98 lines
3.3 KiB
YAML
98 lines
3.3 KiB
YAML
|
version: '3.8'
|
||
|
|
||
|
services:
|
||
|
proxy:
|
||
|
image: traefik:v2.3
|
||
|
hostname: coollabs-proxy
|
||
|
ports:
|
||
|
- target: 80
|
||
|
published: 80
|
||
|
protocol: tcp
|
||
|
mode: host
|
||
|
- target: 443
|
||
|
published: 443
|
||
|
protocol: tcp
|
||
|
mode: host
|
||
|
command:
|
||
|
- --api.insecure=false
|
||
|
- --api.dashboard=false
|
||
|
- --api.debug=false
|
||
|
- --log.level=ERROR
|
||
|
- --providers.docker=true
|
||
|
- --providers.docker.swarmMode=true
|
||
|
- --providers.docker.exposedbydefault=false
|
||
|
- --providers.docker.network=${DOCKER_NETWORK}
|
||
|
- --entrypoints.web.address=:80
|
||
|
- --entrypoints.websecure.address=:443
|
||
|
- --certificatesresolvers.letsencrypt.acme.httpchallenge=true
|
||
|
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
|
||
|
- --certificatesresolvers.letsencrypt.acme.email=${EMAIL}
|
||
|
- --certificatesresolvers.letsencrypt.acme.storage=/data/coolify/acme.json
|
||
|
volumes:
|
||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||
|
- /data/coolify:/data/coolify
|
||
|
networks:
|
||
|
- ${DOCKER_NETWORK}
|
||
|
deploy:
|
||
|
update_config:
|
||
|
parallelism: 1
|
||
|
delay: 10s
|
||
|
order: start-first
|
||
|
replicas: 1
|
||
|
placement:
|
||
|
constraints:
|
||
|
- node.role == manager
|
||
|
labels:
|
||
|
- "traefik.enable=true"
|
||
|
- "traefik.http.routers.api.entrypoints=websecure"
|
||
|
- "traefik.http.routers.api.service=api@internal"
|
||
|
- "traefik.http.routers.api.middlewares=auth"
|
||
|
- "traefik.http.services.traefik.loadbalancer.server.port=80"
|
||
|
- "traefik.http.services.traefik.loadbalancer.server.port=443"
|
||
|
|
||
|
# Global redirect www to non-www
|
||
|
- "traefik.http.routers.www-catchall.rule=hostregexp(`{host:www.(.+)}`)"
|
||
|
- "traefik.http.routers.www-catchall.entrypoints=web"
|
||
|
- "traefik.http.routers.www-catchall.middlewares=redirect-www-to-nonwww"
|
||
|
- "traefik.http.middlewares.redirect-www-to-nonwww.redirectregex.regex=^http://(?:www\\.)?(.+)"
|
||
|
- "traefik.http.middlewares.redirect-www-to-nonwww.redirectregex.replacement=http://$$$${1}"
|
||
|
|
||
|
# Global redirect http to https
|
||
|
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)"
|
||
|
- "traefik.http.routers.http-catchall.entrypoints=web"
|
||
|
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
|
||
|
|
||
|
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
||
|
- "traefik.http.middlewares.global-compress.compress=true"
|
||
|
|
||
|
coolify:
|
||
|
image: coolify
|
||
|
hostname: coollabs-coolify
|
||
|
env_file:
|
||
|
- .env
|
||
|
networks:
|
||
|
- ${DOCKER_NETWORK}
|
||
|
command: "yarn start"
|
||
|
volumes:
|
||
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||
|
deploy:
|
||
|
update_config:
|
||
|
parallelism: 1
|
||
|
delay: 10s
|
||
|
order: start-first
|
||
|
replicas: 1
|
||
|
labels:
|
||
|
- "traefik.enable=true"
|
||
|
- "traefik.http.routers.coolify.entrypoints=websecure"
|
||
|
- "traefik.http.routers.coolify.tls.certresolver=letsencrypt"
|
||
|
- "traefik.http.routers.coolify.rule=Host(`${DOMAIN}`) && PathPrefix(`/`)"
|
||
|
- "traefik.http.services.coolify.loadbalancer.server.port=3000"
|
||
|
- "traefik.http.routers.coolify.middlewares=global-compress"
|
||
|
|
||
|
networks:
|
||
|
${DOCKER_NETWORK}:
|
||
|
driver: overlay
|
||
|
name: ${DOCKER_NETWORK}
|
||
|
external: true
|
||
|
|