-
Notifications
You must be signed in to change notification settings - Fork 3
/
production.yml
86 lines (80 loc) · 2.76 KB
/
production.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
version: '3'
volumes:
production_letsencrypt: {}
networks:
backend:
proxy:
external: true
services:
traefik:
image: traefik:latest
container_name: lab_production_traefik
restart: always
ports:
- "80:80"
- "8080:8080"
- "443:443"
command:
- --api.insecure=false
- --api.dashboard=true
- --api.debug=true
- --log.filePath=./apps/traefik/logs/traefik.log
- --log.level=DEBUG
- --log.format=json
- --accesslog=true
- --accesslog.format=json
- --accesslog.filepath=./apps/traefik/logs/access.log
- --accesslog.bufferingsize=100
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --providers.docker.network=proxy
- --entrypoints.web.address=:80
- --entrypoints.web-secured.address=:443
- --certificatesresolvers.le.acme.httpChallenge.entrypoint=web
- --certificatesresolvers.le.acme.email=m3hrdadfi@m3hrdadfi.com
- --certificatesresolvers.le.acme.storage=/letsencrypt/acme.json
volumes:
- production_letsencrypt:/letsencrypt
- /var/run/docker.sock:/var/run/docker.sock
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.api.rule=Host(`traefik.example.com`)"
- "traefik.http.routers.api.entrypoints=web"
- "traefik.http.routers.api-secured.rule=Host(`traefik.example.com`)"
- "traefik.http.routers.api-secured.entrypoints=web-secured"
- "traefik.http.routers.api.service=api@internal" # Let the dashboard access the traefik api
- "traefik.http.routers.api.middlewares=api-auth"
- "traefik.http.routers.api-secured.middlewares=api-auth"
streamlit:
build:
context: .
dockerfile: ./compose/local/Dockerfile
image: lab_production_streamlit
restart: always
networks:
- proxy
- backend
volumes:
- .:/app
ports:
- "8501:8501"
command: /start
labels:
- "traefik.enable=true"
- "traefik.http.routers.streamlit.rule=Host(`albert.example.com`)"
- "traefik.http.routers.streamlit.entrypoints=web"
- "traefik.http.routers.streamlit-secured.rule=Host(`albert.example.com`)"
- "traefik.http.routers.streamlit-secured.entrypoints=web-secured"
- "traefik.http.routers.streamlit-secured.tls.certresolver=le"
- "traefik.http.services.streamlit.loadbalancer.server.port=8501" # it seems you always need to give traefik a port so it 'notices' the service
- "traefik.http.routers.streamlit.middlewares=streamlit-redirect-to-https"
- "traefik.http.middlewares.streamlit-redirect-to-https.redirectscheme.scheme=https"
mail:
image: bytemark/smtp
restart: always
networks:
- backend
labels:
- "traefik.enable=false"