-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathdocker-compose.yml
66 lines (62 loc) · 2.21 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
version: "3.7"
services:
traefik:
image: traefik:v2.6
command:
# Entrypoints configuration
- --entrypoints.web.address=:80
# Docker provider configuration
- --providers.docker=true
# Makes sure that services have to explicitly direct Traefik to expose them
- --providers.docker.exposedbydefault=false
# Use the secure docker socket proxy
- --providers.docker.endpoint=tcp://socket_proxy:2375
# Default docker network to use for connections to all containers
- --providers.docker.network=traefik_public
# Logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
- --log.level=info
ports:
- 80:80
networks:
- traefik_public
- socket_proxy
restart: unless-stopped
depends_on:
- socket_proxy
# https://github.com/traefik/whoami
whoami:
image: traefik/whoami:v1.7.1
labels:
# Explicitly instruct Traefik to expose this service
- traefik.enable=true
# Router configuration
## Listen to the `web` entrypoint
- traefik.http.routers.whoami_route.entrypoints=web
## Rule based on the Host of the request
- traefik.http.routers.whoami_route.rule=Host(`whoami.karvounis.tutorial`)
- traefik.http.routers.whoami_route.service=whoami_service
# Service configuration
## 80 is the port that the whoami container is listening to
- traefik.http.services.whoami_service.loadbalancer.server.port=80
networks:
- traefik_public
# https://github.com/Tecnativa/docker-socket-proxy
# Security-enhanced proxy for the Docker Socket
# Giving access to your Docker socket could mean giving root access to your host, or even to your whole swarm, but some services require hooking into that socket to react to events, etc. Using this proxy lets you block anything you consider those services should not do.
socket_proxy:
image: tecnativa/docker-socket-proxy:latest
restart: unless-stopped
environment:
NETWORKS: 1
SERVICES: 1
CONTAINERS: 1
TASKS: 1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- socket_proxy
networks:
traefik_public:
external: true
socket_proxy:
external: true