# yaml-language-server: $schema=https://raw.githubusercontent.com/compose-spec/compose-spec/master/schema/compose-spec.json services: traefik: extends: file: ../compose.base.yaml service: exposed-service container_name: traefik image: traefik # TODO: Run as non root user #user: ${NASCOMPOSE_UID?}:${NASCOMPOSE_GID?} environment: NASCOMPOSE_DOMAIN: ${NASCOMPOSE_DOMAIN?} NASCOMPOSE_ROUTER_URL: ${NASCOMPOSE_ROUTER_URL?} TRAEFIK_CERTIFICATESRESOLVERS_DEFAULTRESOLVER_ACME_EMAIL: admin@${NASCOMPOSE_DOMAIN?} volumes: - /var/run/docker.sock:/var/run/docker.sock - ./volumes/traefik_acme/:/etc/traefik/acme/ - ./volumes/traefik_logs/:/var/log/traefik/ - ./configs/traefik.yml:/etc/traefik/traefik.yml:ro - ./configs/dynamic:/etc/traefik/dynamic:ro - ./secrets/cf_dns_token:/run/secrets/cf_dns_token:ro labels: traefik.http.routers.traefik.service: api@internal traefik.http.routers.traefik.middlewares: authelia@file traefik.http.services.traefik.loadbalancer.server.port: 8081 endlessh: extends: file: ../compose.base.yaml service: exposed-service container_name: endlessh image: lscr.io/linuxserver/endlessh environment: PUID: ${NASCOMPOSE_UID?} PGID: ${NASCOMPOSE_GID?} labels: traefik.tcp.routers.endlessh.entryPoints: ssh-tarpit traefik.tcp.routers.endlessh.rule: HostSNI(`*`) # crowdsec: # hostname: crowdsec # image: crowdsecurity/crowdsec # environment: # COLLECTIONS: "crowdsecurity/traefik" # GID: ${NASCOMPOSE_GID?} # networks: # - reverse-proxy # volumes: # - ${NASCOMPOSE_SERVICES?}/reverse-proxy/configs/crowdsec_acquis.yml:/etc/crowdsec/acquis.yaml # - ${NASCOMPOSE_SERVICES?}/reverse-proxy/volumes/crowdsec_config/:/etc/crowdsec/ # - ${NASCOMPOSE_SERVICES?}/reverse-proxy/volumes/crowdsec_data/:/var/lib/crowdsec/data/ # - ${NASCOMPOSE_SERVICES?}/reverse-proxy/volumes/traefik_logs/:/var/log/traefik/:ro # restart: unless-stopped # labels: # traefik.enable: true # traefik.http.routers.crowdsec.middlewares: authelia@file networks: reverse-proxy: name: reverse-proxy