gist:8d508fc7e16242858a3e47e28ada52a2

Revisione 820459adc66f2e651a64dd3910722acc8482dd4c

deploy_traefik.sh · 2.7 KiB · Bash Raw

#!/bin/bash DOCKER_BASE=/srv/docker mkdir -p ${DOCKER_BASE}/traefik/container.conf cat > ${DOCKER_BASE}/traefik/container.conf/docker-compose.yml <<EOF version: '3.7' services: traefik: image: traefik:1.7-alpine environment: - LC_ALL=C.UTF-8 - TZ=Europe/Berlin labels: - traefik.enable=true - traefik.backend=traefik - traefik.port=8080 ports: - "80:80" - "443:443" - "8080:8080" restart: always volumes: - "./config/:/etc/traefik/" - "/var/run/docker.sock:/var/run/docker.sock:ro" networks: traefik_default: external: true EOF ln -s container.conf/docker-compose.yml ${DOCKER_BASE}/traefik/ cat > ${DOCKER_BASE}/traefik/container.conf/production.yml <<EOF version: '3.7' services: traefik: labels: - traefik.frontend.rule=Host:host.test.org;PathPrefixStrip:/traefik - com.centurylinklabs.watchtower.enable=true EOF cat > ${DOCKER_BASE}/traefik/container.conf/traefik.service <<EOF [Unit] Description=Traefik Proxy Service After=network.target docker.service Requires=docker.service [Service] Type=oneshot RemainAfterExit=yes Environment="WORK_DIR=/srv/docker/traefik/" WorkingDirectory=/srv/docker/traefik/ ExecStartPre=-/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/container.conf/production.yml" down ExecStart=/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/container.conf/production.yml" up -d ExecStop=/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/container.conf/production.yml" down [Install] WantedBy=docker.service EOF ln -s ${DOCKER_BASE}/traefik/container.conf/traefik.service /etc/systemd/system/ mkdir -p ${DOCKER_BASE}/traefik/config cat > ${DOCKER_BASE}/traefik/config/traefik.toml <<EOF logLevel = "DEBUG" defaultEntryPoints = ["http", "https"] # WEB interface of Traefik - it will show web page with overview of frontend and backend configurations [web] address = ":8080" [web.auth.basic] users = ["admin:$apr1$AAbCdQpX$ajolS9mMfKRG.lqcY/uXU/"] # Connection to docker host system (docker.sock) [docker] domain = "test.org" watch = true # This will hide all docker containers that don't have explicitly # set label to "enable" exposedbydefault = false # Force HTTPS [entryPoints] [entryPoints.http] address = ":80" [entryPoints.http.redirect] entryPoint = "https" [entryPoints.https] address = ":443" [entryPoints.https.tls] # Let's encrypt configuration [acme] email="ssladmin@test.org" storage="/etc/traefik/acme.json" entryPoint="https" acmeLogging=true onDemand=false OnHostRule=true [acme.httpChallenge] entryPoint = "http" EOF systemctl daemon-reload && systemctl enable traefik && systemctl start traefik

1	#!/bin/bash
2	DOCKER_BASE=/srv/docker
3
4	mkdir -p ${DOCKER_BASE}/traefik/container.conf
5
6	cat > ${DOCKER_BASE}/traefik/container.conf/docker-compose.yml <<EOF
7	version: '3.7'
8
9	services:
10	traefik:
11	image: traefik:1.7-alpine
12	environment:
13	- LC_ALL=C.UTF-8
14	- TZ=Europe/Berlin
15	labels:
16	- traefik.enable=true
17	- traefik.backend=traefik
18	- traefik.port=8080
19	ports:
20	- "80:80"
21	- "443:443"
22	- "8080:8080"
23	restart: always
24	volumes:
25	- "./config/:/etc/traefik/"
26	- "/var/run/docker.sock:/var/run/docker.sock:ro"
27
28	networks:
29	traefik_default:
30	external: true
31	EOF
32	ln -s container.conf/docker-compose.yml ${DOCKER_BASE}/traefik/
33
34	cat > ${DOCKER_BASE}/traefik/container.conf/production.yml <<EOF
35	version: '3.7'
36
37	services:
38
39	traefik:
40	labels:
41	- traefik.frontend.rule=Host:host.test.org;PathPrefixStrip:/traefik
42	- com.centurylinklabs.watchtower.enable=true
43	EOF
44
45	cat > ${DOCKER_BASE}/traefik/container.conf/traefik.service <<EOF
46	[Unit]
47	Description=Traefik Proxy Service
48	After=network.target docker.service
49	Requires=docker.service
50
51	[Service]
52	Type=oneshot
53	RemainAfterExit=yes
54
55	Environment="WORK_DIR=/srv/docker/traefik/"
56	WorkingDirectory=/srv/docker/traefik/
57	ExecStartPre=-/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/container.conf/production.yml" down
58	ExecStart=/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/container.conf/production.yml" up -d
59	ExecStop=/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/container.conf/production.yml" down
60
61	[Install]
62	WantedBy=docker.service
63	EOF
64	ln -s ${DOCKER_BASE}/traefik/container.conf/traefik.service /etc/systemd/system/
65
66	mkdir -p ${DOCKER_BASE}/traefik/config
67
68	cat > ${DOCKER_BASE}/traefik/config/traefik.toml <<EOF
69	logLevel = "DEBUG"
70	defaultEntryPoints = ["http", "https"]
71
72	# WEB interface of Traefik - it will show web page with overview of frontend and backend configurations
73	[web]
74	address = ":8080"
75	[web.auth.basic]
76	users = ["admin:$apr1$AAbCdQpX$ajolS9mMfKRG.lqcY/uXU/"]
77
78	# Connection to docker host system (docker.sock)
79	[docker]
80	domain = "test.org"
81	watch = true
82	# This will hide all docker containers that don't have explicitly
83	# set label to "enable"
84	exposedbydefault = false
85
86	# Force HTTPS
87	[entryPoints]
88	[entryPoints.http]
89	address = ":80"
90	[entryPoints.http.redirect]
91	entryPoint = "https"
92	[entryPoints.https]
93	address = ":443"
94	[entryPoints.https.tls]
95
96	# Let's encrypt configuration
97	[acme]
98	email="ssladmin@test.org"
99	storage="/etc/traefik/acme.json"
100	entryPoint="https"
101	acmeLogging=true
102	onDemand=false
103	OnHostRule=true
104
105	[acme.httpChallenge]
106	entryPoint = "http"
107	EOF
108
109	systemctl daemon-reload && systemctl enable traefik && systemctl start traefik
110