JustPaste.it

Traefik nextcloud

  nextcloud:
    image: lscr.io/linuxserver/nextcloud:latest
    container_name: nextcloud
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=${TZ}
    volumes:
      - ./appdata/nextcloud:/config
      - Cloud:/data
    restart: unless-stopped
    #ports:
    #  - 8800:80
    #  - 8843:443
    networks:
      - proxy
    labels:
     - traefik.enable=true
     - traefik.http.routers.nextcloud.rule=Host(`nextcloud.domain.io`)
     - traefik.http.routers.nextcloud.entrypoints=websecure
     - traefik.http.routers.nextcloud.tls=true
     - traefik.http.services.nextcloud.loadbalancer.server.port=80

 

Traefik docker compose
services:
  traefik:
    image: traefik:latest
    container_name: traefik
    restart: unless-stopped
    networks:
      - proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./appdata/traefik/traefik.yml:/traefik.yml:ro
      - ./appdata/traefik/configs:/configs:ro
      - ./appdata/traefik/acme.json:/acme.json:rw
      - ./appdata/traefik/logs:/logs:rw
    environment:
      - CF_DNS_API_TOKEN=${CLOUDFLARE_TOKEN}
    labels:
      - traefik.enable=true
      - traefik.http.routers.traefik.entrypoints=websecure
      - traefik.http.routers.traefik.rule=Host(`traefik.domain.io`)
      - traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIKADMIN}
      - traefik.http.routers.traefik.middlewares=traefik-auth
      - traefik.http.routers.traefik.service=api@internal
      - traefik.http.routers.traefik.tls=true
      - traefik.http.routers.traefik.tls.certresolver=dns
      - traefik.http.routers.traefik.tls.domains[0].main=domain.io
      - traefik.http.routers.traefik.tls.domains[0].sans=*.domain.io
    read_only: true

 

traefik.yml
api:
  dashboard: true

serversTransport:
  insecureSkipVerify: true

entryPoints:
  web:
    address: ":80"
    http:
      redirections:
        entrypoint:
          to: websecure
          scheme: https
  websecure:
    address: ":443"
    http:
      tls: {}

 

providers:
  docker:
    #endpoint: "unix:///var/run/docker.sock"
    endpoint: "tcp://dockerproxy-traefik:2375"
    exposedbydefault: false
    defaultRule: "Host(`{{ index .Labels \"com.docker.compose.service\"}}.domain.io`)"
    network: proxy
  file:
      directory: "/configs"
      watch: true

certificatesResolvers:
  web:
    acme:
      email: my.coludflare@mail.io
      storage: acme.json
      httpChallenge:
        entryPoint: web
  dns:
    acme:
      email: my.coludflare@mail.io
      storage: acme.json
      dnsChallenge:
        provider: cloudflare
        resolvers:
          - "1.1.1.1:53"
          - "1.0.0.1:53"

accessLog:
  filePath: "/logs/access.log"
  fields:
    headers:
      names:
        User-Agent: keep