From edd426a6279fdd95983156f23249ec4869c19afb Mon Sep 17 00:00:00 2001 From: emile Date: Thu, 10 Oct 2019 12:47:46 -0400 Subject: added the *.env to the .gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index ccc90aa..75d0e26 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ letsencrypt/ +*.env -- cgit 1.4.1 From 0353114e6fe7919f6f83ac3c5852b4e391235ca4 Mon Sep 17 00:00:00 2001 From: emile Date: Thu, 10 Oct 2019 12:58:24 -0400 Subject: cloudflare wildcard --- docker-compose.yml | 4 +++- traefik_users | 5 +++++ 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 traefik_users diff --git a/docker-compose.yml b/docker-compose.yml index 5b75a28..d982fd2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,7 +10,9 @@ services: - "--providers.docker.exposedbydefault=false" - "--entrypoints.web.address=:80" - "--entrypoints.websecure.address=:443" - - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true" + - "--certificatesresolvers.mytlschallenge.acme.dnschallenge=true" + - "--certificatesresolvers.mytlschallenge.acme.dnschallenge.delaybeforecheck=0" + - "--certificatesresolvers.mytlschallenge.acme.dnschallenge.provider=cloudflare" - "--certificatesresolvers.mytlschallenge.acme.email=hanemile@protonmail.com" - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json" - "--metrics.prometheus=true" diff --git a/traefik_users b/traefik_users new file mode 100644 index 0000000..140b1a5 --- /dev/null +++ b/traefik_users @@ -0,0 +1,5 @@ +# insert traefik users here +# +# Generate user:pass: +# $ htpasswd -nb user password + -- cgit 1.4.1 From 520949754c8f033a864cb8ed0b194e5faa3d4ff5 Mon Sep 17 00:00:00 2001 From: emile Date: Thu, 10 Oct 2019 12:58:55 -0400 Subject: basicauth --- docker-compose.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index d982fd2..2f0cf27 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -23,14 +23,17 @@ services: volumes: - "./letsencrypt:/letsencrypt" - "/var/run/docker.sock:/var/run/docker.sock:ro" + - "./traefik_users:/traefik_users" labels: - "traefik.enable=true" - "traefik.http.routers.traefik.entrypoints=web" - "traefik.http.routers.traefik.rule=Host(`traefik.${HOSTNAME}`)" + - "traefik.http.middlewares.traefik-auth.basicauth.usersFile=/traefik_users" - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https" - "traefik.http.routers.traefik.middlewares=traefik-https-redirect" - "traefik.http.routers.traefik-secure.entrypoints=websecure" - "traefik.http.routers.traefik-secure.rule=Host(`traefik.${HOSTNAME}`)" + - "traefik.http.routers.traefik-secure.middlewares=traefik-auth" - "traefik.http.routers.traefik-secure.tls=true" - "traefik.http.routers.traefik-secure.tls.certresolver=mytlschallenge" - "traefik.http.routers.traefik-secure.service=api@internal" -- cgit 1.4.1