Refactor: Reorganize services into standalone structure
This commit is contained in:
57
optimized/standalone/Traefik_Standalone/README.md
Normal file
57
optimized/standalone/Traefik_Standalone/README.md
Normal file
@@ -0,0 +1,57 @@
|
||||
# Traefik (Standalone Docker/Podman Host)
|
||||
|
||||
This directory contains the `docker-compose.yml` for a Traefik instance configured to run on a single Docker or Podman host. It acts as a reverse proxy and load balancer for services running on that specific host, utilizing the local `docker.sock` for provider discovery.
|
||||
|
||||
## Running with Podman Compose
|
||||
|
||||
To run this Traefik instance using `podman-compose`:
|
||||
|
||||
1. Navigate to this directory:
|
||||
```bash
|
||||
cd optimized/standalone/Traefik_Standalone
|
||||
```
|
||||
2. **Important**: Replace `DUCKDNS_TOKEN` placeholder with your actual DuckDNS token in the `docker-compose.yml`.
|
||||
3. Ensure the `./letsencrypt` directory exists and has appropriate permissions for ACME certificate storage.
|
||||
4. Ensure `traefik_dynamic.yml` exists and contains your dynamic configurations.
|
||||
5. Start the services:
|
||||
```bash
|
||||
podman-compose up -d
|
||||
```
|
||||
|
||||
## Running with Podman
|
||||
|
||||
You can run Traefik directly with Podman. Due to the extensive command-line arguments and volume mounts, using `podman-compose` is generally recommended for this setup.
|
||||
|
||||
A simplified `podman run` example for Traefik (you would need to adapt the command arguments and volumes fully):
|
||||
|
||||
```bash
|
||||
podman run -d \
|
||||
--name traefik \
|
||||
--restart unless-stopped \
|
||||
-e DUCKDNS_TOKEN="YOUR_DUCKDNS_TOKEN" \
|
||||
-p "80:80" -p "443:443" -p "8089:8089" \
|
||||
-v /var/run/docker.sock:/var/run/docker.sock:ro \
|
||||
-v ./letsencrypt:/letsencrypt \
|
||||
-v ./traefik_dynamic.yml:/etc/traefik/traefik_dynamic.yml:ro \
|
||||
traefik:latest \
|
||||
--api.insecure=false \
|
||||
--api.dashboard=true \
|
||||
--entrypoints.web.address=:80 \
|
||||
--entrypoints.websecure.address=:443 \
|
||||
--entrypoints.dashboard.address=:8089 \
|
||||
--providers.docker=true \
|
||||
--providers.docker.endpoint=unix:///var/run/docker.sock \
|
||||
--providers.docker.exposedbydefault=false \
|
||||
--providers.file.filename=/etc/traefik/traefik_dynamic.yml \
|
||||
--providers.file.watch=true \
|
||||
--certificatesresolvers.duckdns.acme.email=your@email.com \
|
||||
--certificatesresolvers.duckdns.acme.storage=/letsencrypt/acme.json \
|
||||
--certificatesresolvers.duckdns.acme.dnschallenge.provider=duckdns \
|
||||
--certificatesresolvers.duckdns.acme.dnschallenge.disablepropagationcheck=true
|
||||
```
|
||||
|
||||
## Notes
|
||||
|
||||
* This Traefik instance is for a single host. Your Swarm environment will have its own Traefik instance for cluster-wide routing.
|
||||
* Ensure that `traefik_dynamic.yml` and the `letsencrypt` directory are correctly configured and persistent.
|
||||
* The `whoami` service is a simple test service and will be automatically discovered by Traefik if correctly configured.
|
||||
53
optimized/standalone/Traefik_Standalone/docker-compose.yml
Normal file
53
optimized/standalone/Traefik_Standalone/docker-compose.yml
Normal file
@@ -0,0 +1,53 @@
|
||||
version: "3.9"
|
||||
|
||||
services:
|
||||
traefik:
|
||||
image: traefik:latest
|
||||
container_name: traefik
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
# Replace this placeholder with your DuckDNS token
|
||||
- DUCKDNS_TOKEN=03a4d8f7-695a-4f51-b66c-cc2fac555fc1
|
||||
networks:
|
||||
- web
|
||||
ports:
|
||||
- "80:80" # http
|
||||
- "443:443" # https
|
||||
- "8089:8089" # traefik dashboard (secure it if exposed)
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
- ./letsencrypt:/letsencrypt # <-- keep this directory inside WSL filesystem
|
||||
- ./traefik_dynamic.yml:/etc/traefik/traefik_dynamic.yml:ro
|
||||
command:
|
||||
|
||||
- --api.insecure=false
|
||||
- --api.dashboard=true
|
||||
- --entrypoints.web.address=:80
|
||||
- --entrypoints.websecure.address=:443
|
||||
- --entrypoints.dashboard.address=:8089
|
||||
- --providers.docker=true
|
||||
- --providers.docker.endpoint=unix:///var/run/docker.sock
|
||||
- --providers.docker.exposedbydefault=false
|
||||
- --providers.file.filename=/etc/traefik/traefik_dynamic.yml
|
||||
- --providers.file.watch=true
|
||||
- --certificatesresolvers.duckdns.acme.email=sterlenjohnson6@gmail.com
|
||||
- --certificatesresolvers.duckdns.acme.storage=/letsencrypt/acme.json
|
||||
- --certificatesresolvers.duckdns.acme.dnschallenge.provider=duckdns
|
||||
- --certificatesresolvers.duckdns.acme.dnschallenge.disablepropagationcheck=true
|
||||
|
||||
whoami:
|
||||
image: containous/whoami:latest
|
||||
container_name: whoami
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- web
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.whoami.rule=Host(`whoami.sj98.duckdns.org`)"
|
||||
- "traefik.http.routers.whoami.entrypoints=websecure"
|
||||
- "traefik.http.routers.whoami.tls=true"
|
||||
- "traefik.http.routers.whoami.tls.certresolver=duckdns"
|
||||
|
||||
networks:
|
||||
web:
|
||||
external: true
|
||||
Reference in New Issue
Block a user