version: "3.3" services: traefik: image: traefik:v2.4 restart: unless-stopped environment: - NETCUP_ENDPOINT=${NETCUP_ENDPOINT} - NETCUP_CUSTOMER_NUMBER=${NETCUP_CUSTOMER_NUMBER} - NETCUP_API_KEY=${NETCUP_API_KEY} - NETCUP_API_PASSWORD=${NETCUP_API_PASSWORD} command: - "--api.insecure=false" - "--api.dashboard=true" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--providers.docker.network=web" - "--providers.docker.endpoint=tcp://docker-socket-proxy:2375" #- "--log.level=DEBUG" #- "--accesslog=true" - "--entrypoints.web.address=:80" - "--entrypoints.web.http.redirections.entrypoint.to=websecure" - "--entrypoints.web.http.redirections.entrypoint.scheme=https" - "--entrypoints.websecure.address=:443" - "--providers.file.filename=/etc/traefik/tls.toml" - "--certificatesresolvers.netcup.acme.dnschallenge=true" - "--certificatesresolvers.netcup.acme.dnsChallenge.provider=netcup" - "--certificatesresolvers.netcup.acme.dnsChallenge.resolvers=46.38.225.230:53,46.38.252.230:53" - "--certificatesresolvers.netcup.acme.email=${LETSENCRYPT_MAIL}" - "--certificatesresolvers.netcup.acme.storage=/letsencrypt/acme.json" ports: - "80:80" - "443:443" networks: - web - proxy volumes: - ${VOLUMES_PATH}/letsencrypt:/letsencrypt - $PWD/tls.toml:/etc/traefik/tls.toml labels: - "traefik.enable=true" - "traefik.http.routers.dashboard.rule=Host(`traefik.${DOMAIN}`)" - "traefik.http.routers.dashboard.service=api@internal" - "traefik.http.routers.dashboard.entrypoints=websecure" - "traefik.http.routers.dashboard.tls.certresolver=netcup" - "traefik.http.routers.dashboard.tls.domains[0].main=${DOMAIN}" - "traefik.http.routers.dashboard.tls.domains[0].sans=*.${DOMAIN}" - "traefik.http.routers.dashboard.tls.options=intermediate@file" - "traefik.http.routers.dashboard.middlewares=auth" - "traefik.http.middlewares.auth.basicauth.users=${HTPASSWD}" - "docker.group=proxy" docker-socket-proxy: image: tecnativa/docker-socket-proxy restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock:ro environment: CONTAINERS: 1 networks: - proxy # whoami: # image: containous/whoami # networks: # - web # labels: # - "traefik.enable=true" # - "traefik.http.routers.whoami.rule=Host(`whoami.${DOMAIN}`)" # - "traefik.http.routers.whoami.entrypoints=websecure" # - "traefik.http.routers.whoami.tls.certresolver=netcup" # - "docker.group=proxy" # restart: unless-stopped networks: web: external: true proxy: