Loading... # 前言 我的docker是truenas scale的,所以是被禁用了bridge,我这里是自己创建了一个macvlan,所以都是在macvlan上的 # 创建文件 ``` mkdir -p /mnt/important/docker/traefik/configurations touch docker-compose.yml touch /mnt/important/docker/traefik/traefik.yml touch /mnt/important/docker/traefik/acme.json touch /mnt/important/docker/traefik/configurations/dynamic.yml chmod 600 /mnt/important/docker/traefik/acme.json ``` ## traefik.yml ``` api: dashboard: true entryPoints: web: address: :80 http: redirections: entryPoint: to: websecure websecure: address: :443 http: middlewares: - secureHeaders@file tls: certResolver: letsencrypt providers: docker: endpoint: "unix:///var/run/docker.sock" exposedByDefault: false file: filename: /configurations/dynamic.yml certificatesResolvers: letsencrypt: acme: email: admin@yourdomain storage: acme.json keyType: EC384 httpChallenge: entryPoint: web buypass: acme: email: admin@yourdomain storage: acme.json caServer: https://api.buypass.com/acme/directory keyType: EC256 httpChallenge: entryPoint: web ``` email地址改成自己的 ## dynamic.yml ``` http: middlewares: secureHeaders: headers: sslRedirect: true forceSTSHeader: true stsIncludeSubdomains: true stsPreload: true stsSeconds: 31536000 # UserName : admin # Password : qwer1234 user-auth: basicAuth: users: - "admin:$apr1$tm53ra6x$FntXd6jcvxYM/YH0P2hcc1" tls: options: default: cipherSuites: - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 minVersion: VersionTLS12 ``` # Docker-compose ``` version: '3.7' services: traefik: image: traefik:latest container_name: traefik restart: always security_opt: - no-new-privileges:true ports: - 80:80 - 443:443 volumes: - /etc/localtime:/etc/localtime:ro - /var/run/docker.sock:/var/run/docker.sock:ro - /mnt/important/docker/traefik/traefik.yml:/traefik.yml:ro - /mnt/important/docker/traefik/acme.json:/acme.json # Add folder with dynamic configuration yml - /mnt/important/docker/traefik/configurations:/configurations networks: - macvlan labels: - "traefik.enable=true" - "traefik.http.services.justAdummyService.loadbalancer.server.port=1337" - "traefik.docker.network=macvlan" - "traefik.http.routers.traefik-secure.entrypoints=websecure" - "traefik.http.routers.traefik-secure.rule=Host(`yourdomain`)" - "traefik.http.routers.traefik-secure.middlewares=user-auth@file" - "traefik.http.routers.traefik-secure.service=api@internal" networks: macvlan: external: true ``` 把`yourdomain`换成自己的IP或者域名 # 运行 ``` docker-compose up -d ``` 访问`yourdomain`就可以看到dashboard了 最后修改:2022 年 04 月 18 日 © 允许规范转载 打赏 赞赏作者 支付宝微信 赞 0 如果觉得我的文章对你有用,请随意赞赏
2 条评论
你好,我想请问下traefik是否可以代理非docker部署的网页
可以