add http-01 example

config/traefik/examples/http-01/docker-compose.override.yml

@@ -0,0 +1,93 @@
+version: "3.7"
+
+services:
+  traefik:
+    # The official v2 Traefik docker image
+    image: traefik:latest
+    container_name: traefik
+    restart: always
+    env_file: env
+    ports:
+      - "80:80"
+      - "443:443"
+      - "8080:8080"
+    networks:
+      - "invoiceninja"
+    volumes:
+      # So that Traefik can listen to the Docker events
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+      # Dynamic configuration files
+      - "./config/traefik/config:/conf:ro"
+      # Enable Access Log
+      - "./config/traefik/logs/:/var/log/www/"
+      # LetsEncrypt Configuration Storage
+      - "./config/traefik/ssl-files:/ssl"
+    command:
+      # Send usage statistics (or not)
+      - "--global.sendAnonymousUsage=false"
+      # By default, the level is set to ERROR. Alternative logging levels are 
+      # DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
+      - "--log.level=WARN"
+      # Enable Access Log
+      - "--accesslog.filepath=/var/log/www/access.log"
+      # Enable Dashboard
+      - "--api.insecure=false"
+      - "--api.dashboard=true"
+      - "--api.debug=true"
+      # We are using Docker
+      - "--providers.docker=true"
+      - "--providers.docker.exposedbydefault=false"
+      # (Optional) Set default hostname if not given explicitly
+      - "--providers.docker.defaultRule=Host(`${APP_URL_DOMAIN}`)"
+      # Listen on port 80 (http)
+      - "--entrypoints.web.address=:80"
+      # Listen on port 443 (https)
+      - "--entrypoints.websecure.address=:443"
+      # Listen on port 8080 (traefik Dashboard)
+      - "--entrypoints.traefik-dashbaord.address=:8080"
+      # Watch dynamic configuration file
+      - "--providers.file.directory=/conf"
+      - "--providers.file.watch=true"
+      # Automaticly redirect from http to https
+      - "--entrypoints.web.http.redirections.entryPoint.to=websecure"
+      - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
+      ################ START SSL configuration ################
+      # ---------> LetsEncrypt <---------
+      # HTTP-Challenge
+      - "--certificatesresolvers.http-01.acme.httpchallenge=true"
+      - "--certificatesresolvers.http-01.acme.httpchallenge.entrypoint=web"
+      # (Optional) Use testing server before receiving the productive ssl certificate
+      #- "--certificatesresolvers.http-01.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
+      - "--certificatesresolvers.http-01.acme.email=${ACME_EMAIL}"
+      - "--certificatesresolvers.http-01.acme.storage=/ssl/acme.json"
+      ################  END SSL configuration  ################
+    labels:
+      # Enable Traefik
+      - "traefik.enable=true"
+      # Set Network to use
+      - "traefik.docker.network=invoiceninja"
+      # Set service type
+      - "traefik.http.routers.traefik-dashbaord.service=api@internal"
+      # Load dynamic config from conf/*.yml
+      - "traefik.http.routers.traefik-dashbaord.middlewares=default@file,basic-auth@file"
+      # Define entrypint to use
+      - "traefik.http.routers.traefik-dashbaord.entrypoints=traefik-dashbaord"
+      # Define Hostname and path
+      - "traefik.http.routers.traefik-dashbaord.rule=Host(`${APP_URL_DOMAIN}`) && PathPrefix(`/api`,`/dashboard`)"
+      # Enable SSL/TLS
+      - "traefik.http.routers.traefik-dashbaord.tls=true"
+      - "traefik.http.routers.traefik-dashbaord.tls.certResolver=http-01"
+
+  server:
+    labels:
+      # Enable Traefik
+      - "traefik.enable=true"
+      # Set Network to use
+      - "traefik.docker.network=invoiceninja"
+      # Load dynamic config
+      - "traefik.http.routers.ninja-nginx.middlewares=default@file"
+      # Service related labels
+      - "traefik.http.routers.ninja-nginx.entrypoints=websecure"
+      - "traefik.http.routers.ninja-nginx.rule=Host(`${APP_URL_DOMAIN}`)"
+      - "traefik.http.routers.ninja-nginx.tls=true"
+      - "traefik.http.routers.ninja-nginx.tls.certResolver=http-01"