- Copy
docker-compose.example.ymltodocker-compose.ymland modify the content - Create the external Traefik network you have set up, e.g.
docker network create --driver=overlay web - Optional if dnsChallenge with TransIP
- Generate a Key Pair in the TransIP panel
- Save it as
transip.keyon the Docker Swarm server and in your password manager - Create a secret
docker secret create transip-private-key ./transip.key - Remove
rm transip.keyon the Docker Swarm server
- You can now deploy your stack
bash deploy-stack.sh - Check if everything is working properly
docker service ls
The example below shows how you can add Traefik to your project.
version: '3.8'
services:
nginx:
image: my-project/my-image:latest
deploy:
replicas: 1
restart_policy:
condition: on-failure
labels:
- "traefik.enable=true"
- "traefik.http.services.my-project.loadbalancer.server.port=80"
- "traefik.http.routers.my-project-http.rule=Host(`my-project.test`)"
- "traefik.http.routers.my-project-http.entrypoints=web"
- "traefik.http.routers.my-project-http.middlewares=to-https@file"
- "traefik.http.routers.my-project.service=my-project"
- "traefik.http.routers.my-project.rule=Host(`my-project.test`)"
- "traefik.http.routers.my-project.entrypoints=websecure"
- "traefik.http.routers.my-project.middlewares=secure-headers@file"
# Option 1: tlsChallenge
- "traefik.http.routers.my-project.tls.certresolver=lets-encrypt"
# Option 2: dnsChallenge with TransIP and a wildcard certificate
- "traefik.http.routers.my-project.tls.certresolver=transip"
- "traefik.http.routers.my-project.tls.domains[0].main=my-project.test"
- "traefik.http.routers.my-project.tls.domains[0].sans=*.my-project.test"
networks:
- network
- web
networks:
network:
web:
external: true