54 lines
1.7 KiB
TOML
54 lines
1.7 KiB
TOML
[services.traefik]
|
|
image = "traefik"
|
|
container_name = "traefik"
|
|
restart = "unless-stopped"
|
|
ports = ["80:80", "443:443/tcp", "443:443/udp"]
|
|
environment = [
|
|
"TZ=Europe/Helsinki",
|
|
"ADMIN_EMAIL",
|
|
"CF_API_EMAIL=${ADMIN_EMAIL}",
|
|
"CF_API_KEY",
|
|
"CF_ZONE_API_TOKEN",
|
|
"CF_DNS_API_TOKEN",
|
|
]
|
|
security_opt = ["no-new-privileges:true"]
|
|
networks = ["proxy"]
|
|
volumes = [
|
|
"/etc/localtime:/etc/localtime:ro",
|
|
"/var/run/docker.sock:/var/run/docker.sock:ro",
|
|
"./traefik.toml:/traefik.toml:ro",
|
|
"./dynamic.toml:/dynamic.toml:ro",
|
|
"/docker/traefik/traefik/acme.json:/acme.json",
|
|
"/docker/traefik/traefik/log:/var/log",
|
|
]
|
|
labels = [
|
|
"traefik.enable=true",
|
|
"traefik.docker.network=proxy",
|
|
"traefik.http.routers.redirect.entrypoints=http",
|
|
"traefik.http.routers.redirect.rule=Host(`traefik.korhonen.cc`)",
|
|
"traefik.http.routers.redirect.middlewares=http2https@file",
|
|
"traefik.http.routers.dashboard.entrypoints=https",
|
|
"traefik.http.routers.dashboard.middlewares=secHeaders@file,compress@file,authentik@file",
|
|
"traefik.http.routers.dashboard.rule=Host(`traefik.korhonen.cc`)",
|
|
"traefik.http.routers.dashboard.service=api@internal",
|
|
]
|
|
|
|
[services.fail2ban]
|
|
image = "crazymax/fail2ban"
|
|
container_name = "fail2ban"
|
|
restart = "unless-stopped"
|
|
network_mode = "host"
|
|
cap_add = ["NET_ADMIN", "NET_RAW"]
|
|
environment = ["TZ=Europe/Helsinki"]
|
|
volumes = [
|
|
"/etc/localtime:/etc/localtime:ro",
|
|
"/docker/traefik/traefik/log:/var/log/traefik:ro",
|
|
"/docker/traefik/fail2ban:/data",
|
|
"/docker/forgejo/gitea/log/gitea.log:/var/log/forgejo:ro",
|
|
"/docker/homeautomation/home-assistant/home-assistant.log:/var/log/hass",
|
|
"/mnt/Storage/Nextcloud/nextcloud.log:/var/log/nextcloud:ro",
|
|
]
|
|
|
|
[networks.proxy]
|
|
external = true
|