shoarma/ansible/roles/traefik/docker-stack.yml.j2

# vi: ft=yaml
version: "3.7"

networks:
  traefik:
    external: true

services:
  traefik:
    image: traefik:3.0
    networks:
      - traefik
    ports:
      - 443:443
      - 80:80
      - 8080:8080
    deploy:
      placement:
        constraints: [node.labels.traefik == true]
      labels:
        - traefik.enable=true
        - traefik.http.routers.dashboard.rule=Host(`maestro.dmz`)
        - traefik.http.routers.dashboard.service=api@internal
        - traefik.http.services.dummy-svc.loadbalancer.server.port=8080
    volumes:
      - type: bind
        source: /var/run/docker.sock
        target: /var/run/docker.sock
    command:
      - --providers.docker
      - --providers.docker.swarmmode
      - --providers.docker.watch
      - --api
      - --api.insecure=true
      - --api.dashboard=true
      - --entrypoints.web.address=:80
      - --entrypoints.web.http.redirections.entrypoint=true
      - --entrypoints.web.http.redirections.entrypoint.to=websecure
      - --entrypoints.web.http.redirections.entrypoint.scheme=https
      - --entrypoints.web.http.redirections.entrypoint.permanent=true
      - --entrypoints.websecure.address=:443
      - --providers.docker.exposedbydefault=false
      - --certificatesresolvers.letsencrypt.acme=true
      - --certificatesresolvers.letsencrypt.acme.email=pim@kunis.nl
      - --certificatesresolvers.letsencrypt.acme.httpchallenge=true
      - --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
add simple traefik stack 2023-05-02 10:22:16 +00:00			`# vi: ft=yaml`
			`version: "3.7"`

			`networks:`
			`traefik:`
			`external: true`

			`services:`
			`traefik:`
			`image: traefik:3.0`
			`networks:`
			`- traefik`
			`ports:`
enable https 2023-05-02 12:41:14 +00:00			`- 443:443`
add simple traefik stack 2023-05-02 10:22:16 +00:00			`- 80:80`
			`- 8080:8080`
			`deploy:`
			`placement:`
			`constraints: [node.labels.traefik == true]`
			`labels:`
			`- traefik.enable=true`
			- traefik.http.routers.dashboard.rule=Host(`maestro.dmz`)
			`- traefik.http.routers.dashboard.service=api@internal`
			`- traefik.http.services.dummy-svc.loadbalancer.server.port=8080`
			`volumes:`
			`- type: bind`
			`source: /var/run/docker.sock`
			`target: /var/run/docker.sock`
			`command:`
			`- --providers.docker`
			`- --providers.docker.swarmmode`
			`- --providers.docker.watch`
			`- --api`
			`- --api.insecure=true`
			`- --api.dashboard=true`
			`- --entrypoints.web.address=:80`
enable https 2023-05-02 12:41:14 +00:00			`- --entrypoints.web.http.redirections.entrypoint=true`
			`- --entrypoints.web.http.redirections.entrypoint.to=websecure`
			`- --entrypoints.web.http.redirections.entrypoint.scheme=https`
			`- --entrypoints.web.http.redirections.entrypoint.permanent=true`
			`- --entrypoints.websecure.address=:443`
add simple traefik stack 2023-05-02 10:22:16 +00:00			`- --providers.docker.exposedbydefault=false`
enable https 2023-05-02 12:41:14 +00:00			`- --certificatesresolvers.letsencrypt.acme=true`
			`- --certificatesresolvers.letsencrypt.acme.email=pim@kunis.nl`
			`- --certificatesresolvers.letsencrypt.acme.httpchallenge=true`
			`- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web`