services: traefik: container_name: traefik image: traefik:v2.9 command: - "--api.insecure=true" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--providers.docker.network=external" - "--entrypoints.internal.address=:80" - "--entrypoints.internalsecure.address=:443" - "--entrypoints.internal.http.redirections.entryPoint.to=internalsecure" - "--entrypoints.internal.http.redirections.entryPoint.scheme=https" - "--entrypoints.internal.http.redirections.entryPoint.permanent=true" - "--certificatesresolvers.http.acme.httpchallenge=true" - "--certificatesresolvers.http.acme.httpchallenge.entrypoint=external" - "--certificatesresolvers.http.acme.email=acme@bhasher.com" - "--certificatesresolvers.http.acme.storage=acme.json" - "--entrypoints.external.address=:81" - "--entrypoints.externalsecure.address=:444" - "--entrypoints.external.http.redirections.entryPoint.to=externalsecure" - "--entrypoints.external.http.redirections.entryPoint.scheme=https" - "--entrypoints.external.http.redirections.entryPoint.permanent=true" #- "--log.level=DEBUG" - "--metrics.prometheus=true" - "--api.dashboard=true" environment: - TZ=Europe/Paris ports: - "80:80" - "443:443" - "81:81" - "444:444" #- "8080:8080" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - type: bind source: $DATA/traefik/acme.json target: /acme.json - type: bind source: $DATA/traefik/rules.toml target: /rules.toml restart: always labels: - "traefik.enable=true" - "traefik.http.routers.traefik.rule=Host(`traefik.bhasher.com`)" - "traefik.http.services.traefik.loadbalancer.server.port=8080" - "traefik.http.routers.traefik.tls=true" - "traefik.http.routers.traefik.tls.certresolver=http" - "traefik.http.routers.traefik.entrypoints=internalsecure" - "traefik.http.routers.traefik.middlewares=authelia@docker" networks: - external networks: external: name: external