waja hat die Gist bearbeitet 8 years ago. Zu Änderung gehen
1 file changed, 3 insertions, 3 deletions
deploy_traefik.sh
| @@ -51,9 +51,9 @@ RemainAfterExit=yes | |||
| 51 | 51 | ||
| 52 | 52 | Environment="WORK_DIR=/srv/docker/traefik/" | |
| 53 | 53 | WorkingDirectory=/srv/docker/traefik/ | |
| 54 | - | ExecStartPre=-/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/production.yml" down | |
| 55 | - | ExecStart=/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/production.yml" up -d | |
| 56 | - | ExecStop=/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/production.yml" down | |
| 54 | + | ExecStartPre=-/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/container.conf/production.yml" down | |
| 55 | + | ExecStart=/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/container.conf/production.yml" up -d | |
| 56 | + | ExecStop=/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/container.conf/production.yml" down | |
| 57 | 57 | ||
| 58 | 58 | [Install] | |
| 59 | 59 | WantedBy=docker.service | |
waja hat die Gist bearbeitet 8 years ago. Zu Änderung gehen
1 file changed, 106 insertions
deploy_traefik.sh(Datei erstellt)
| @@ -0,0 +1,106 @@ | |||
| 1 | + | #!/bin/bash | |
| 2 | + | DOCKER_BASE=/srv/docker | |
| 3 | + | ||
| 4 | + | mkdir -p ${DOCKER_BASE}/traefik/container.conf | |
| 5 | + | ||
| 6 | + | cat > ${DOCKER_BASE}/traefik/container.conf/docker-compose.yml <<EOF | |
| 7 | + | version: '3.3' | |
| 8 | + | ||
| 9 | + | services: | |
| 10 | + | ||
| 11 | + | traefik: | |
| 12 | + | image: traefik:1.5-alpine | |
| 13 | + | environment: | |
| 14 | + | - LC_ALL=C.UTF-8 | |
| 15 | + | - TZ=Europe/Berlin | |
| 16 | + | labels: | |
| 17 | + | - traefik.enable=true | |
| 18 | + | - traefik.backend=traefik | |
| 19 | + | - traefik.port=8080 | |
| 20 | + | ports: | |
| 21 | + | - "80:80" | |
| 22 | + | - "443:443" | |
| 23 | + | - "8080:8080" | |
| 24 | + | restart: always | |
| 25 | + | volumes: | |
| 26 | + | - "./config/:/etc/traefik/" | |
| 27 | + | - "/var/run/docker.sock:/var/run/docker.sock:ro" | |
| 28 | + | EOF | |
| 29 | + | ln -s container.conf/docker-compose.yml ${DOCKER_BASE}/traefik/ | |
| 30 | + | ||
| 31 | + | cat > ${DOCKER_BASE}/traefik/container.conf/production.yml <<EOF | |
| 32 | + | version: '3.3' | |
| 33 | + | ||
| 34 | + | services: | |
| 35 | + | ||
| 36 | + | traefik: | |
| 37 | + | labels: | |
| 38 | + | - traefik.frontend.rule=Host:traefik.test.org | |
| 39 | + | - com.centurylinklabs.watchtower.enable=true | |
| 40 | + | EOF | |
| 41 | + | ||
| 42 | + | cat > ${DOCKER_BASE}/traefik/container.conf/traefik.service <<EOF | |
| 43 | + | [Unit] | |
| 44 | + | Description=Traefik Proxy Service | |
| 45 | + | After=network.target docker.service | |
| 46 | + | Requires=docker.service | |
| 47 | + | ||
| 48 | + | [Service] | |
| 49 | + | Type=oneshot | |
| 50 | + | RemainAfterExit=yes | |
| 51 | + | ||
| 52 | + | Environment="WORK_DIR=/srv/docker/traefik/" | |
| 53 | + | WorkingDirectory=/srv/docker/traefik/ | |
| 54 | + | ExecStartPre=-/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/production.yml" down | |
| 55 | + | ExecStart=/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/production.yml" up -d | |
| 56 | + | ExecStop=/usr/local/bin/docker-compose -f "\${WORK_DIR}/docker-compose.yml" -f "\${WORK_DIR}/production.yml" down | |
| 57 | + | ||
| 58 | + | [Install] | |
| 59 | + | WantedBy=docker.service | |
| 60 | + | EOF | |
| 61 | + | ln -s ${DOCKER_BASE}/traefik/container.conf/traefik.service /etc/systemd/system/ | |
| 62 | + | ||
| 63 | + | mkdir -p ${DOCKER_BASE}/traefik/config | |
| 64 | + | ||
| 65 | + | cat > ${DOCKER_BASE}/traefik/config/traefik.toml <<EOF | |
| 66 | + | logLevel = "DEBUG" | |
| 67 | + | defaultEntryPoints = ["http", "https"] | |
| 68 | + | ||
| 69 | + | # WEB interface of Traefik - it will show web page with overview of frontend and backend configurations | |
| 70 | + | [web] | |
| 71 | + | address = ":8080" | |
| 72 | + | [web.auth.basic] | |
| 73 | + | users = ["admin:$apr1$AAbCdQpX$ajolS9mMfKRG.lqcY/uXU/"] | |
| 74 | + | ||
| 75 | + | # Connection to docker host system (docker.sock) | |
| 76 | + | [docker] | |
| 77 | + | domain = "test.org" | |
| 78 | + | watch = true | |
| 79 | + | # This will hide all docker containers that don't have explicitly | |
| 80 | + | # set label to "enable" | |
| 81 | + | exposedbydefault = false | |
| 82 | + | ||
| 83 | + | # Force HTTPS | |
| 84 | + | [entryPoints] | |
| 85 | + | [entryPoints.http] | |
| 86 | + | address = ":80" | |
| 87 | + | [entryPoints.http.redirect] | |
| 88 | + | entryPoint = "https" | |
| 89 | + | [entryPoints.https] | |
| 90 | + | address = ":443" | |
| 91 | + | [entryPoints.https.tls] | |
| 92 | + | ||
| 93 | + | # Let's encrypt configuration | |
| 94 | + | [acme] | |
| 95 | + | email="ssladmin@test.org" | |
| 96 | + | storage="/etc/traefik/acme.json" | |
| 97 | + | entryPoint="https" | |
| 98 | + | acmeLogging=true | |
| 99 | + | onDemand=false | |
| 100 | + | OnHostRule=true | |
| 101 | + | ||
| 102 | + | [acme.httpChallenge] | |
| 103 | + | entryPoint = "http" | |
| 104 | + | EOF | |
| 105 | + | ||
| 106 | + | systemctl daemon-reload && systemctl enable traefik && systemctl start traefik | |
Neuer
Älter