docker部署traefik

sagit

2021 年 03 月 08 日

774 次浏览

2 条评论

3356字数

Linux

# 前言

我的docker是truenas scale的，所以是被禁用了bridge，我这里是自己创建了一个macvlan，所以都是在macvlan上的

# 创建文件

```
mkdir -p /mnt/important/docker/traefik/configurations
touch docker-compose.yml
touch /mnt/important/docker/traefik/traefik.yml
touch /mnt/important/docker/traefik/acme.json
touch /mnt/important/docker/traefik/configurations/dynamic.yml
chmod 600 /mnt/important/docker/traefik/acme.json
```

## traefik.yml

```
api:
  dashboard: true

entryPoints:
  web:
    address: :80
    http:
      redirections:
        entryPoint:
          to: websecure

websecure:
    address: :443
    http:
      middlewares:
        - secureHeaders@file
      tls:
        certResolver: letsencrypt
              
providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  file:
    filename: /configurations/dynamic.yml

certificatesResolvers:
  letsencrypt:
    acme:
      email: admin@yourdomain
      storage: acme.json
      keyType: EC384
      httpChallenge:
        entryPoint: web
        
  buypass:
    acme:
      email: admin@yourdomain
      storage: acme.json
      caServer: https://api.buypass.com/acme/directory 
      keyType: EC256
      httpChallenge:
        entryPoint: web
```

email地址改成自己的

## dynamic.yml

```
http:
  middlewares:
    secureHeaders:
      headers:
        sslRedirect: true
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsPreload: true
        stsSeconds: 31536000
                
    # UserName : admin
    # Password : qwer1234          
    user-auth:
      basicAuth:
        users:
          - "admin:$apr1$tm53ra6x$FntXd6jcvxYM/YH0P2hcc1"
          
tls:
  options:
    default:
      cipherSuites:
        - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
        - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
      minVersion: VersionTLS12
```

# Docker-compose

```
version: '3.7'

services:
  traefik:
    image: traefik:latest
    container_name: traefik
    restart: always
    security_opt:
      - no-new-privileges:true
    ports:
      - 80:80
      - 443:443
    
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /mnt/important/docker/traefik/traefik.yml:/traefik.yml:ro
      - /mnt/important/docker/traefik/acme.json:/acme.json
      
      # Add folder with dynamic configuration yml
      - /mnt/important/docker/traefik/configurations:/configurations

networks:
      - macvlan
    labels:
      - "traefik.enable=true"
      - "traefik.http.services.justAdummyService.loadbalancer.server.port=1337"
      - "traefik.docker.network=macvlan"
      - "traefik.http.routers.traefik-secure.entrypoints=websecure"
      - "traefik.http.routers.traefik-secure.rule=Host(`yourdomain`)"
      - "traefik.http.routers.traefik-secure.middlewares=user-auth@file"
      - "traefik.http.routers.traefik-secure.service=api@internal"

networks:
  macvlan:
    external: true
```

把`yourdomain`换成自己的IP或者域名

# 运行

```
docker-compose up -d
```

访问`yourdomain`就可以看到dashboard了

最后修改：2022 年 04 月 18 日

如果觉得我的文章对你有用，请随意赞赏

docker部署traefik

sagit • 2021 年 03 月 08 日

馬騳驫
May 7th, 2022 at 02:27 pm

你好，我想请问下traefik是否可以代理非docker部署的网页

回复
1. sagit
  May 12th, 2022 at 09:08 am
  
  @馬騳驫
  
  可以
  
  回复

发表评论取消回复

评论 *

私密评论

名称 *

🎲

邮箱 *

地址

hllshiro
楼主您好。我在某次设备意外断电恢复后，所有使用balancer...
求助呀呀呀啊
折腾两个月了,多拨以后网页访问没问题 ,但是jellyfin...
K2
应用名称:zerotierpod名:zerotier-867b...
鹏鹏
大神咨询一下，为什么我的truenas scale安装app一...
義恒
博主，我想问一下，这个时间显示错误怎么解决啊？

docker部署traefik

2 条评论

发表评论取消回复

使用RouterOS，OSPF 和OpenWRT给国内外 IP 分流

TrueNAS APP应用添加TrueCharts社区catalog目录

TrueNAS SCALE APP应用安装教程，自定义app安装

RouterOS使用IP地址列表分流，分流给旁路由或者VPN

青龙面板配置京东计划方法

TrueNAS 定时删除回收站

RouterOS wireguard与外网链接回家访问家里局域网

宝塔手动升级Nginx，开启TLS1.3 final(已修改)

TrueNAS SCALE 挂载其他文件系统硬盘

TrueNAS SCALE APP安装plex并开启硬解

docker部署traefik

2 条评论

发表评论 取消回复

docker部署traefik

发表评论取消回复