50 lines
1.9 KiB
YAML
50 lines
1.9 KiB
YAML
# https://hub.docker.com/r/rootproject/root
|
|
|
|
name: root
|
|
|
|
networks:
|
|
traefik-net:
|
|
external: true
|
|
|
|
services:
|
|
root:
|
|
image: lscr.io/linuxserver/root:latest
|
|
container_name: "${APPLICATION_NAME}"
|
|
networks:
|
|
- traefik-net
|
|
environment:
|
|
- PUID
|
|
- PGID
|
|
- TZ
|
|
volumes:
|
|
- "${DATADIR}/config:/config"
|
|
|
|
restart: unless-stopped
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.docker.network=traefik-net
|
|
#
|
|
# http service
|
|
# ------------
|
|
- "traefik.http.services.${APPLICATION_NAME}-svc.loadbalancer.server.port=${WEBUI_PORT}"
|
|
#
|
|
# http routers
|
|
# ------------
|
|
# limit router to web ":80" entrypoint (Note: web entrypoint http requests are globally redirected to websecure router in traefik.yml)
|
|
- "traefik.http.routers.${APPLICATION_NAME}-rtr.entrypoints=web"
|
|
# set match criteria for router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&& PathPrefix(`/`)"
|
|
# assign svc target to router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-rtr.service=${APPLICATION_NAME}-svc"
|
|
#
|
|
# limit router to websecure ":443" entrypoint
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.entrypoints=websecure"
|
|
# set match criteria for router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&& PathPrefix(`/`)"
|
|
# set router to be dedicated to secure requests only for the host specified in match criteria
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls=true"
|
|
# generate certificates using following certresolver
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls.certresolver=sthomeresolver"
|
|
# assign svc target to router
|
|
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.service=${APPLICATION_NAME}-svc"
|