Secure Treafik by using socket proxy for docker socket

This commit is contained in:
Florian Zirker 2021-04-01 19:20:06 +02:00
parent 30ebabc2ec
commit f71b5aa5d6

View file

@ -16,8 +16,9 @@ services:
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--providers.docker.network=web"
- "--providers.docker.endpoint=tcp://docker-socket-proxy:2375"
#- "--log.level=DEBUG"
- "--accesslog=true"
#- "--accesslog=true"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entrypoint.to=websecure"
- "--entrypoints.web.http.redirections.entrypoint.scheme=https"
@ -33,8 +34,8 @@ services:
- "443:443"
networks:
- web
- proxy
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
- ${VOLUMES_PATH}/letsencrypt:/letsencrypt
- $PWD/tls.toml:/etc/traefik/tls.toml
labels:
@ -50,6 +51,16 @@ services:
- "traefik.http.middlewares.auth.basicauth.users=${HTPASSWD}"
- "docker.group=proxy"
docker-socket-proxy:
image: tecnativa/docker-socket-proxy
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: 1
networks:
- proxy
# whoami:
# image: containous/whoami
@ -67,4 +78,4 @@ services:
networks:
web:
external: true
proxy: