This repository has been archived by the owner on Oct 8, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 106
/
Copy pathdocker-compose-traefik.yml
90 lines (90 loc) · 2.86 KB
/
docker-compose-traefik.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
version: "3.2"
services:
api:
build: ./
image: segleralex/radiobrowser-api-rust:0.7.24
deploy:
replicas: 1
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.compress.compress=true"
- "traefik.http.middlewares.secureheaders.headers.framedeny=true"
- "traefik.http.middlewares.secureheaders.headers.stsSeconds=63072000"
- "traefik.http.routers.apitls.rule=Host(`${SOURCE}`)"
- "traefik.http.routers.apitls.entrypoints=websecure"
- "traefik.http.routers.apitls.middlewares=compress,secureheaders"
- "traefik.http.services.apiservice.loadbalancer.server.port=8080"
networks:
- mynet
environment:
- SOURCE
- ENABLE_CHECK
- DATABASE_URL=mysql://radiouser:password@dbserver/radio
- HOST=0.0.0.0
- CACHETYPE=redis
- CACHETTL=60sec
- CACHEURL=redis://cacheserver:6379
cacheserver:
image: redis
networks:
- mynet
dbserver:
image: mariadb:10.4
deploy:
replicas: 1
environment:
- MYSQL_ROOT_PASSWORD=12345678
- MYSQL_USER=radiouser
- MYSQL_PASSWORD=password
- MYSQL_DATABASE=radio
networks:
- mynet
volumes:
- ./dbdata:/var/lib/mysql
command: ["mysqld","--character-set-server=utf8mb4","--collation-server=utf8mb4_unicode_ci"]
reverse-proxy:
image: traefik:v2.3
# Enables the web UI and tells Traefik to listen to docker
command:
#- "--api=true"
#- "--api.insecure=true"
#- "--log.level=INFO"
- "--providers.docker=true"
- "--providers.docker.swarmMode=true"
- "--providers.docker.exposedByDefault=false"
- "--entryPoints.web.address=:80"
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
- "--entrypoints.web.http.redirections.entrypoint.scheme=https"
- "--entryPoints.websecure.address=:443"
- "--entrypoints.websecure.http.tls.certResolver=letsencrypt"
- "--certificatesresolvers.letsencrypt.acme.email=${EMAIL}"
- "--certificatesresolvers.letsencrypt.acme.storage=acme.json"
- "--certificatesresolvers.letsencrypt.acme.httpchallenge=true"
- "--certificatesresolvers.letsencrypt.acme.httpChallenge.entryPoint=web"
- "--providers.file.filename=/traefik-dyn-config.toml"
deploy:
placement:
constraints:
- node.role == manager
ports:
- target: 80
published: 80
protocol: tcp
mode: host
- target: 443
published: 443
protocol: tcp
mode: host
#- "8080:8080"
volumes:
# So that Traefik can listen to the Docker events
- /var/run/docker.sock:/var/run/docker.sock
- ./acme.json:/acme.json
- ./traefik-dyn-config.toml:/traefik-dyn-config.toml
networks:
- mynet
networks:
mynet:
driver: "overlay"
driver_opts:
encrypted: ""