diff --git a/apaches/docker-compose.yml b/apaches/docker-compose.yml index 1c82dee..8a32123 100644 --- a/apaches/docker-compose.yml +++ b/apaches/docker-compose.yml @@ -16,22 +16,14 @@ services: - ${DATA_PATH}:/var/www/ labels: - "traefik.enable=true" - - "traefik.http.middlewares.apache-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.apache-http.middlewares=apache-redirect-websecure" - - "traefik.http.routers.apache-http.rule=Host(`${CN}`, `${SAN1}`)" -# - "traefik.http.routers.apache-http.rule=Host(`${CN}`, `${SAN1}`, `${TRAVAUXCN}`)" - - "traefik.http.routers.apache-http.entrypoints=web" - - "traefik.http.routers.apache-https.rule=Host(`${CN}`, `${SAN1}`)" -# - "traefik.http.routers.apache-https.rule=Host(`${CN}`, `${SAN1}`, `${TRAVAUXCN}`)" - - "traefik.http.routers.apache-https.entrypoints=websecure" - - "traefik.http.routers.apache-https.tls=true" - - "traefik.http.routers.apache-https.tls.certresolver=myhttpchallenge" - - "traefik.http.middlewares.apache-force-cn.redirectregex.regex=^https://${SAN1}/(.*)" - - "traefik.http.middlewares.apache-force-cn.redirectregex.replacement=https://${CN}/$${1}" -# - "traefik.http.middlewares.apache-travaux.redirectregex.regex=^https://${TRAVAUXCN}/" -# - "traefik.http.middlewares.apache-travaux.redirectregex.replacement=https://${CN}/travaux.php" - - "traefik.http.routers.apache-https.middlewares=apache-force-cn" -# - "traefik.http.routers.apache-https.middlewares=apache-force-cn,apache-travaux" + - "traefik.http.routers.gnousweb.rule=Host(`${CN}`, `${SAN1}`)" +# - "traefik.http.routers.gnousweb.rule=Host(`${CN}`, `${SAN1}`, `${TRAVAUXCN}`)" + - "traefik.http.middlewares.gnousweb-force-cn.redirectregex.regex=^https://${SAN1}/(.*)" + - "traefik.http.middlewares.gnousweb-force-cn.redirectregex.replacement=https://${CN}/$${1}" +# - "traefik.http.middlewares.gnous-travaux.redirectregex.regex=^https://${TRAVAUXCN}/" +# - "traefik.http.middlewares.gnous-travaux.redirectregex.replacement=https://${CN}/travaux.php" + - "traefik.http.routers.gnousweb.middlewares=gnousweb-force-cn" +# - "traefik.http.routers.gnousweb.middlewares=apache-force-cn,apache-travaux" - "co.elastic.logs/module=apache" - "co.elastic.logs/fileset=access" diff --git a/apaches/maintenance/docker-compose.yml b/apaches/maintenance/docker-compose.yml index bccd7cc..ac2b0e0 100644 --- a/apaches/maintenance/docker-compose.yml +++ b/apaches/maintenance/docker-compose.yml @@ -16,13 +16,8 @@ services: - ${DATA_PATH}/public-html:/var/www/html/ labels: - "traefik.enable=true" - - "traefik.http.routers.maintenance-http.rule=HostRegexp(`{catchall:.*}`)" - - "traefik.http.routers.maintenance-http.entrypoints=web" - - "traefik.http.routers.maintenance-http.priority=1" - - "traefik.http.routers.maintenance-https.rule=HostRegexp(`{catchall:.*}`)" - - "traefik.http.routers.maintenance-https.entrypoints=websecure" - - "traefik.http.routers.maintenance-https.priority=1" - - "traefik.http.routers.maintenance-https.tls=true" + - "traefik.http.routers.maintenance.rule=HostRegexp(`{catchall:.*}`)" + - "traefik.http.routers.maintenance.priority=1" - "co.elastic.logs/module=apache" - "co.elastic.logs/fileset=access" diff --git a/apaches/testing/docker-compose.yml b/apaches/testing/docker-compose.yml index b35960c..8fc33de 100644 --- a/apaches/testing/docker-compose.yml +++ b/apaches/testing/docker-compose.yml @@ -16,17 +16,10 @@ services: - ${DATA_PATH}:/var/www/ labels: - "traefik.enable=true" - - "traefik.http.middlewares.apache-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.apache-test-http.middlewares=apache-redirect-websecure" - - "traefik.http.routers.apache-test-http.rule=Host(`${CN}`, `${SAN1}`)" - - "traefik.http.routers.apache-test-http.entrypoints=web" - - "traefik.http.routers.apache-test-https.rule=Host(`${CN}`, `${SAN1}`)" - - "traefik.http.routers.apache-test-https.entrypoints=websecure" - - "traefik.http.routers.apache-test-https.middlewares=apache-test-redirectregex" - - "traefik.http.routers.apache-test-https.tls=true" - - "traefik.http.routers.apache-test-https.tls.certresolver=myhttpchallenge" - - "traefik.http.middlewares.apache-test-redirectregex.redirectregex.regex=^https://${SAN1}/(.*)" - - "traefik.http.middlewares.apache-test-redirectregex.redirectregex.replacement=https://${CN}/$${1}" + - "traefik.http.routers.gnouswebtest.rule=Host(`${CN}`, `${SAN1}`)" + - "traefik.http.routers.gnouswebtest.middlewares=gnouswebtest-redirectregex" + - "traefik.http.middlewares.gnouswebtest-redirectregex.redirectregex.regex=^https://${SAN1}/(.*)" + - "traefik.http.middlewares.gnouswebtest-redirectregex.redirectregex.replacement=https://${CN}/$${1}" networks: proxy: diff --git a/elastic/docker-compose.yml b/elastic/docker-compose.yml index 7ec9cbd..6fd2c76 100644 --- a/elastic/docker-compose.yml +++ b/elastic/docker-compose.yml @@ -38,14 +38,7 @@ services: labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - - "traefik.http.middlewares.kb-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.kb-http.middlewares=kb-redirect-websecure" - - "traefik.http.routers.kb-http.rule=Host(`${CN}`)" - - "traefik.http.routers.kb-http.entrypoints=web" - - "traefik.http.routers.kb-https.rule=Host(`${CN}`)" - - "traefik.http.routers.kb-https.entrypoints=websecure" - - "traefik.http.routers.kb-https.tls=true" - - "traefik.http.routers.kb-https.tls.certresolver=myhttpchallenge" + - "traefik.http.routers.kb.rule=Host(`${CN}`)" - "co.elastic.logs/module=kibana" networks: diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml index 76bf66b..6e6c0ae 100644 --- a/gitea/docker-compose.yml +++ b/gitea/docker-compose.yml @@ -27,16 +27,9 @@ services: labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - - "traefik.http.services.gitea-web-svc.loadbalancer.server.port=3000" - - "traefik.http.routers.git-https.service=gitea-web-svc" - - "traefik.http.middlewares.git-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.git-http.middlewares=git-redirect-websecure" - - "traefik.http.routers.git-http.rule=Host(`${CN}`)" - - "traefik.http.routers.git-http.entrypoints=web" - - "traefik.http.routers.git-https.rule=Host(`${CN}`)" - - "traefik.http.routers.git-https.entrypoints=websecure" - - "traefik.http.routers.git-https.tls=true" - - "traefik.http.routers.git-https.tls.certresolver=myhttpchallenge" + - "traefik.http.services.gitea-svc.loadbalancer.server.port=3000" + - "traefik.http.routers.gitea.service=gitea-svc" + - "traefik.http.routers.gitea.rule=Host(`${CN}`)" db: image: postgres:13.5 diff --git a/gitlab/docker-compose.yml b/gitlab/docker-compose.yml index fb2da55..9d9ee81 100644 --- a/gitlab/docker-compose.yml +++ b/gitlab/docker-compose.yml @@ -21,16 +21,9 @@ services: - ${DATA_PATH}/data:/var/opt/gitlab labels: - "traefik.enable=true" - - "traefik.http.routers.gitlab-https.service=app" + - "traefik.http.routers.gitlab.service=app" - "traefik.http.services.app.loadbalancer.server.port=80" - - "traefik.http.middlewares.gitlab-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.gitlab-http.middlewares=gitlab-redirect-websecure" - - "traefik.http.routers.gitlab-http.rule=Host(`${CN}`)" - - "traefik.http.routers.gitlab-http.entrypoints=web" - - "traefik.http.routers.gitlab-https.rule=Host(`${CN}`)" - - "traefik.http.routers.gitlab-https.entrypoints=websecure" - - "traefik.http.routers.gitlab-https.tls=true" - - "traefik.http.routers.gitlab-https.tls.certresolver=myhttpchallenge" + - "traefik.http.routers.gitlab.rule=Host(`${CN}`)" networks: proxy: diff --git a/matrix/docker-compose.yml b/matrix/docker-compose.yml index 91a85ea..12d0ae2 100644 --- a/matrix/docker-compose.yml +++ b/matrix/docker-compose.yml @@ -27,16 +27,9 @@ services: labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - - "traefik.http.services.synapse-web-svc.loadbalancer.server.port=8008" - - "traefik.http.routers.synapse-https.service=synapse-web-svc" - - "traefik.http.middlewares.synapse-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.synapse-http.middlewares=synapse-redirect-websecure" - - "traefik.http.routers.synapse-http.rule=Host(`${SYNAPSE_CN}`)" - - "traefik.http.routers.synapse-http.entrypoints=web" - - "traefik.http.routers.synapse-https.rule=Host(`${SYNAPSE_CN}`)" - - "traefik.http.routers.synapse-https.entrypoints=websecure" - - "traefik.http.routers.synapse-https.tls=true" - - "traefik.http.routers.synapse-https.tls.certresolver=myhttpchallenge" + - "traefik.http.services.synapse-svc.loadbalancer.server.port=8008" + - "traefik.http.routers.synapse.service=synapse-svc" + - "traefik.http.routers.synapse.rule=Host(`${SYNAPSE_CN}`)" db: image: postgres:13.9-alpine diff --git a/mattermost/docker-compose.yml b/mattermost/docker-compose.yml index f340504..b9aed1c 100644 --- a/mattermost/docker-compose.yml +++ b/mattermost/docker-compose.yml @@ -30,16 +30,9 @@ services: labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - - "traefik.http.services.mm-web-svc.loadbalancer.server.port=8000" - - "traefik.http.routers.mm-https.service=mm-web-svc" - - "traefik.http.middlewares.mm-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.mm-http.middlewares=mm-redirect-websecure" - - "traefik.http.routers.mm-http.rule=Host(`${CN}`)" - - "traefik.http.routers.mm-http.entrypoints=web" - - "traefik.http.routers.mm-https.rule=Host(`${CN}`)" - - "traefik.http.routers.mm-https.entrypoints=websecure" - - "traefik.http.routers.mm-https.tls=true" - - "traefik.http.routers.mm-https.tls.certresolver=myhttpchallenge" + - "traefik.http.services.mm-svc.loadbalancer.server.port=8000" + - "traefik.http.routers.mm.service=mm-svc" + - "traefik.http.routers.mm.rule=Host(`${CN}`)" networks: proxy: diff --git a/nextcloud/docker-compose.yml b/nextcloud/docker-compose.yml index d778945..26afb4d 100644 --- a/nextcloud/docker-compose.yml +++ b/nextcloud/docker-compose.yml @@ -11,16 +11,9 @@ services: - JWT_ENABLED=true labels: - "traefik.enable=true" - - "traefik.http.middlewares.ds-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.ds-http.middlewares=ds-redirect-websecure" - - "traefik.http.routers.ds-http.rule=Host(`${OOCN}`)" - - "traefik.http.routers.ds-http.entrypoints=web" - - "traefik.http.routers.ds-https.rule=Host(`${OOCN}`)" - - "traefik.http.routers.ds-https.entrypoints=websecure" - - "traefik.http.routers.ds-https.tls=true" - - "traefik.http.routers.ds-https.tls.certresolver=myhttpchallenge" + - "traefik.http.routers.documentserver.rule=Host(`${OOCN}`)" - "traefik.http.middlewares.ds-header.headers.customRequestHeaders.X-Forwarded-Proto=https" - - "traefik.http.routers.ds-https.middlewares=ds-header" + - "traefik.http.routers.documentserver.middlewares=ds-header" redis: image: redis:6.2.1 @@ -63,19 +56,12 @@ services: labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - - "traefik.http.middlewares.nc-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.nc-http.middlewares=nc-redirect-websecure" - - "traefik.http.routers.nc-http.rule=Host(`${NCCN}`,`${SAN1}`)" - - "traefik.http.routers.nc-http.entrypoints=web" - - "traefik.http.routers.nc-https.rule=Host(`${NCCN}`,`${SAN1}`)" - - "traefik.http.routers.nc-https.entrypoints=websecure" - - "traefik.http.routers.nc-https.tls=true" - - "traefik.http.routers.nc-https.tls.certresolver=myhttpchallenge" + - "traefik.http.routers.nc.rule=Host(`${NCCN}`,`${SAN1}`)" - "traefik.http.middlewares.nc-redirectregex.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav" - "traefik.http.middlewares.nc-redirectregex.redirectregex.replacement=https://$${1}/remote.php/dav/" - "traefik.http.middlewares.nc-redirectregex.redirectregex.permanent=true" - - "traefik.http.routers.nc-https.middlewares=nc-redirectregex" - - "traefik.http.routers.nc-https.middlewares=nc-Header" + - "traefik.http.routers.nc.middlewares=nc-redirectregex" + - "traefik.http.routers.nc.middlewares=nc-Header" - "traefik.http.middlewares.nc-Header.headers.stsSeconds=15552000" - "co.elastic.logs/module=apache" - "co.elastic.logs/fileset=access" diff --git a/nginxs/docs/docker-compose.yml b/nginxs/docs/docker-compose.yml index d235c66..22bf70b 100644 --- a/nginxs/docs/docker-compose.yml +++ b/nginxs/docs/docker-compose.yml @@ -15,14 +15,7 @@ services: - /etc/timezone:/etc/timezone:ro labels: - "traefik.enable=true" - - "traefik.http.middlewares.docs-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.docs-http.middlewares=docs-redirect-websecure" - - "traefik.http.routers.docs-http.rule=Host(`${CN}`)" - - "traefik.http.routers.docs-http.entrypoints=web" - - "traefik.http.routers.docs-https.rule=Host(`${CN}`)" - - "traefik.http.routers.docs-https.entrypoints=websecure" - - "traefik.http.routers.docs-https.tls=true" - - "traefik.http.routers.docs-https.tls.certresolver=myhttpchallenge" + - "traefik.http.routers.docs.rule=Host(`${CN}`)" - "co.elastic.logs/module=nginx" networks: diff --git a/roundcube/docker-compose.yml b/roundcube/docker-compose.yml index fa5ea89..b91e128 100644 --- a/roundcube/docker-compose.yml +++ b/roundcube/docker-compose.yml @@ -24,14 +24,7 @@ services: labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - - "traefik.http.middlewares.rc-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.rc-http.middlewares=rc-redirect-websecure" - - "traefik.http.routers.rc-http.rule=Host(`${CN}`)" - - "traefik.http.routers.rc-http.entrypoints=web" - - "traefik.http.routers.rc-https.rule=Host(`${CN}`)" - - "traefik.http.routers.rc-https.entrypoints=websecure" - - "traefik.http.routers.rc-https.tls=true" - - "traefik.http.routers.rc-https.tls.certresolver=myhttpchallenge" + - "traefik.http.routers.rc.rule=Host(`${CN}`)" - "co.elastic.logs/module=apache" - "co.elastic.logs/fileset=access" diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 433576f..5a42ebb 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -3,26 +3,15 @@ version: "3.8" services: traefik: image: traefik:v2.3.4 - command: - - "--log.level=ERROR" -# - "--api.insecure=true" - - "--providers.docker=true" - - "--providers.docker.exposedbydefault=false" - - "--entrypoints.web.address=:80" - - "--entrypoints.websecure.address=:443" - - "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true" - - "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web" - - "--certificatesresolvers.myhttpchallenge.acme.email=${EMAIL}" - - "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json" - - "--accesslog=true" restart: always ports: - 80:80 - 443:443 -# - 8080:8080 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - - ${DATA_PATH}:/letsencrypt + - ${DATA_PATH}/letsencrypt:/letsencrypt + - ${DATA_PATH}/traefik.toml:/traefik.toml + - ${DATA_PATH}/traefik_dynamic.toml:/traefik_dynamic.toml container_name: traefik labels: - "co.elastic.logs/module=traefik" diff --git a/wordpress-valpo/docker-compose.yml b/wordpress-valpo/docker-compose.yml index 85bb500..8ad02a0 100644 --- a/wordpress-valpo/docker-compose.yml +++ b/wordpress-valpo/docker-compose.yml @@ -26,14 +26,7 @@ services: labels: - "traefik.enable=true" - "traefik.docker.network=proxy" - - "traefik.http.middlewares.wp-redirect-websecure.redirectscheme.scheme=https" - - "traefik.http.routers.wp-http.middlewares=wp-redirect-websecure" - - "traefik.http.routers.wp-http.rule=Host(`${CN}`)" - - "traefik.http.routers.wp-http.entrypoints=web" - - "traefik.http.routers.wp-https.rule=Host(`${CN}`)" - - "traefik.http.routers.wp-https.entrypoints=websecure" - - "traefik.http.routers.wp-https.tls=true" - - "traefik.http.routers.wp-https.tls.certresolver=myhttpchallenge" + - "traefik.http.routers.wp-valpo.rule=Host(`${CN}`)" networks: proxy: