From 4e6e48dc521d1596287e54def2560af0d7783539 Mon Sep 17 00:00:00 2001 From: xcad2k <28359525+xcad2k@users.noreply.github.com> Date: Tue, 14 Dec 2021 18:12:08 +0100 Subject: [PATCH] ssl cert store update and self-signed cert support --- .../prometheus-grafana/docker-compose.yml | 3 +- docker-compose/traefik/config/traefik.yml | 59 ++++++++++--------- docker-compose/traefik/docker-compose.yml | 5 -- 3 files changed, 31 insertions(+), 36 deletions(-) diff --git a/docker-compose/prometheus-grafana/docker-compose.yml b/docker-compose/prometheus-grafana/docker-compose.yml index f33e659..6610347 100755 --- a/docker-compose/prometheus-grafana/docker-compose.yml +++ b/docker-compose/prometheus-grafana/docker-compose.yml @@ -1,4 +1,3 @@ ---- version: '3' volumes: @@ -21,7 +20,7 @@ services: - "--config.file=/etc/prometheus/prometheus.yml" grafana: - image: grafana/grafana:latest + image: grafana/grafana-oss:latest container_name: grafana ports: - "3000:3000" diff --git a/docker-compose/traefik/config/traefik.yml b/docker-compose/traefik/config/traefik.yml index d1b2283..7fab06c 100644 --- a/docker-compose/traefik/config/traefik.yml +++ b/docker-compose/traefik/config/traefik.yml @@ -37,36 +37,37 @@ entryPoints: websecure: address: :443 -# Certificates configuration -# --- -# TODO: Custmoize your Cert Resolvers and Domain settings -# -certificatesResolvers: -# LET'S ENCRYPT: -# --- -# - staging: - acme: - email: your-email@example.com # TODO: Change this to your email - storage: /ssl-certs/acme.json - caServer: "https://acme-staging-v02.api.letsencrypt.org/directory" - httpChallenge: - entryPoint: web - production: - acme: - email: your-email@example.com # TODO: Change this to your email - storage: /ssl-certs/acme.json - caServer: "https://acme-v02.api.letsencrypt.org/directory" - httpChallenge: - entryPoint: web - -# Provider Configuration -# --- -# TODO: Customize your Provider Settings if needed -# -providers: -# DOCKER: +# Configure your CertificateResolver here... # --- +# certificatesResolvers: +# staging: +# acme: +# email: your-email@example.com +# storage: /etc/traefik/certs/acme.json +# caServer: "https://acme-staging-v02.api.letsencrypt.org/directory" +# httpChallenge: +# entryPoint: web # +# production: +# acme: +# email: your-email@example.com +# storage: /etc/traefik/certs/acme.json +# caServer: "https://acme-v02.api.letsencrypt.org/directory" +# httpChallenge: +# entryPoint: webproviders: + +# (Optional) Overwrite Default Certificates +# tls: +# stores: +# default: +# defaultCertificate: +# certFile: /etc/traefik/certs/cert.pem +# keyFile: /etc/traefik/certs/cert-key.pem + +providers: docker: exposedByDefault: false # Default is true + file: + # watch for dynamic configuration changes + directory: /etc/traefik + watch: true \ No newline at end of file diff --git a/docker-compose/traefik/docker-compose.yml b/docker-compose/traefik/docker-compose.yml index b2ede62..3ecf9eb 100644 --- a/docker-compose/traefik/docker-compose.yml +++ b/docker-compose/traefik/docker-compose.yml @@ -1,9 +1,5 @@ version: '3' -volumes: - traefik-ssl-certs: - driver: local - services: traefik: image: "traefik:v2.5" @@ -15,5 +11,4 @@ services: - "8080:8080" # Don't do this in production! volumes: - /etc/traefik:/etc/traefik - - traefik-ssl-certs:/ssl-certs - /var/run/docker.sock:/var/run/docker.sock:ro