40 lines
No EOL
1.3 KiB
YAML
40 lines
No EOL
1.3 KiB
YAML
services:
|
|
traefik:
|
|
image: traefik:v3.6.2
|
|
container_name: traefik
|
|
restart: unless-stopped
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
networks:
|
|
- proxy
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
environment:
|
|
- CF_DNS_API_TOKEN=${CF_DNS_API_TOKEN}
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- ./data/traefik.yml:/traefik.yml:ro
|
|
- ./data/acme.json:/acme.json
|
|
- ./data/rules:/rules
|
|
labels:
|
|
- "traefik.enable=true"
|
|
|
|
# 1. Router voor het Traefik Dashboard (via HTTPS/WebSecure)
|
|
- "traefik.http.routers.traefik.rule=Host(`traefik.stackbabber.nl`)"
|
|
- "traefik.http.routers.traefik.entrypoints=websecure"
|
|
- "traefik.http.routers.traefik.tls=true"
|
|
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
|
|
- "traefik.http.routers.traefik.service=api@internal"
|
|
# Gebruik de aangepaste Authentik middleware
|
|
- "traefik.http.routers.traefik.middlewares=authentik@file"
|
|
|
|
# 2. Router voor de HTTP -> HTTPS redirect (Veiligere oplossing)
|
|
- "traefik.http.routers.traefik-http.rule=Host(`traefik.stackbabber.nl`)"
|
|
- "traefik.http.routers.traefik-http.entrypoints=web"
|
|
- "traefik.http.routers.traefik-http.middlewares=redirect-to-https@file"
|
|
|
|
networks:
|
|
proxy:
|
|
external: true |