Added labels on "prowlarr" to make it work with traefik.
Added Traefik to docker compose.
This commit is contained in:
parent
bc8c850405
commit
056f1f7fe2
@ -59,10 +59,11 @@ services:
|
|||||||
- TZ=Europe/Stockholm
|
- TZ=Europe/Stockholm
|
||||||
labels:
|
labels:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
|
- traefik.constraint-label=traefik-public
|
||||||
- "traefik.http.routers.arr-prowlarr.rule=(Host(`niefelheim.com`) && Path(`/prowlarr`))"
|
- "traefik.http.routers.arr-prowlarr.rule=(Host(`niefelheim.com`) && Path(`/prowlarr`))"
|
||||||
- "traefik.http.routers.arr-prowlarr_https.rule=(Host(`niefelheim.com`) && Path(`/prowlarr`))"
|
- "traefik.http.routers.arr-prowlarr_https.rule=(Host(`niefelheim.com`) && Path(`/prowlarr`))"
|
||||||
- traefik.http.services.arr-prowlarr.loadbalancer.server.port=9696
|
- traefik.http.services.arr-prowlarr.loadbalancer.server.port=9696
|
||||||
- traefik.http.routers.arr-prowlarr_https.entrypoints=web-secure
|
- traefik.http.routers.arr-prowlarr_https.entrypoints=http
|
||||||
- traefik.http.routers.arr-prowlarr_https.tls=true
|
- traefik.http.routers.arr-prowlarr_https.tls=true
|
||||||
- traefik.http.routers.arr-prowlarr_https.tls.certresolver=le
|
- traefik.http.routers.arr-prowlarr_https.tls.certresolver=le
|
||||||
volumes:
|
volumes:
|
||||||
|
|||||||
@ -3,7 +3,74 @@ version: '3'
|
|||||||
services:
|
services:
|
||||||
reverse-proxy:
|
reverse-proxy:
|
||||||
image: traefik:v3.1
|
image: traefik:v3.1
|
||||||
command: --api.insecure=true --providers.docker
|
command:
|
||||||
|
- --providers.docker
|
||||||
|
- --global.checkNewVersion=true
|
||||||
|
- --providers.docker.exposedbydefault=false
|
||||||
|
- --providers.swarm.endpoint=unix:///var/run/docker.sock
|
||||||
|
- --providers.docker.constraints=Label(`traefik.constraint-label`, `traefik-public`)
|
||||||
|
- --entrypoints.http.address=:80
|
||||||
|
- --entrypoints.https.address=:443
|
||||||
|
- --certificatesresolvers.le.acme.email=${EMAIL?Variable not set}
|
||||||
|
- --certificatesresolvers.le.acme.storage=/certificates/acme.json
|
||||||
|
- --certificatesresolvers.le.acme.tlschallenge=true
|
||||||
|
- --log
|
||||||
|
- --api=true
|
||||||
|
- --api.dashboard=true
|
||||||
|
- --api.insecure=true
|
||||||
|
- --log=true
|
||||||
|
- --log.filePath=/logs/traefik.log
|
||||||
|
- --log.level=INFO
|
||||||
|
- --accessLog=true
|
||||||
|
- --accessLog.filePath=/logs/access.log
|
||||||
|
- --accessLog.bufferingSize=100
|
||||||
|
- --accessLog.filters.statusCodes=204-299,400-499,500-599
|
||||||
|
- --providers.file.directory=rules
|
||||||
|
- --providers.file.watch=true
|
||||||
|
|
||||||
|
labels:
|
||||||
|
# Enable Traefik for this service, to make it available in the public network
|
||||||
|
- traefik.enable=true
|
||||||
|
# Use the traefik-public network (declared below)
|
||||||
|
- traefik.docker-network=traefik-public
|
||||||
|
# Use the custome label "traefik.constraint-label=traefik-public"
|
||||||
|
# This public Traefik will only use services with this label
|
||||||
|
# That way you can add other internal Traefik instances per stack if needed
|
||||||
|
#- traefik.constraint-label=traefik-public
|
||||||
|
# admin-auth middleware with HTTP Basic auth
|
||||||
|
# Using the environment variables USERNAME and HASHED_PASSOWRD
|
||||||
|
- traefik.http.middlewares.admin-auth.basicauth.users=${USERNAME?Variable not set}:${HASHED_PASSWORD?Variable not set}
|
||||||
|
# https-redirect middleware to redirect HTTP to HTTPS
|
||||||
|
# It can be re-used by other stacks in other Docker Compose files
|
||||||
|
- traefik.http.middlewares.https-redirect.redirectscheme.scheme=https
|
||||||
|
- traefik.http.middlewares.https-redirect.redirectscheme.permanent=true
|
||||||
|
# traefik-http set up only to use the middleware to redirect to https
|
||||||
|
# Uses the environment variable DOMAIN
|
||||||
|
- traefik.http.routers.traefik-public-http.rule=Host(`${DOMAIN?Variable not set}`)
|
||||||
|
- traefik.http.routers.traefik-public-http.entrypoints=http
|
||||||
|
- traefik.http.routers.traefik-public-http.middlewares=https-redirect
|
||||||
|
# traefik-https the actual router using HTTPS
|
||||||
|
# Uses the environment variable DOMAIN
|
||||||
|
- traefik.http.routers.traefik-public-https.rule=Host(`${DOMAIN?Variable not set}`)
|
||||||
|
- traefik.http.routers.traefik-public-https.entrypoints=https
|
||||||
|
- traefik.http.routers.traefik-public-https.tls=true
|
||||||
|
# Use the special Traefik service api@internal with the web UI/Dashboard
|
||||||
|
- traefik.http.routers.traefik-public-https.service=api@internal
|
||||||
|
# Use the "le" (Let's Encrypt) resolver created below
|
||||||
|
- traefik.http.routers.traefik-public-https.tls.certresolver=le
|
||||||
|
# Enable HTTP Basic auth, using the middleware created above
|
||||||
|
- traefik.http.routers.traefik-public-https.middlewares=admin-auth
|
||||||
|
# Define the port inside of the Docker service to use
|
||||||
|
- traefik.http.services.traefik-public.loadbalancer.server.port=8080
|
||||||
|
volumes:
|
||||||
|
# Add Docker as a mounted volume, so that Traefik can read the labels of other services
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||||
|
# Mount the volume to store the certificates
|
||||||
|
- /data/share/traefik/certificates:/certificates
|
||||||
|
# Mount the volume to store logs
|
||||||
|
- /data/share/traefik/logs:/logs
|
||||||
|
# Mount the directory where rules are saved
|
||||||
|
- /data/share/traefik/rules:/rules
|
||||||
ports:
|
ports:
|
||||||
# The HTTP port
|
# The HTTP port
|
||||||
- "180:80"
|
- "180:80"
|
||||||
@ -11,5 +78,3 @@ services:
|
|||||||
- "1443:443"
|
- "1443:443"
|
||||||
# The web UI (enabled by --api.insecure=true)
|
# The web UI (enabled by --api.insecure=true)
|
||||||
- "8080:8080"
|
- "8080:8080"
|
||||||
volumes:
|
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user