Hi!
Im trying to follow along this tutorial: https://www.smarthomebeginner.com/traefik-2-docker-tutorial/ as probably many others. But I don't have the need of setting up a cloudflare account, or deal with certs - im just planning to run this inside my local network. I add all domains to the DNS option in my PiHole.
The above mentioned tutorial uses cloudflare, and I have tried to remove it with a lot of other containers. But one thing that I do want is to have Heimdall or another "front-page" container on the top level domain. In my docker-compose.yml
file below, I use $DOMAINNAME
set in /etc/envirionment
(it is example.local
).
But I cannot figure out why heimdall.$DOMAINNAME
works but not just $DOMAINNAME
. Either way traefik.$DOMAINNAME
seems to work.
What im a doing wrong?
version: "3.5"
networks:
t2_proxy:
name: t2_proxy
driver: bridge
ipam:
config:
- subnet: 192.168.1.0/24
default:
driver: bridge
# Common environment values
x-environment: &default-tz-puid-pgid
TZ: $TZ
PUID: $PUID
PGID: $PGID
# Proxy Network and Security
x-network-and-security: &network-and-security
networks:
- t2_proxy
security_opt:
- no-new-privileges:true
# Keys common to some of the services in basic-services.txt
x-common-keys-core: &common-keys-core
<<: *network-and-security
restart: always
# profiles:
# - basic
# Keys common to some of the dependent services/apps
x-common-keys-apps: &common-keys-apps
<<: *network-and-security
restart: unless-stopped
# profiles:
# - apps
# Keys common to some of the services in media-services.txt
x-common-keys-media: &common-keys-media
<<: *network-and-security
restart: "no"
# profiles:
# - media
services:
traefik:
<<: *common-keys-core # See EXTENSION FIELDS at the top
image: "traefik:v2.6"
container_name: "traefik"
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--api.dashboard=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
# - "--entryPoints.traefik.address=:8080"
- "--global.checkNewVersion=true"
- "--global.sendAnonymousUsage=false"
- "--providers.docker.exposedByDefault=false"
ports:
- target: 80
published: 80
protocol: tcp
mode: host
- target: 8080
published: 8080
protocol: tcp
mode: host
labels:
# HTTP Routers
- "traefik.enable=true"
- "traefik.http.routers.traefik-rtr.entrypoints=web"
- "traefik.http.routers.traefik-rtr.rule=Host(`traefik.$DOMAINNAME`)"
## Services - API
- "traefik.http.routers.traefik-rtr.service=api@internal"
- "traefik.http.services.traefik-svc.loadbalancer.server.port=8080"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:ro"
whoami:
<<: *common-keys-core # See EXTENSION FIELDS at the top
image: "traefik/whoami"
container_name: "simple-service"
labels:
- "traefik.enable=true"
- "traefik.http.routers.whoami.rule=Host(`whoami.$DOMAINNAME`)"
- "traefik.http.routers.whoami.entrypoints=web"
# Portainer - WebUI for Containers
portainer:
<<: *common-keys-core # See EXTENSION FIELDS at the top
container_name: portainer
image: portainer/portainer-ce:latest
# command: -H unix:///var/run/docker.sock # # Use Docker Socket Proxy instead for improved security
# command: -H tcp://socket-proxy:2375
volumes:
# - /var/run/docker.sock:/var/run/docker.sock:ro # # Use Docker Socket Proxy instead for improved security
- $USERDIR/docker/portainer/data:/data
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- TZ=$TZ
labels:
- "traefik.enable=true"
## HTTP Routers
- "traefik.http.routers.portainer-rtr.entrypoints=web"
- "traefik.http.routers.portainer-rtr.rule=Host(`portainer.$DOMAINNAME`)"
## HTTP Services
- "traefik.http.routers.portainer-rtr.service=portainer-svc"
- "traefik.http.services.portainer-svc.loadbalancer.server.port=9000"
# Heimdall - Application Dashboard
heimdall:
<<: *common-keys-core # See EXTENSION FIELDS at the top
image: lscr.io/linuxserver/heimdall
container_name: heimdall
# ports:
# - "3000:80"
volumes:
- $USERDIR/docker/heimdall:/config
environment:
<<: *default-tz-puid-pgid
labels:
- "traefik.enable=true"
## HTTP Routers
- "traefik.http.routers.heimdall-rtr.entrypoints=web"
- "traefik.http.routers.heimdall-rtr.rule=Host(`heimdall.$DOMAINNAME`)"
## HTTP Services
- "traefik.http.routers.heimdall-rtr.service=heimdall-svc"
- "traefik.http.services.heimdall-svc.loadbalancer.server.port=80"
If you are kind enough to evaluate my main question, please feel free to address any security concerns.