ssl cert store update and self-signed cert support

2021-12-14 18:12:08 +01:00
parent 6c7e6787b1
commit 4e6e48dc52
3 changed files with 31 additions and 36 deletions
--- a/docker-compose/prometheus-grafana/docker-compose.yml
+++ b/docker-compose/prometheus-grafana/docker-compose.yml
@@ -1,4 +1,3 @@
 ---
 version: '3'
 volumes:
@@ -21,7 +20,7 @@ services:
      - "--config.file=/etc/prometheus/prometheus.yml"
  grafana:
-    image: grafana/grafana:latest
+    image: grafana/grafana-oss:latest
    container_name: grafana
    ports:
      - "3000:3000"
--- a/docker-compose/traefik/config/traefik.yml
+++ b/docker-compose/traefik/config/traefik.yml
@@ -37,36 +37,37 @@ entryPoints:
  websecure:
    address: :443
-# Certificates configuration
+# Configure your CertificateResolver here...
 # ---
-# TODO: Custmoize your Cert Resolvers and Domain settings
+# certificatesResolvers:
 #   staging:
 #     acme:
 #       email: your-email@example.com
 #       storage: /etc/traefik/certs/acme.json
 #       caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
 #       httpChallenge:
 #         entryPoint: web
 #
-certificatesResolvers:
+#   production:
-# LET'S ENCRYPT:
+#     acme:
-# ---
+#       email: your-email@example.com
-# 
+#       storage: /etc/traefik/certs/acme.json
-  staging:
+#       caServer: "https://acme-v02.api.letsencrypt.org/directory"
-    acme:
+#       httpChallenge:
-      email: your-email@example.com  # TODO: Change this to your email
+#         entryPoint: webproviders:
-      storage: /ssl-certs/acme.json
+
-      caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
+# (Optional) Overwrite Default Certificates
-      httpChallenge:
+# tls:
-        entryPoint: web
+#   stores:
-  production:
+#     default:
-    acme:
+#       defaultCertificate:
-      email: your-email@example.com  # TODO: Change this to your email
+#         certFile: /etc/traefik/certs/cert.pem
-      storage: /ssl-certs/acme.json
+#         keyFile: /etc/traefik/certs/cert-key.pem
      caServer: "https://acme-v02.api.letsencrypt.org/directory"
      httpChallenge:
        entryPoint: web
 # Provider Configuration
 # ---
 # TODO: Customize your Provider Settings if needed
 # 
 providers:
 # DOCKER:
 # ---
 #
  docker:
    exposedByDefault: false  # Default is true
  file:
    # watch for dynamic configuration changes
    directory: /etc/traefik
    watch: true
--- a/docker-compose/traefik/docker-compose.yml
+++ b/docker-compose/traefik/docker-compose.yml
@@ -1,9 +1,5 @@
 version: '3'
 volumes:
  traefik-ssl-certs:
    driver: local
 services:
  traefik:
    image: "traefik:v2.5"
@@ -15,5 +11,4 @@ services:
      - "8080:8080"  # Don't do this in production!
    volumes:
      - /etc/traefik:/etc/traefik
      - traefik-ssl-certs:/ssl-certs
      - /var/run/docker.sock:/var/run/docker.sock:ro