diff --git a/bootstrap.docker-compose.yml b/bootstrap.docker-compose.yml index fcab2ba..c53722c 100644 --- a/bootstrap.docker-compose.yml +++ b/bootstrap.docker-compose.yml @@ -26,6 +26,10 @@ services: configs: - source: traefik_config target: /etc/traefik/traefik.yml + secrets: + - traefik_password + - traefik_tls_cert + - traefik_tls_key depends_on: - docker restart: unless-stopped @@ -92,5 +96,11 @@ configs: file: ${SERVICES_DIR?}/traefik/configs/traefik.yml secrets: + traefik_password: + file: ${SERVICES_DIR?}/traefik/secrets/htpasswd + traefik_tls_cert: + file: ${SERVICES_DIR?}/traefik/secrets/traefik.cert + traefik_tls_key: + file: ${SERVICES_DIR?}/traefik/secrets/traefik.key portainer_password: file: ${SERVICES_DIR?}/portainer/secrets/portainer_password diff --git a/services/traefik/configs/traefik.yml b/services/traefik/configs/traefik.yml index d705c1e..76410b2 100644 --- a/services/traefik/configs/traefik.yml +++ b/services/traefik/configs/traefik.yml @@ -17,10 +17,10 @@ entryPoints: web: address: :80 http: -# redirections: -# entryPoint: -# to: websecure -# scheme: https + redirections: + entryPoint: + to: websecure + scheme: https websecure: address: :443 http: diff --git a/services/traefik/volumes/config/tls.yaml b/services/traefik/volumes/config/tls.yaml new file mode 100644 index 0000000..0a95f30 --- /dev/null +++ b/services/traefik/volumes/config/tls.yaml @@ -0,0 +1,6 @@ +tls: + stores: + default: + defaultCertificate: + certFile: /run/secrets/traefik.cert + keyFile: /run/secrets/traefik.key diff --git a/services/traefik/volumes/config/traefik.yml b/services/traefik/volumes/config/traefik.yml index dc37a1b..4c880dc 100644 --- a/services/traefik/volumes/config/traefik.yml +++ b/services/traefik/volumes/config/traefik.yml @@ -3,3 +3,9 @@ http: traefik: rule: Host(`traefik.dev.dedicated.contact`) service: api@internal + middlewares: {} + #- traefik-auth + middlewares: + traefik-auth: + basicAuth: + usersFile: /run/secrets/htpasswd