Add traefik (#1916)

* Add mosquitto broker
* Add documetation to mosquitto
* Add traefik
This commit is contained in:
Luis Coutinho 2019-02-09 11:25:21 +00:00 committed by Shao Yu-Lung (Allen)
parent d27f4368ee
commit eb0c941313
6 changed files with 136 additions and 1 deletions

View File

@ -1121,6 +1121,87 @@ docker-compose up -d grafana
<br>
<a name="Use-Traefik"></a>
## Use Traefik
To use Traefik you need to do some changes in `traefik/trafik.toml` and `docker-compose.yml`.
1 - Open `traefik.toml` and change the `e-mail` property in `acme` section.
2 - Change your domain in `acme.domains`. For example: `main = "example.org"`
2.1 - If you have subdomains, you must add them to `sans` property in `acme.domains` section.
```bash
[[acme.domais]]
main = "example.org"
sans = ["monitor.example.org", "pma.example.org"]
```
3 - If you need to add basic authentication (https://docs.traefik.io/configuration/entrypoints/#basic-authentication), you just need to add the following text after `[entryPoints.https.tls]`:
```bash
[entryPoints.https.auth.basic]
users = ["user:password"]
```
4 - You need to change the `docker-compose.yml` file to match the Traefik needs. If you want to use Traefik, you must not expose the ports of each container to the internet, but specify some labels.
4.1 For example, let's try with NGINX. You must have:
```bash
nginx:
build:
context: ./nginx
args:
- PHP_UPSTREAM_CONTAINER=${NGINX_PHP_UPSTREAM_CONTAINER}
- PHP_UPSTREAM_PORT=${NGINX_PHP_UPSTREAM_PORT}
- CHANGE_SOURCE=${CHANGE_SOURCE}
volumes:
- ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}
- ${NGINX_HOST_LOG_PATH}:/var/log/nginx
- ${NGINX_SITES_PATH}:/etc/nginx/sites-available
depends_on:
- php-fpm
networks:
- frontend
- backend
labels:
- traefik.backend=nginx
- traefik.frontend.rule=Host:example.org
- traefik.port=80
```
instead of
```bash
nginx:
build:
context: ./nginx
args:
- PHP_UPSTREAM_CONTAINER=${NGINX_PHP_UPSTREAM_CONTAINER}
- PHP_UPSTREAM_PORT=${NGINX_PHP_UPSTREAM_PORT}
- CHANGE_SOURCE=${CHANGE_SOURCE}
volumes:
- ${APP_CODE_PATH_HOST}:${APP_CODE_PATH_CONTAINER}
- ${NGINX_HOST_LOG_PATH}:/var/log/nginx
- ${NGINX_SITES_PATH}:/etc/nginx/sites-available
- ${NGINX_SSL_PATH}:/etc/nginx/ssl
ports:
- "${NGINX_HOST_HTTP_PORT}:80"
- "${NGINX_HOST_HTTPS_PORT}:443"
depends_on:
- php-fpm
networks:
- frontend
- backend
```
<br> <br>
<a name="Use-Mosquitto"></a> <a name="Use-Mosquitto"></a>
## Use Mosquitto (MQTT Broker) ## Use Mosquitto (MQTT Broker)
@ -1144,7 +1225,6 @@ docker-compose up -d mosquitto
<br> <br>
<a name="CodeIgniter"></a> <a name="CodeIgniter"></a>

View File

@ -1331,6 +1331,24 @@ services:
aliases: aliases:
- fetchmail - fetchmail
### TRAEFIK #########################################
traefik:
build:
context: ./traefik
command: --docker
volumes:
- /var/run/docker.sock:/var/run/docker.sock
ports:
- "${TRAEFIK_HOST_HTTP_PORT}:80"
- "${TRAEFIK_HOST_HTTPS_PORT}:443"
networks:
- frontend
- backend
labels:
- traefik.backend=traefik
- traefik.frontend.rule=Host:monitor.localhost
- traefik.port=8080
### MOSQUITTO Broker ######################################### ### MOSQUITTO Broker #########################################
mosquitto: mosquitto:
build: build:

View File

@ -623,6 +623,13 @@ MAILU_WEBMAIL=rainloop
# Dav server implementation (value: radicale, none) # Dav server implementation (value: radicale, none)
MAILU_WEBDAV=radicale MAILU_WEBDAV=radicale
### TRAEFIK #################################################
TRAEFIK_HOST_HTTP_PORT=80
TRAEFIK_HOST_HTTPS_PORT=443
### MOSQUITTO ################################################# ### MOSQUITTO #################################################
MOSQUITTO_PORT=9001 MOSQUITTO_PORT=9001

7
traefik/Dockerfile Normal file
View File

@ -0,0 +1,7 @@
FROM traefik:1.7.5-alpine
LABEL maintainer="Luis Coutinho <luis@luiscoutinho.pt>"
COPY traefik.toml acme.json /
RUN chmod 600 /acme.json

0
traefik/acme.json Normal file
View File

23
traefik/traefik.toml Normal file
View File

@ -0,0 +1,23 @@
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[web]
address = ":8080"
[acme]
email = "email@example.org"
storage = "acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
[[acme.domais]]
main = "localhost"