-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose-proxy.yml
62 lines (58 loc) · 2.3 KB
/
docker-compose-proxy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
version: "2.4"
volumes:
traefik-letsencrypt:
traefik-tmp:
services:
traefik:
image: traefik:2.10
container_name: traefik
restart: unless-stopped
logging:
options:
max-size: 10m
ports:
- 80:80
- 443:443
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- traefik-tmp:/tmp
- traefik-letsencrypt:/etc/traefik/acme
- ./traefik/tls.yaml:/etc/traefik/tls.yaml:ro
command:
- --global.sendAnonymousUsage
- --accesslog=true
- --api=false
- --providers.docker=true
- --providers.docker.exposedByDefault=false
- --log.level=INFO
- --entryPoints.http.address=:80
- --entryPoints.https.address=:443
- --entryPoints.http.http.redirections.entryPoint.to=https
- --entryPoints.http.http.redirections.entryPoint.scheme=https
- --certificatesResolvers.letsEncrypt.acme.storage=/etc/traefik/acme/acme.json
- --certificatesResolvers.letsEncrypt.acme.email=${ADMIN_EMAIL}
- --certificatesResolvers.letsEncrypt.acme.tlsChallenge=true
- --providers.file.filename=/etc/traefik/tls.yaml
labels:
- traefik.enable=false
freshrss:
environment:
TRUSTED_PROXY: 172.16.0.1/12
labels:
- traefik.enable=true
- traefik.http.middlewares.freshrssM1.compress=true
- traefik.http.middlewares.freshrssM2.headers.browserXssFilter=true
- traefik.http.middlewares.freshrssM2.headers.forceSTSHeader=true
- traefik.http.middlewares.freshrssM2.headers.frameDeny=true
- traefik.http.middlewares.freshrssM2.headers.referrerPolicy=no-referrer-when-downgrade
- traefik.http.middlewares.freshrssM2.headers.stsSeconds=31536000
- traefik.http.routers.freshrss.entryPoints=https
- traefik.http.routers.freshrss.tls.certResolver=letsEncrypt
- traefik.http.routers.freshrss.tls=true
## Option 1: server FreshRSS as sub-domain
- traefik.http.routers.freshrss.middlewares=freshrssM1,freshrssM2
- traefik.http.routers.freshrss.rule=Host(`${SERVER_DNS}`)
## Option 2: serve FreshRSS as sub-path
# - traefik.http.middlewares.freshrssM3.stripprefix.prefixes=/freshrss
# - traefik.http.routers.freshrss.middlewares=freshrssM1,freshrssM2,freshrssM3
# - traefik.http.routers.freshrss.rule=PathPrefix(`/freshrss`)