Is it possible to just give label: traefik.enable=true and control everything from file provider? I don't have any success yet, and I start to thin if this is even possible.
Please, help answer me this puzzle.
Or, maybe this is not a good practice to mix those between?
Here is my configuration working only by providers :
#docker-compose.yml for traefik
version: "3.2"
networks:
traefik:
external:
name: traefik
services:
traefik:
image: traefik:chevrotin
container_name: traefik
volumes:
- /opt/docker/traefikV2/acme.json:/etc/traefik/acme.json
- /opt/docker/traefikV2/traefik.yml:/etc/traefik/traefik.yml
- /opt/docker/traefikV2/certs:/etc/traefik/certs
- /var/run/docker.sock:/var/run/docker.sock:ro
- /opt/docker/traefikV2/conf:/etc/traefik/conf # Here is the blackhole directory liked in traefik.yml where I put all my yml files
ports:
- 80:80
- 443:443
- 9987:9987/udp
networks:
- traefik
restart: always
#traefik.yml mounted by "- /opt/docker/traefikV2/traefik.yml:/etc/traefik/traefik.yml" in docker-compose
#First file conf read by traefik need docker-compose restart if you modify this file
global:
checkNewVersion: false
sendAnonymousUsage: false
providers:
file:
directory: /etc/traefik/conf/ # Blackhole directory with all providers files
watch: true
api:
insecure: false
dashboard: true
log:
level: INFO
filePath: /etc/traefik/traefik.log
accessLog: true
entryPoints:
web:
address: ":80"
websecure:
address: ":443"
ts3:
address: ":9987/udp"
mc:
address: ":25565/tcp"
#ATTENTION : certificate resolvers above can't work if declared in /etc/traefik/conf/provider.yml
#They work only if they are declared here in traefik.yml, first file read at start
#I spent about 8 hours to understand that.
certificatesResolvers:
letsencrypt-ecdsa:
acme:
email: mymail@false.tld
caserver: https://acme-v02.api.letsencrypt.org/directory
storage: /etc/traefik/acme.json
keytype: EC384
httpChallenge:
entryPoint: web
letsencrypt-rsa2048:
acme:
email: mymail@false.tld
caserver: https://acme-v02.api.letsencrypt.org/directory
storage: /etc/traefik/acme.json
keytype: RSA2048
httpChallenge:
entryPoint: web
Example for my teamspeak docker :
#docker-compose for teamspeak service :
version: '3'
services:
#############
# teamspeak #
#############
teamspeak:
image: teamspeak
container_name: teamspeak
ports:
- "9987"
- "30033"
- "10011"
environment:
- TS3SERVER_LICENSE=accept
volumes:
- /opt/docker/ts3:/var/ts3server
- /opt/docker/ts3/run:/var/run/ts3server/
restart: always
networks:
- traefik
networks:
traefik:
external:
name: traefik
# ts3.yml file in /opt/docker/traefikV2/conf
udp:
services:
ts3:
loadBalancer:
servers:
- address: "teamspeak:9987"
routers:
ts3:
rule: "HostSNI(`ts.domain.tld`)"
entryPoints:
- "ts3"
service: "ts3"
Hope it help
Thanks, this gives a bit more confidence that I could move all the configs away from comose files.
And this is surprise to me too that certs has to be defined in static not in dynamic part... Thanks for pointing this out
Using providers in files took a little bit more time to setup especially to understand that
certificatesResolvers can't be declared dynamicaly.
But I prefer that way instead of declaring rules in docker-compose that, i think, is not clear and lisible.
I only shown you one service behind traefik but I've configured this way 8 services TCP and UDP mixed and the best part is modifying providers without docker-compose.yml restart to apply changes 