-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtraefik-letsencrypt-bookstack-docker-compose.yml
118 lines (115 loc) · 4.5 KB
/
traefik-letsencrypt-bookstack-docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
version: "3.8"
services:
traefik:
image: traefik:v3.2@sha256:e561a37f8710d9cf41c78bdf421d822b2c0b48267ec0552e644565fb55466ea9
command:
- "--log.level=WARN"
- "--accesslog=true"
- "--api.dashboard=true"
- "--api.insecure=true"
- "--ping=true"
- "--ping.entrypoint=ping"
- "--entryPoints.ping.address=:8082"
- "--entryPoints.web.address=:80"
- "--entryPoints.websecure.address=:443"
- "--providers.docker=true"
- "--providers.docker.endpoint=unix:///var/run/docker.sock"
- "--providers.docker.exposedByDefault=false"
- "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
# Email for Let's Encrypt (replace with your own e-mail)
- "--certificatesresolvers.letsencrypt.acme.email=example.mail@examplemailservice.com"
- "--certificatesresolvers.letsencrypt.acme.storage=/etc/traefik/acme/acme.json"
- "--global.checkNewVersion=true"
- "--global.sendAnonymousUsage=false"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /data/traefik/ssl:/etc/traefik/acme
env_file:
- ./.env
ports:
- "80:80"
- "443:443"
healthcheck:
test: ["CMD", "wget", "http://localhost:8082/ping","--spider"]
interval: 10s
timeout: 5s
retries: 3
start_period: 5s
labels:
- "traefik.enable=true"
# Traefik URL (replace this with your own URL)
- "traefik.http.routers.dashboard.rule=Host(`example.url.com`)"
- "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.entrypoints=websecure"
- "traefik.http.services.dashboard.loadbalancer.server.port=8080"
- "traefik.http.routers.dashboard.tls=true"
- "traefik.http.routers.dashboard.tls.certresolver=letsencrypt"
- "traefik.http.services.dashboard.loadbalancer.passhostheader=true"
- "traefik.http.routers.dashboard.middlewares=authtraefik"
# Basic Authentication for Traefik Dashboard
# Username: admin (replace with your own username and encrypted password)
# Passwords must be encoded using MD5, SHA1, or BCrypt (check README.md on how to hash a password)
# We recommend BCrypt here to encode your password for basic auth
# Please change the password in the .env file
- "traefik.http.middlewares.authtraefik.basicauth.users=${BASICAUTH_USER}:${BASICAUTH_PASSWORD}"
- "traefik.http.routers.http-catchall.rule=HostRegexp(`{host:.+}`)"
- "traefik.http.routers.http-catchall.entrypoints=web"
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
restart: unless-stopped
bookstack_web:
image: lscr.io/linuxserver/bookstack:24.12.20241223@sha256:d1c7c9ac3badb98582b75846db3cccb29b65dafbda2f68a33758032d7a0555b2
container_name: bookstack_web
networks:
- default
environment:
- PUID=33
- PGID=33
- APP_URL=https://example.url.com
- DB_HOST=bookstack_db
- DB_USERNAME=bookstack
- DB_PASSWORD=MODIFY_ME
- DB_DATABASE=bookstackapp
- ALLOW_ROBOTS=false
- LOG_FAILED_LOGIN_MESSAGE="Failed login for %u"
labels:
- "traefik.enable=true"
- "traefik.http.routers.bookstack.entrypoints=websecure"
- "traefik.http.routers.bookstack.rule=Host(`example.url.com`)"
- "traefik.http.routers.bookstack.tls=true"
- "traefik.http.routers.bookstack.tls.certresolver=letsencrypt"
- "traefik.http.services.bookstack.loadbalancer.server.port=80"
volumes:
- /data/bookstack/data:/config
healthcheck:
test: curl --fail http://localhost || exit 1
interval: 60s
retries: 5
start_period: 20s
timeout: 5s
restart: unless-stopped
depends_on:
bookstack_db:
condition: service_healthy
bookstack_db:
image: lscr.io/linuxserver/mariadb:10.5.17-r0-ls70@sha256:074604713d092191685a6e56ab30199474accaa1b8ad008f866517637cf9664d
container_name: bookstack_db
environment:
- PUID=MODIFY_ME
- PGID=MODIFY_ME
- MYSQL_ROOT_PASSWORD=MODIFY_ME
- TZ=Europe/Berlin
- MYSQL_DATABASE=bookstackapp
- MYSQL_USER=bookstack
- MYSQL_PASSWORD=MODIFY_ME
volumes:
- /data/bookstack/database:/config
restart: unless-stopped
healthcheck:
test: "/usr/bin/mariadb --user=root --password=MODIFY_ME --execute \"SHOW DATABASES;\""
interval: 3s
retries: 5
start_period: 20s
timeout: 1s
networks:
- default