70 lines
1.9 KiB
YAML
70 lines
1.9 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
traefik:
|
|
image: traefik:v3.0
|
|
command:
|
|
# API 和 Dashboard
|
|
- --api.dashboard=true
|
|
- --api.insecure=true
|
|
|
|
# 入口点
|
|
- --entrypoints.web.address=:80
|
|
- --entrypoints.websecure.address=:443
|
|
|
|
# Docker Swarm Provider
|
|
- --providers.swarm=true
|
|
- --providers.swarm.endpoint=unix:///var/run/docker.sock
|
|
- --providers.swarm.exposedByDefault=false
|
|
- --providers.swarm.network=traefik-public
|
|
|
|
# 日志
|
|
- --log.level=INFO
|
|
- --accesslog=true
|
|
|
|
# 指标
|
|
- --metrics.prometheus=true
|
|
- --metrics.prometheus.addEntryPointsLabels=true
|
|
- --metrics.prometheus.addServicesLabels=true
|
|
|
|
# 证书解析器 (可选)
|
|
- --certificatesresolvers.letsencrypt.acme.httpchallenge=true
|
|
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
|
|
- --certificatesresolvers.letsencrypt.acme.email=admin@example.com
|
|
- --certificatesresolvers.letsencrypt.acme.storage=/certificates/acme.json
|
|
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
- "8080:8080" # Dashboard
|
|
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock:ro
|
|
- traefik-certificates:/certificates
|
|
|
|
networks:
|
|
- traefik-public
|
|
|
|
deploy:
|
|
mode: global
|
|
placement:
|
|
constraints:
|
|
- node.role == manager
|
|
labels:
|
|
# Traefik Dashboard 路由
|
|
- traefik.enable=true
|
|
- traefik.http.routers.traefik-dashboard.rule=Host(`traefik.local`)
|
|
- traefik.http.routers.traefik-dashboard.service=api@internal
|
|
- traefik.http.services.traefik-dashboard.loadbalancer.server.port=8080
|
|
update_config:
|
|
parallelism: 1
|
|
delay: 10s
|
|
restart_policy:
|
|
condition: on-failure
|
|
|
|
networks:
|
|
traefik-public:
|
|
external: true
|
|
|
|
volumes:
|
|
traefik-certificates: |