nextcloud:
image: lscr.io/linuxserver/nextcloud:latest
container_name: nextcloud
environment:
- PUID=1000
- PGID=1000
- TZ=${TZ}
volumes:
- ./appdata/nextcloud:/config
- Cloud:/data
restart: unless-stopped
#ports:
# - 8800:80
# - 8843:443
networks:
- proxy
labels:
- traefik.enable=true
- traefik.http.routers.nextcloud.rule=Host(`nextcloud.domain.io`)
- traefik.http.routers.nextcloud.entrypoints=websecure
- traefik.http.routers.nextcloud.tls=true
- traefik.http.services.nextcloud.loadbalancer.server.port=80
Traefik docker compose
services:
traefik:
image: traefik:latest
container_name: traefik
restart: unless-stopped
networks:
- proxy
ports:
- 80:80
- 443:443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./appdata/traefik/traefik.yml:/traefik.yml:ro
- ./appdata/traefik/configs:/configs:ro
- ./appdata/traefik/acme.json:/acme.json:rw
- ./appdata/traefik/logs:/logs:rw
environment:
- CF_DNS_API_TOKEN=${CLOUDFLARE_TOKEN}
labels:
- traefik.enable=true
- traefik.http.routers.traefik.entrypoints=websecure
- traefik.http.routers.traefik.rule=Host(`traefik.domain.io`)
- traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIKADMIN}
- traefik.http.routers.traefik.middlewares=traefik-auth
- traefik.http.routers.traefik.service=api@internal
- traefik.http.routers.traefik.tls=true
- traefik.http.routers.traefik.tls.certresolver=dns
- traefik.http.routers.traefik.tls.domains[0].main=domain.io
- traefik.http.routers.traefik.tls.domains[0].sans=*.domain.io
read_only: true
traefik.yml
api:
dashboard: true
serversTransport:
insecureSkipVerify: true
entryPoints:
web:
address: ":80"
http:
redirections:
entrypoint:
to: websecure
scheme: https
websecure:
address: ":443"
http:
tls: {}
providers:
docker:
#endpoint: "unix:///var/run/docker.sock"
endpoint: "tcp://dockerproxy-traefik:2375"
exposedbydefault: false
defaultRule: "Host(`{{ index .Labels \"com.docker.compose.service\"}}.domain.io`)"
network: proxy
file:
directory: "/configs"
watch: true
certificatesResolvers:
web:
acme:
email: my.coludflare@mail.io
storage: acme.json
httpChallenge:
entryPoint: web
dns:
acme:
email: my.coludflare@mail.io
storage: acme.json
dnsChallenge:
provider: cloudflare
resolvers:
- "1.1.1.1:53"
- "1.0.0.1:53"
accessLog:
filePath: "/logs/access.log"
fields:
headers:
names:
User-Agent: keep