Add HTTPS/SSL support
This commit adds HTTPS and SSL support via `mkcert` to projects using the Traefik proxy. This does require changing the URLs from `*.localhost` to `*.docker.localhost`, but this is something that can easily be done by updating the template files in Build Configs. Based on https://github.com/Heziode/traefik-v2-https-ssl-localhost.
This commit is contained in:
parent
840e90d5a9
commit
34174d22fe
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
/certs/*.pem
|
0
certs/.keep
Normal file
0
certs/.keep
Normal file
|
@ -2,17 +2,21 @@ services:
|
||||||
reverse-proxy:
|
reverse-proxy:
|
||||||
image: "traefik:v2.5"
|
image: "traefik:v2.5"
|
||||||
ports:
|
ports:
|
||||||
|
- "443:443"
|
||||||
- "80:80"
|
- "80:80"
|
||||||
- "8080:8080"
|
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
volumes:
|
volumes:
|
||||||
- "./traefik.yml:/etc/traefik/traefik.yml"
|
- "./traefik.yml:/etc/traefik/traefik.yml"
|
||||||
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
||||||
|
- ./certs:/etc/certs:ro
|
||||||
|
- ./config/dynamic.yml:/etc/traefik/dynamic.yml:ro
|
||||||
|
- ./config/static.yml:/etc/traefik/traefik.yml:ro
|
||||||
|
security_opt:
|
||||||
|
- no-new-privileges:true
|
||||||
labels:
|
labels:
|
||||||
- "traefik.enable=false"
|
- "traefik.enable=false"
|
||||||
networks:
|
networks:
|
||||||
- traefik_proxy
|
- traefik_proxy
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
traefik_proxy:
|
traefik_proxy:
|
||||||
external: true
|
external: true
|
15
config/dynamic.yml
Normal file
15
config/dynamic.yml
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
http:
|
||||||
|
routers:
|
||||||
|
traefik:
|
||||||
|
rule: "Host(`traefik.docker.localhost`)"
|
||||||
|
service: "api@internal"
|
||||||
|
tls:
|
||||||
|
domains:
|
||||||
|
- main: "docker.localhost"
|
||||||
|
sans:
|
||||||
|
- "*.docker.localhost"
|
||||||
|
|
||||||
|
tls:
|
||||||
|
certificates:
|
||||||
|
- certFile: "/etc/certs/local-cert.pem"
|
||||||
|
keyFile: "/etc/certs/local-key.pem"
|
32
config/static.yml
Normal file
32
config/static.yml
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
global:
|
||||||
|
sendAnonymousUsage: false
|
||||||
|
|
||||||
|
api:
|
||||||
|
dashboard: true
|
||||||
|
insecure: true
|
||||||
|
|
||||||
|
providers:
|
||||||
|
docker:
|
||||||
|
endpoint: "unix:///var/run/docker.sock"
|
||||||
|
watch: true
|
||||||
|
exposedByDefault: false
|
||||||
|
|
||||||
|
file:
|
||||||
|
filename: /etc/traefik/dynamic.yml
|
||||||
|
watch: true
|
||||||
|
|
||||||
|
log:
|
||||||
|
level: INFO
|
||||||
|
format: common
|
||||||
|
|
||||||
|
entryPoints:
|
||||||
|
http:
|
||||||
|
address: ":80"
|
||||||
|
http:
|
||||||
|
redirections:
|
||||||
|
entryPoint:
|
||||||
|
to: https
|
||||||
|
scheme: https
|
||||||
|
|
||||||
|
https:
|
||||||
|
address: ":443"
|
Reference in a new issue