_token
TRAEFIK_API_DISABLEDASHBOARDAD: "true"
networks:
- tipi_main_network
- tipi_internal_network
- ix-dozzle
networks:
tipi_main_network:
attachable: true
name: runtipi_tipi_main_network
driver: bridge
driver_opts:
com.docker.network.bridge.name: "tipi-br1"
tipi_internal_network:
internal: true
attachable: true
name: runtipi_tipi_internal_network
driver: bridge
driver_opts:
com.docker.network.bridge.name: "tipi-br0"
ix-dozzle:
external: true
name: ix-dozzle_default
# ix-dockge:
# external: true
# name: ix-dockge_default
# vim: set ft=yaml expandtab tabstop=2 shiftwidth=2: