Gnous/docker
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update traefik config + labels on services

Browse Source 
see https://cloud.gnous.fr/apps/deck/#/board/4/card/196
This commit is contained in:
thopic 2023-02-01 18:43:13 +01:00
parent f75248db24
commit ca70931184
Signed by: thopic
GPG Key ID: 292DBBF0B54AD4C5
13 changed files with 37 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
apaches/docker-compose.yml
View File

@ -16,22 +16,14 @@ services:
- ${DATA_PATH}:/var/www/ - ${DATA_PATH}:/var/www/
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.middlewares.apache-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.gnousweb.rule=Host(`${CN}`, `${SAN1}`)"
- "traefik.http.routers.apache-http.middlewares=apache-redirect-websecure" # - "traefik.http.routers.gnousweb.rule=Host(`${CN}`, `${SAN1}`, `${TRAVAUXCN}`)"
- "traefik.http.routers.apache-http.rule=Host(`${CN}`, `${SAN1}`)" - "traefik.http.middlewares.gnousweb-force-cn.redirectregex.regex=^https://${SAN1}/(.*)"
# - "traefik.http.routers.apache-http.rule=Host(`${CN}`, `${SAN1}`, `${TRAVAUXCN}`)" - "traefik.http.middlewares.gnousweb-force-cn.redirectregex.replacement=https://${CN}/$${1}"
- "traefik.http.routers.apache-http.entrypoints=web" # - "traefik.http.middlewares.gnous-travaux.redirectregex.regex=^https://${TRAVAUXCN}/"
- "traefik.http.routers.apache-https.rule=Host(`${CN}`, `${SAN1}`)" # - "traefik.http.middlewares.gnous-travaux.redirectregex.replacement=https://${CN}/travaux.php"
# - "traefik.http.routers.apache-https.rule=Host(`${CN}`, `${SAN1}`, `${TRAVAUXCN}`)" - "traefik.http.routers.gnousweb.middlewares=gnousweb-force-cn"
- "traefik.http.routers.apache-https.entrypoints=websecure" # - "traefik.http.routers.gnousweb.middlewares=apache-force-cn,apache-travaux"
- "traefik.http.routers.apache-https.tls=true"
- "traefik.http.routers.apache-https.tls.certresolver=myhttpchallenge"
- "traefik.http.middlewares.apache-force-cn.redirectregex.regex=^https://${SAN1}/(.*)"
- "traefik.http.middlewares.apache-force-cn.redirectregex.replacement=https://${CN}/$${1}"
# - "traefik.http.middlewares.apache-travaux.redirectregex.regex=^https://${TRAVAUXCN}/"
# - "traefik.http.middlewares.apache-travaux.redirectregex.replacement=https://${CN}/travaux.php"
- "traefik.http.routers.apache-https.middlewares=apache-force-cn"
# - "traefik.http.routers.apache-https.middlewares=apache-force-cn,apache-travaux"
- "co.elastic.logs/module=apache" - "co.elastic.logs/module=apache"
- "co.elastic.logs/fileset=access" - "co.elastic.logs/fileset=access"

9
apaches/maintenance/docker-compose.yml
View File

@ -16,13 +16,8 @@ services:
- ${DATA_PATH}/public-html:/var/www/html/ - ${DATA_PATH}/public-html:/var/www/html/
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.maintenance-http.rule=HostRegexp(`{catchall:.*}`)" - "traefik.http.routers.maintenance.rule=HostRegexp(`{catchall:.*}`)"
- "traefik.http.routers.maintenance-http.entrypoints=web" - "traefik.http.routers.maintenance.priority=1"
- "traefik.http.routers.maintenance-http.priority=1"
- "traefik.http.routers.maintenance-https.rule=HostRegexp(`{catchall:.*}`)"
- "traefik.http.routers.maintenance-https.entrypoints=websecure"
- "traefik.http.routers.maintenance-https.priority=1"
- "traefik.http.routers.maintenance-https.tls=true"
- "co.elastic.logs/module=apache" - "co.elastic.logs/module=apache"
- "co.elastic.logs/fileset=access" - "co.elastic.logs/fileset=access"

15
apaches/testing/docker-compose.yml
View File

@ -16,17 +16,10 @@ services:
- ${DATA_PATH}:/var/www/ - ${DATA_PATH}:/var/www/
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.middlewares.apache-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.gnouswebtest.rule=Host(`${CN}`, `${SAN1}`)"
- "traefik.http.routers.apache-test-http.middlewares=apache-redirect-websecure" - "traefik.http.routers.gnouswebtest.middlewares=gnouswebtest-redirectregex"
- "traefik.http.routers.apache-test-http.rule=Host(`${CN}`, `${SAN1}`)" - "traefik.http.middlewares.gnouswebtest-redirectregex.redirectregex.regex=^https://${SAN1}/(.*)"
- "traefik.http.routers.apache-test-http.entrypoints=web" - "traefik.http.middlewares.gnouswebtest-redirectregex.redirectregex.replacement=https://${CN}/$${1}"
- "traefik.http.routers.apache-test-https.rule=Host(`${CN}`, `${SAN1}`)"
- "traefik.http.routers.apache-test-https.entrypoints=websecure"
- "traefik.http.routers.apache-test-https.middlewares=apache-test-redirectregex"
- "traefik.http.routers.apache-test-https.tls=true"
- "traefik.http.routers.apache-test-https.tls.certresolver=myhttpchallenge"
- "traefik.http.middlewares.apache-test-redirectregex.redirectregex.regex=^https://${SAN1}/(.*)"
- "traefik.http.middlewares.apache-test-redirectregex.redirectregex.replacement=https://${CN}/$${1}"
networks: networks:
proxy: proxy:

9
elastic/docker-compose.yml
View File

@ -38,14 +38,7 @@ services:
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.docker.network=proxy" - "traefik.docker.network=proxy"
- "traefik.http.middlewares.kb-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.kb.rule=Host(`${CN}`)"
- "traefik.http.routers.kb-http.middlewares=kb-redirect-websecure"
- "traefik.http.routers.kb-http.rule=Host(`${CN}`)"
- "traefik.http.routers.kb-http.entrypoints=web"
- "traefik.http.routers.kb-https.rule=Host(`${CN}`)"
- "traefik.http.routers.kb-https.entrypoints=websecure"
- "traefik.http.routers.kb-https.tls=true"
- "traefik.http.routers.kb-https.tls.certresolver=myhttpchallenge"
- "co.elastic.logs/module=kibana" - "co.elastic.logs/module=kibana"
networks: networks:

13
gitea/docker-compose.yml
View File

@ -27,16 +27,9 @@ services:
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.docker.network=proxy" - "traefik.docker.network=proxy"
- "traefik.http.services.gitea-web-svc.loadbalancer.server.port=3000" - "traefik.http.services.gitea-svc.loadbalancer.server.port=3000"
- "traefik.http.routers.git-https.service=gitea-web-svc" - "traefik.http.routers.gitea.service=gitea-svc"
- "traefik.http.middlewares.git-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.gitea.rule=Host(`${CN}`)"
- "traefik.http.routers.git-http.middlewares=git-redirect-websecure"
- "traefik.http.routers.git-http.rule=Host(`${CN}`)"
- "traefik.http.routers.git-http.entrypoints=web"
- "traefik.http.routers.git-https.rule=Host(`${CN}`)"
- "traefik.http.routers.git-https.entrypoints=websecure"
- "traefik.http.routers.git-https.tls=true"
- "traefik.http.routers.git-https.tls.certresolver=myhttpchallenge"
db: db:
image: postgres:13.5 image: postgres:13.5

11
gitlab/docker-compose.yml
View File

@ -21,16 +21,9 @@ services:
- ${DATA_PATH}/data:/var/opt/gitlab - ${DATA_PATH}/data:/var/opt/gitlab
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.routers.gitlab-https.service=app" - "traefik.http.routers.gitlab.service=app"
- "traefik.http.services.app.loadbalancer.server.port=80" - "traefik.http.services.app.loadbalancer.server.port=80"
- "traefik.http.middlewares.gitlab-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.gitlab.rule=Host(`${CN}`)"
- "traefik.http.routers.gitlab-http.middlewares=gitlab-redirect-websecure"
- "traefik.http.routers.gitlab-http.rule=Host(`${CN}`)"
- "traefik.http.routers.gitlab-http.entrypoints=web"
- "traefik.http.routers.gitlab-https.rule=Host(`${CN}`)"
- "traefik.http.routers.gitlab-https.entrypoints=websecure"
- "traefik.http.routers.gitlab-https.tls=true"
- "traefik.http.routers.gitlab-https.tls.certresolver=myhttpchallenge"
networks: networks:
proxy: proxy:

13
matrix/docker-compose.yml
View File

@ -27,16 +27,9 @@ services:
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.docker.network=proxy" - "traefik.docker.network=proxy"
- "traefik.http.services.synapse-web-svc.loadbalancer.server.port=8008" - "traefik.http.services.synapse-svc.loadbalancer.server.port=8008"
- "traefik.http.routers.synapse-https.service=synapse-web-svc" - "traefik.http.routers.synapse.service=synapse-svc"
- "traefik.http.middlewares.synapse-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.synapse.rule=Host(`${SYNAPSE_CN}`)"
- "traefik.http.routers.synapse-http.middlewares=synapse-redirect-websecure"
- "traefik.http.routers.synapse-http.rule=Host(`${SYNAPSE_CN}`)"
- "traefik.http.routers.synapse-http.entrypoints=web"
- "traefik.http.routers.synapse-https.rule=Host(`${SYNAPSE_CN}`)"
- "traefik.http.routers.synapse-https.entrypoints=websecure"
- "traefik.http.routers.synapse-https.tls=true"
- "traefik.http.routers.synapse-https.tls.certresolver=myhttpchallenge"
db: db:
image: postgres:13.9-alpine image: postgres:13.9-alpine

13
mattermost/docker-compose.yml
View File

@ -30,16 +30,9 @@ services:
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.docker.network=proxy" - "traefik.docker.network=proxy"
- "traefik.http.services.mm-web-svc.loadbalancer.server.port=8000" - "traefik.http.services.mm-svc.loadbalancer.server.port=8000"
- "traefik.http.routers.mm-https.service=mm-web-svc" - "traefik.http.routers.mm.service=mm-svc"
- "traefik.http.middlewares.mm-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.mm.rule=Host(`${CN}`)"
- "traefik.http.routers.mm-http.middlewares=mm-redirect-websecure"
- "traefik.http.routers.mm-http.rule=Host(`${CN}`)"
- "traefik.http.routers.mm-http.entrypoints=web"
- "traefik.http.routers.mm-https.rule=Host(`${CN}`)"
- "traefik.http.routers.mm-https.entrypoints=websecure"
- "traefik.http.routers.mm-https.tls=true"
- "traefik.http.routers.mm-https.tls.certresolver=myhttpchallenge"
networks: networks:
proxy: proxy:

24
nextcloud/docker-compose.yml
View File

@ -11,16 +11,9 @@ services:
- JWT_ENABLED=true - JWT_ENABLED=true
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.middlewares.ds-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.documentserver.rule=Host(`${OOCN}`)"
- "traefik.http.routers.ds-http.middlewares=ds-redirect-websecure"
- "traefik.http.routers.ds-http.rule=Host(`${OOCN}`)"
- "traefik.http.routers.ds-http.entrypoints=web"
- "traefik.http.routers.ds-https.rule=Host(`${OOCN}`)"
- "traefik.http.routers.ds-https.entrypoints=websecure"
- "traefik.http.routers.ds-https.tls=true"
- "traefik.http.routers.ds-https.tls.certresolver=myhttpchallenge"
- "traefik.http.middlewares.ds-header.headers.customRequestHeaders.X-Forwarded-Proto=https" - "traefik.http.middlewares.ds-header.headers.customRequestHeaders.X-Forwarded-Proto=https"
- "traefik.http.routers.ds-https.middlewares=ds-header" - "traefik.http.routers.documentserver.middlewares=ds-header"
redis: redis:
image: redis:6.2.1 image: redis:6.2.1
@ -63,19 +56,12 @@ services:
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.docker.network=proxy" - "traefik.docker.network=proxy"
- "traefik.http.middlewares.nc-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.nc.rule=Host(`${NCCN}`,`${SAN1}`)"
- "traefik.http.routers.nc-http.middlewares=nc-redirect-websecure"
- "traefik.http.routers.nc-http.rule=Host(`${NCCN}`,`${SAN1}`)"
- "traefik.http.routers.nc-http.entrypoints=web"
- "traefik.http.routers.nc-https.rule=Host(`${NCCN}`,`${SAN1}`)"
- "traefik.http.routers.nc-https.entrypoints=websecure"
- "traefik.http.routers.nc-https.tls=true"
- "traefik.http.routers.nc-https.tls.certresolver=myhttpchallenge"
- "traefik.http.middlewares.nc-redirectregex.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav" - "traefik.http.middlewares.nc-redirectregex.redirectregex.regex=https://(.*)/.well-known/(card|cal)dav"
- "traefik.http.middlewares.nc-redirectregex.redirectregex.replacement=https://$${1}/remote.php/dav/" - "traefik.http.middlewares.nc-redirectregex.redirectregex.replacement=https://$${1}/remote.php/dav/"
- "traefik.http.middlewares.nc-redirectregex.redirectregex.permanent=true" - "traefik.http.middlewares.nc-redirectregex.redirectregex.permanent=true"
- "traefik.http.routers.nc-https.middlewares=nc-redirectregex" - "traefik.http.routers.nc.middlewares=nc-redirectregex"
- "traefik.http.routers.nc-https.middlewares=nc-Header" - "traefik.http.routers.nc.middlewares=nc-Header"
- "traefik.http.middlewares.nc-Header.headers.stsSeconds=15552000" - "traefik.http.middlewares.nc-Header.headers.stsSeconds=15552000"
- "co.elastic.logs/module=apache" - "co.elastic.logs/module=apache"
- "co.elastic.logs/fileset=access" - "co.elastic.logs/fileset=access"

9
nginxs/docs/docker-compose.yml
View File

@ -15,14 +15,7 @@ services:
- /etc/timezone:/etc/timezone:ro - /etc/timezone:/etc/timezone:ro
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.middlewares.docs-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.docs.rule=Host(`${CN}`)"
- "traefik.http.routers.docs-http.middlewares=docs-redirect-websecure"
- "traefik.http.routers.docs-http.rule=Host(`${CN}`)"
- "traefik.http.routers.docs-http.entrypoints=web"
- "traefik.http.routers.docs-https.rule=Host(`${CN}`)"
- "traefik.http.routers.docs-https.entrypoints=websecure"
- "traefik.http.routers.docs-https.tls=true"
- "traefik.http.routers.docs-https.tls.certresolver=myhttpchallenge"
- "co.elastic.logs/module=nginx" - "co.elastic.logs/module=nginx"
networks: networks:

9
roundcube/docker-compose.yml
View File

@ -24,14 +24,7 @@ services:
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.docker.network=proxy" - "traefik.docker.network=proxy"
- "traefik.http.middlewares.rc-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.rc.rule=Host(`${CN}`)"
- "traefik.http.routers.rc-http.middlewares=rc-redirect-websecure"
- "traefik.http.routers.rc-http.rule=Host(`${CN}`)"
- "traefik.http.routers.rc-http.entrypoints=web"
- "traefik.http.routers.rc-https.rule=Host(`${CN}`)"
- "traefik.http.routers.rc-https.entrypoints=websecure"
- "traefik.http.routers.rc-https.tls=true"
- "traefik.http.routers.rc-https.tls.certresolver=myhttpchallenge"
- "co.elastic.logs/module=apache" - "co.elastic.logs/module=apache"
- "co.elastic.logs/fileset=access" - "co.elastic.logs/fileset=access"

17
traefik/docker-compose.yml
View File

@ -3,26 +3,15 @@ version: "3.8"
services: services:
traefik: traefik:
image: traefik:v2.3.4 image: traefik:v2.3.4
command:
- "--log.level=ERROR"
# - "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myhttpchallenge.acme.email=${EMAIL}"
- "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json"
- "--accesslog=true"
restart: always restart: always
ports: ports:
- 80:80 - 80:80
- 443:443 - 443:443
# - 8080:8080
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro
- ${DATA_PATH}:/letsencrypt - ${DATA_PATH}/letsencrypt:/letsencrypt
- ${DATA_PATH}/traefik.toml:/traefik.toml
- ${DATA_PATH}/traefik_dynamic.toml:/traefik_dynamic.toml
container_name: traefik container_name: traefik
labels: labels:
- "co.elastic.logs/module=traefik" - "co.elastic.logs/module=traefik"

9
wordpress-valpo/docker-compose.yml
View File

@ -26,14 +26,7 @@ services:
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.docker.network=proxy" - "traefik.docker.network=proxy"
- "traefik.http.middlewares.wp-redirect-websecure.redirectscheme.scheme=https" - "traefik.http.routers.wp-valpo.rule=Host(`${CN}`)"
- "traefik.http.routers.wp-http.middlewares=wp-redirect-websecure"
- "traefik.http.routers.wp-http.rule=Host(`${CN}`)"
- "traefik.http.routers.wp-http.entrypoints=web"
- "traefik.http.routers.wp-https.rule=Host(`${CN}`)"
- "traefik.http.routers.wp-https.entrypoints=websecure"
- "traefik.http.routers.wp-https.tls=true"
- "traefik.http.routers.wp-https.tls.certresolver=myhttpchallenge"
networks: networks:
proxy: proxy: