finicky9298/quixotic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

global traefik

Browse Source
This commit is contained in:
Andrey Kondratev
2025-11-05 20:09:55 +05:00
parent 3b2d5ece24
commit e7dc0c59e3
1 changed files with 6 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
docker-compose.yml
View File

@@ -1,40 +1,4 @@
services: services:
# Traefik reverse proxy
traefik:
image: traefik:v3.5.1
container_name: quixotic-traefik
restart: unless-stopped
env_file:
- .env.docker
command:
- --api.dashboard=true
- --api.insecure=false
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --certificatesresolvers.letsencrypt.acme.httpchallenge=true
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
- --certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL:-admin@example.com}
- --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
- --log.level=INFO
ports:
- "80:80"
- "443:443"
- "8080:8080" # Traefik dashboard
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- traefik-ssl-certs:/letsencrypt
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.rule=Host(`traefik.${DOMAIN:-localhost}`)"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.users=${TRAEFIK_AUTH:-admin:$$2y$$10$$8qCUOc.FKLB8o4X8ZGVb7OU4xrslBUjOdBPtRz9wM7YJ9.XsGVzui}" # admin:password
networks:
- quixotic
# PostgreSQL database
postgres: postgres:
image: postgres:15-alpine image: postgres:15-alpine
container_name: quixotic-postgres container_name: quixotic-postgres
@@ -56,7 +20,6 @@ services:
timeout: 5s timeout: 5s
retries: 5 retries: 5
# Main application
quixotic-app: quixotic-app:
build: build:
context: . context: .
@@ -74,34 +37,26 @@ services:
- downloads:/app/downloads - downloads:/app/downloads
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
# HTTPS router for production domains - "traefik.http.routers.quixotic.rule=Host(`${DOMAIN}`)"
- "traefik.http.routers.quixotic.rule=Host(`${DOMAIN:-localhost}`) && !Host(`localhost`)"
- "traefik.http.routers.quixotic.entrypoints=websecure" - "traefik.http.routers.quixotic.entrypoints=websecure"
- "traefik.http.routers.quixotic.tls.certresolver=letsencrypt" - "traefik.http.routers.quixotic.tls.certresolver=letsencrypt"
- "traefik.http.routers.quixotic.service=quixotic" - "traefik.http.routers.quixotic.service=quixotic"
# HTTP router for localhost (no SSL)
- "traefik.http.routers.quixotic-http.rule=Host(`localhost`)"
- "traefik.http.routers.quixotic-http.entrypoints=web"
- "traefik.http.routers.quixotic-http.service=quixotic"
# HTTP to HTTPS redirect only for non-localhost
- "traefik.http.routers.quixotic-redirect.rule=Host(`${DOMAIN:-localhost}`) && !Host(`localhost`)"
- "traefik.http.routers.quixotic-redirect.entrypoints=web"
- "traefik.http.routers.quixotic-redirect.middlewares=redirect-to-https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.services.quixotic.loadbalancer.server.port=3000" - "traefik.http.services.quixotic.loadbalancer.server.port=3000"
- "traefik.docker.network=traefik-global"
depends_on: depends_on:
traefik:
condition: service_started
postgres: postgres:
condition: service_healthy condition: service_healthy
networks: networks:
- quixotic - quixotic
- traefik-global
volumes: volumes:
traefik-ssl-certs:
downloads: downloads:
postgres-data: postgres-data:
networks: networks:
quixotic: quixotic:
driver: bridge driver: bridge
traefik-global:
external: true