VPSサーバを借りた時の基本設定、その2
Portainerを入れる
Docker-composeでPotainerを起動するを参照のこと。
Traefikを入れる
Traefikを使ってLet’s Encryptの証明書を得る、
Traefikのダッシュボードを保護するを参照。
traefik用のネットワークを作成
docker network create traefik-network
docker-compose.yml
以下のme@example.com, traefik.example.com, =user:$$apr1$$d.yPkUve$………部分は変更の必要がある。
version: "3.3"
services:
traefik:
image: "traefik:v2.8"
container_name: "traefik"
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.httpchallenge=true"
- "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=me@example.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik_https.rule=Host(`traefik.example.com`)"
- "traefik.http.routers.traefik_https.entrypoints=websecure"
- "traefik.http.routers.traefik_https.tls=true"
- "traefik.http.routers.traefik_https.tls.certResolver=myresolver"
- "traefik.http.routers.traefik_https.service=api@internal"
- "traefik.http.routers.traefik_https.middlewares=test-auth"
- "traefik.http.middlewares.test-auth.basicauth.users=user:$$apr1$$d.yPkUve$............."
networks:
default:
external:
name: traefik-network