homelab/dswarm-project
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Revise traefik for swarm

Browse Source
This commit is contained in:
Jim Nicholson 2021-11-28 23:46:28 -08:00
parent b7f062684a
commit a83433c1ce
2 changed files with 14 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
traefik/deploy.sh Normal file
View File

@ -0,0 +1,10 @@
#!/usr/bin/env bash
docker network create --driver=overlay traefik-public
export NODE_ID=$(docker info -f '{{.Swarm.NodeID}}')
docker node update --label-add traefik-public.traefik-public-certificates=true $NODE_ID
export EMAIL=thejimnicholson@gmail.com
export DOMAIN=traefik.swarm.thejimnicholson.com
export USERNAME=jim
export PASSWORD=Call1_advent
export HASHED_PASSWORD=$(openssl passwd -apr1 $PASSWORD)
docker stack deploy -c traefik.yml traefik

13
traefik.yml → traefik/traefik.yml
View File

@ -4,15 +4,12 @@ services:
traefik: traefik:
# Use the latest v2.2.x Traefik image available # Use the latest v2.2.x Traefik image available
image: traefik:v2.5.4 image: traefik:v2.2
ports: ports:
# Listen on port 80, default for HTTP, necessary to redirect to HTTPS # Listen on port 80, default for HTTP, necessary to redirect to HTTPS
- 80:80 - 80:80
# Listen on port 443, default for HTTPS # Listen on port 443, default for HTTPS
- 443:443 - 443:443
environment:
- "AWS_ACCESS_KEY_ID=AKIATUPHA7LDOZY3RRG3"
- "AWS_SECRET_ACCESS_KEY=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"
deploy: deploy:
placement: placement:
constraints: constraints:
@ -46,11 +43,11 @@ services:
- traefik.http.routers.traefik-public-https.entrypoints=https - traefik.http.routers.traefik-public-https.entrypoints=https
- traefik.http.routers.traefik-public-https.tls=true - traefik.http.routers.traefik-public-https.tls=true
# Use the special Traefik service api@internal with the web UI/Dashboard # Use the special Traefik service api@internal with the web UI/Dashboard
- traefik.http.routers.traefik-public-http.service=api@internal - traefik.http.routers.traefik-public-https.service=api@internal
# Use the "le" (Let's Encrypt) resolver created below # Use the "le" (Let's Encrypt) resolver created below
- traefik.http.routers.traefik-public-https.tls.certresolver=le - traefik.http.routers.traefik-public-https.tls.certresolver=le
# Enable HTTP Basic auth, using the middleware created above # Enable HTTP Basic auth, using the middleware created above
- traefik.http.routers.traefik-public-http.middlewares=admin-auth - traefik.http.routers.traefik-public-https.middlewares=admin-auth
# Define the port inside of the Docker service to use # Define the port inside of the Docker service to use
- traefik.http.services.traefik-public.loadbalancer.server.port=8080 - traefik.http.services.traefik-public.loadbalancer.server.port=8080
volumes: volumes:
@ -76,9 +73,7 @@ services:
# Store the Let's Encrypt certificates in the mounted volume # Store the Let's Encrypt certificates in the mounted volume
- --certificatesresolvers.le.acme.storage=/certificates/acme.json - --certificatesresolvers.le.acme.storage=/certificates/acme.json
# Use the TLS Challenge for Let's Encrypt # Use the TLS Challenge for Let's Encrypt
# - --certificatesresolvers.le.acme.tlschallenge=true - --certificatesresolvers.le.acme.tlschallenge=true
- --certificatesresolvers.le.acme.dnschallenge=true
- --certificatesresolvers.le.acme.dnschallenge.provider=route53
# Enable the access log, with HTTP requests # Enable the access log, with HTTP requests
- --accesslog - --accesslog
# Enable the Traefik log, for configurations and errors # Enable the Traefik log, for configurations and errors