VPSサーバを借りた時の基本設定、その2

Portainerを入れる

Docker-composeでPotainerを起動するを参照のこと。

Traefikを入れる

Traefikを使ってLet’s Encryptの証明書を得る
Traefikのダッシュボードを保護するを参照。

traefik用のネットワークを作成

docker network create traefik-network

docker-compose.yml

以下のme@example.com, traefik.example.com, =user:$$apr1$$d.yPkUve$………部分は変更の必要がある。

version: "3.3"

services:

  traefik:
    image: "traefik:v2.8"
    container_name: "traefik"
    command:
      #- "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
      #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
      - "--certificatesresolvers.myresolver.acme.email=me@example.com"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    labels: 
      - "traefik.enable=true"
      - "traefik.http.routers.traefik_https.rule=Host(`traefik.example.com`)"
      - "traefik.http.routers.traefik_https.entrypoints=websecure"
      - "traefik.http.routers.traefik_https.tls=true"
      - "traefik.http.routers.traefik_https.tls.certResolver=myresolver"
      - "traefik.http.routers.traefik_https.service=api@internal"
      - "traefik.http.routers.traefik_https.middlewares=test-auth"
      - "traefik.http.middlewares.test-auth.basicauth.users=user:$$apr1$$d.yPkUve$............."
networks:
  default:
    external:
      name: traefik-network

未分類

Posted by ysugimura