version: '3.4' services: reverse-proxy: restart: always image: traefik:latest container_name: Traefik ports: - "443:443" - "80:80" network_mode: bridge environment: - "TZ=Europe/Paris" - "OVH_ENDPOINT=ovh-eu" - "OVH_APPLICATION_KEY=HFMuo7uD6aS8BkF0" - "OVH_APPLICATION_SECRET=usufzSJMsokWnyij6ovuC9uxxQhruMlQ" - "OVH_CONSUMER_KEY=vGgAbel01iNDRVzlMTo4HDtlnSqcWbCO" volumes: - /volume1/Docker/Traefik/traefik.log:/traefik.log - /volume1/Docker/Traefik/traefik.toml:/etc/traefik/traefik.toml - /volume1/Docker/Traefik/services.toml:/etc/traefik/services.toml - /volume1/Docker/Traefik/acme.json:/acme.json - /var/run/docker.sock:/var/run/docker.sock labels: - "traefik.enable=true" # http to https redirection - "traefik.protocols=https" - "traefik.http.middlewares.https_redirect.redirectscheme.scheme=https" - "traefik.http.middlewares.https_redirect.redirectscheme.permanent=true" - "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)" - "traefik.http.routers.redirs.entrypoints=http" - "traefik.http.routers.redirs.middlewares=https_redirect" # Traefik dashboard - "traefik.http.routers.api.rule=Host(`traefik.webdot.fr`)" - "traefik.http.routers.api.service=api@internal" - "traefik.http.routers.api.entrypoints=https,http" #- "traefik.http.routers.api.middlewares=auth" - "traefik.http.routers.api.middlewares=https_redirect" - "traefik.http.routers.api.tls=true" - "traefik.http.routers.api.tls.certresolver=letsencrypt" # Docker interface - "traefik.http.routers.docker.entrypoints=https,http" - "traefik.http.routers.docker.middlewares=https_redirect" - "traefik.http.routers.docker.rule=Host(`docker.webdot.fr`)" - "traefik.http.routers.docker.service=docker@file" - "traefik.http.routers.docker.tls=true" - "traefik.http.routers.docker.tls.certresolver=letsencrypt" # Apache2 reverse proxy - "traefik.http.routers.www.entrypoints=https,http" - "traefik.http.routers.www.middlewares=https_redirect" - "traefik.http.routers.www.rule=Host(`www.webdot.fr`)" - "traefik.http.routers.www.service=www@file" - "traefik.http.routers.www.tls=true" - "traefik.http.routers.www.tls.certresolver=letsencrypt" # Nextcloud service - "traefik.http.routers.cloud.rule=Host(`cloud.webdot.fr`)" - "traefik.http.routers.cloud.entrypoints=https" - "traefik.http.routers.cloud.middlewares=https_redirect" - "traefik.http.routers.cloud.service=cloud@file" - "traefik.http.routers.cloud.tls=true" - "traefik.http.routers.cloud.tls.certresolver=letsencrypt" - "traefik.http.routers.cloud.middlewares=cloud-dav,secHeaders@file" - "traefik.http.middlewares.cloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav" - "traefik.http.middlewares.cloud-dav.replacepathregex.replacement=/remote.php/dav/" # Bitwarden application - "traefik.http.routers.vault.rule=Host(`vault.webdot.fr`)" - "traefik.http.routers.vault.entrypoints=https" - "traefik.http.routers.vault.middlewares=https_redirect" - "traefik.http.routers.vault.service=vault@file" - "traefik.http.routers.vault.tls=true" - "traefik.http.routers.vault.tls.certresolver=letsencrypt" # Plex application - "traefik.http.routers.plex.entrypoints=https,http" - "traefik.http.routers.plex.middlewares=https_redirect" - "traefik.http.routers.plex.rule=Host(`plex.webdot.fr`)" - "traefik.http.routers.plex.service=plex@file" - "traefik.http.routers.plex.tls=true" - "traefik.http.routers.plex.tls.certresolver=letsencrypt" # Mail service - "traefik.http.routers.mail.entrypoints=https,http" - "traefik.http.routers.mail.middlewares=https_redirect" - "traefik.http.routers.mail.rule=Host(`mail.webdot.fr`)" - "traefik.http.routers.mail.service=mail@file" - "traefik.http.routers.mail.tls=true" - "traefik.http.routers.mail.tls.certresolver=letsencrypt"