my-runtipi/tipi-compose.yml

secrets:
# tipi_jwt_secret:
#   file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/tipi_jwt_secret.txt
#   # JWT_SECRET: /run/secrets/tipi_jwt_secret
# tipi_postgres_password:
#   file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/tipi_postgres_password.txt
#   # POSTGRES_PASSWORD: /run/secrets/tipi_postgres_password
# tipi_redis_password:
#   file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/tipi_redis_password.txt
#   # REDIS_PASSWORD: /run/secrets/tipi_redis_password
  traefik_cf_dns_api_token:
    file: ${RUNTIPI_ROOT_FOLDER_HOST}/user-config/_secrets/traefik_cf_dns_api_token.txt
services:
  runtipi-reverse-proxy:
    secrets:
      - traefik_cf_dns_api_token
    volumes:
    - type: bind
      source: ./traefik/shared
      target: /shared
      read_only: false
    - type: bind
      source: ./traefik
      target: /srv/traefik
      read_only: false
    - type: bind
      source: ./user-config/_traefik/dynamic/
      target: /srv/traefik/dynamic/
      read_only: true
    - type: bind
      source: ./user-config/_traefik/static.${TRAEFIK_STATIC:-full}.yml
      target: /srv/traefik/static.yml
      read_only: true
    logging:
      driver: "json-file"
      options:
        max-size: "2m"
        max-file: "3"
    ports:
      - 8080:8080
    command:
      - '--log.level=DEBUG'
      - '--configFile=/srv/traefik/static.yml'
      - '--certificatesresolvers.myresolver.acme.email=${ACME_EMAIL}'
    environment:
      CF_API_EMAIL: "${ACME_EMAIL:?}"
      CF_DNS_API_TOKEN_FILE: /run/secrets/traefik_cf_dns_api_token
      TRAEFIK_API_DISABLEDASHBOARDAD: "true"
    networks:
    - tipi_main_network
    - tipi_internal_network
#   - ix-dockge

networks:
  tipi_internal_network:
    internal: true
    attachable: true
    name: runtipi_internal_network
  ix-dockge:
    external: true
    name: ix-dockge_default

# vim: set ft=yaml expandtab tabstop=2 shiftwidth=2: