commit 0fb7ffa11358ebff507d98e5e34410a7ddc8f5bc Author: Paul Scheunemann Date: Sun Jul 9 17:46:14 2017 +0200 Initial commit diff --git a/cert/.gitkeep b/cert/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/config/.gitignore b/config/.gitignore new file mode 100644 index 0000000..069fa6c --- /dev/null +++ b/config/.gitignore @@ -0,0 +1 @@ +acme.toml diff --git a/config/acme.toml b/config/acme.toml new file mode 100644 index 0000000..bc2192f --- /dev/null +++ b/config/acme.toml @@ -0,0 +1,26 @@ +# new domains and subdomains can be configured here, the file is read +# automatically after modification. +# +# note that domains and subdomains not defined in this file will still work +# when defined in a container Host-Rule. However, they will generate +# their own ACME request, and will count towards LetsEncrypt's rate limit. + +#[acme] +#email = "hostmaster@zom.bi" +#storage = "cert/acme.json" +#entryPoint = "https" +#onDemand = false +#OnHostRule = true +# +#[[acme.domains]] +# main = "zom.bi" +# sans = [ +# "blog.zom.bi", +# "www.zom.bi", +# ] + +# You can define multiple of these blocks, each of which will result in one +# certificate. +#[[acme.domains]] +# main = "zombi.systems" +# sans = ["www.zombi.systems", "blog.zombi.systems"] diff --git a/config/traefik.toml b/config/traefik.toml new file mode 100644 index 0000000..6132a5a --- /dev/null +++ b/config/traefik.toml @@ -0,0 +1,32 @@ +# accept invalid SSL certs for backends +InsecureSkipVerify = true + +defaultEntryPoints = ["http", "https"] + +[entryPoints] + [entryPoints.http] + address = ":80" + [entryPoints.http.redirect] + entryPoint = "https" + [entryPoints.https] + address = ":443" + [entryPoints.https.tls] + +[web] +address = ":8080" + +[docker] +endpoint = "unix:///var/run/docker.sock" +domain = "docker.localhost" +watch = true +exposedbydefault = false + +# embed acme configuration. +# new domains and subdomains can be configured here, the file is read +# automatically after modification. +# note that domains and subdomains not defined in this file will still work, +# when defined in a container Host-Rule. However, they will generate +# their own ACME request, and will count towards LetsEncrypt's rate limit. +[file] +filename = "acme.toml" +watch = true diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..e2c8b53 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,24 @@ +version: '2' + +services: + proxy: + image: traefik + command: --logLevel=INFO + networks: + - "webgateway" + ports: + - "80:80" + - "443:443" + volumes: + - "/var/run/docker.sock:/var/run/docker.sock" + - "./cert/:/cert/" + - "./traefik.toml:/traefik.toml:ro" + - "./config/:/etc/traefik/:ro" + labels: + - "traefik.enable=false" # set to true to expose the Monitoring & API + - "traefik.backend=proxy" + - "traefik.port=8080" + +networks: + webgateway: + driver: bridge