version: '3.8' networks: traefik-public: external: true secrets: duckdns_token: external: true volumes: traefik_letsencrypt: external: true configs: traefik_yml: external: true name: traefik.yml services: traefik: image: traefik:v3.2.3 ports: - "80:80" - "443:443" - "8080:8080" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - traefik_letsencrypt:/letsencrypt networks: - traefik-public secrets: - duckdns_token configs: - source: traefik_yml target: /etc/traefik/traefik.yml healthcheck: test: ["CMD", "traefik", "healthcheck", "--ping"] interval: 30s timeout: 5s retries: 3 start_period: 10s deploy: mode: replicated replicas: 2 placement: constraints: - node.role == manager resources: limits: memory: 512M cpus: '0.5' reservations: memory: 128M cpus: '0.1' restart_policy: condition: on-failure delay: 5s max_attempts: 3 update_config: parallelism: 1 delay: 10s failure_action: rollback order: start-first labels: - "traefik.enable=true" - "traefik.http.routers.traefik.rule=Host(`traefik.sj98.duckdns.org`)" - "traefik.http.routers.traefik.entrypoints=websecure" - "traefik.http.routers.traefik.tls.certresolver=leresolver" - "traefik.http.routers.traefik.service=api@internal" - "traefik.http.services.traefik.loadbalancer.server.port=8080" logging: driver: "json-file" options: max-size: "10m" max-file: "3" whoami: image: traefik/whoami:v1.10 networks: - traefik-public healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:80/health"] interval: 30s timeout: 5s retries: 3 deploy: resources: limits: memory: 64M cpus: '0.1' reservations: memory: 16M cpus: '0.01' restart_policy: condition: on-failure delay: 5s max_attempts: 3 labels: - "traefik.enable=true" - "traefik.http.routers.whoami.rule=Host(`whoami.sj98.duckdns.org`)" - "traefik.http.routers.whoami.entrypoints=websecure" - "traefik.http.routers.whoami.tls.certresolver=leresolver" - "traefik.http.services.whoami.loadbalancer.server.port=80" logging: driver: "json-file" options: max-size: "5m" max-file: "2"