-
Notifications
You must be signed in to change notification settings - Fork 62
deployment notes
Evan Feenstra edited this page May 11, 2020
·
10 revisions
traefik.yaml
api:
insecure: true
log:
level: DEBUG
providers:
docker: {}
entryPoints:
web:
address: ":80"
websecure:
address: ":443"
mqttsecure:
address: ":8883"
certificatesResolvers:
myresolver:
acme:
email: [email protected]
storage: /letsencrypt/acme.json
caServer: https://acme-v02.api.letsencrypt.org/directory
dnsChallenge:
provider: route53
docker-compose.yaml
version: '2'
services:
reverse-proxy:
# The official v2 Traefik docker image
image: traefik:v2.2
# Enables the web UI and tells Traefik to listen to docker
# command: --configFile=/home/ec2-user/sphinx-deploy/traefik.yaml
ports:
# The HTTP port
- 80:80
# The Web UI (enabled by --api.insecure=true)
- 8080:8080
- 443:443
- 8883:8883
volumes:
# So that Traefik can listen to the Docker events
- /var/run/docker.sock:/var/run/docker.sock
- /home/ec2-user/sphinx-deploy/traefik.yaml:/etc/traefik/traefik.yaml
- /home/ec2-user/letsencrypt:/letsencrypt
environment:
- AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
- AWS_REGION=$AWS_REGION
auth:
image: sphinx-auth
depends_on:
- reverse-proxy
ports:
- "9090:9090"
labels:
- "traefik.http.routers.auth.rule=Host(`auth.docker.localhost`)"
restart: on-failure
tribes:
image: sphinx-tribes
depends_on:
- auth
- reverse-proxy
# ports:
# - "5002:5002"
# - "1883:1883"
labels:
- "traefik.enable=true"
- "traefik.http.routers.tribes.rule=Host(`tribes.sphinx.chat`)"
- "traefik.http.services.tribes.loadbalancer.server.port=5002"
- "traefik.http.routers.tribes.tls=true"
- "traefik.http.routers.tribes.tls.certresolver=myresolver"
- "traefik.http.routers.tribes.entrypoints=websecure"
- "traefik.tcp.routers.tribes.rule=HostSNI(`tribes.sphinx.chat`)"
- "traefik.tcp.services.tribes.loadbalancer.server.port=1883"
- "traefik.tcp.routers.tribes.tls=true"
- "traefik.tcp.routers.tribes.tls.certresolver=myresolver"
- "traefik.tcp.routers.tribes.entrypoints=mqttsecure"
restart: on-failure