OK, sorry for forgetting the config
Here my Docker-compose for Traefik:
volumes:
letsencrypt-data:
driver: local-persist
driver_opts:
mountpoint: ${CONTAINERVOLUMES}/letsencrypt
services:
traefik:
image: "traefik:v3.0"
container_name: ${COMPOSE_PROJECT_NAME}
command:
- "--providers.file.filename=/traefik.yml"
labels:
traefik.enable: "true"
traefik.http.routers.traefik.rule: "${HOSTRULE}"
traefik.http.routers.traefik.service: "api@internal"
traefik.http.routers.traefik.middlewares: "myauth"
traefik.http.middlewares.myauth.basicauth.users: test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/
networks:
- "${PROXY_NETWORK}"
- "default"
ports:
# To be able to listen on port 80 (http)
- mode: host
published: 80
target: 80
# To be able to listen on port 443 (https)
- mode: host
published: 443
target: 443
restart: ${RESTART}
volumes:
# - ./configs/traefik/config.yml:/etc/traefik/config.yml:ro
- ./configs/traefik/traefik.yml:/traefik.yml:ro
- ./logs/access.log:/var/log/access.log
- ./logs/traefik.log:/var/log/traefik.log
# Set the container timezone by sharing the read-only localtime
- /etc/localtime:/etc/localtime:ro
- letsencrypt-data:/letsencrypt
- "/var/run/docker.sock:/var/run/docker.sock:ro"
networks:
traefik_proxy:
external: true
name: ${PROXY_NETWORK}
default:
driver: bridge
here my traefik.yml:
accessLog:
filePath: "/var/log/access.log"
api:
# Enable the dashboard
dashboard: true
insecure: false
certificatesResolvers:
letsEncrypt:
acme:
tlschallenge: true
email: "webmaster@domain.org"
storage: "/letsencrypt/Traefik.json"
entryPoints:
web-http:
address: ":80"
http:
redirections:
entryPoint:
to: "websedcure-https"
scheme: "https"
websecure-https:
address: ":443"
http:
tls:
certResolver: letsEncrypt
log:
level: DEBUG
filePath: /var/log/traefik.log
providers:
docker:
endpoint: "unix:///var/run/docker.sock" # Listen to the UNIX Docker socket
exposedByDefault: false # Only expose container that are explicitly enabled (using label traefik.enabled)
network: "traefik_proxy" # Default network to use for connections to all containers.
file:
filename: "/etc/traefik/config.yml" # Link to the dynamic configuration
watch: true # Watch for modifications
providersThrottleDuration: 10 # Configuration reload frequency
I have just switched off the redirect hence the "error" in the webse"d"cure
here my docker-compose for Shopware:
version: '3'
volumes:
backup-data:
driver: local-persist
driver_opts:
mountpoint: ${CONTAINERVOLUMES}/backup
mysql-data:
driver: local-persist
driver_opts:
mountpoint: ${CONTAINERVOLUMES}/mysql
redis-data:
driver: local-persist
driver_opts:
mountpoint: ${CONTAINERVOLUMES}/redis
www-data:
driver: local-persist
driver_opts:
mountpoint: ${CONTAINERVOLUMES}/html
services:
# Datenbank Backup
DBBackup:
image: fradelg/mysql-cron-backup
container_name: ${COMPOSE_PROJECT_NAME}-DBBackup
restart: ${RESTART}
depends_on:
- mysql
volumes:
- backup-data:/backup
environment:
TZ: ${TIMEZONE}
MYSQL_HOST: mysql
MYSQL_USER: root
MYSQL_PASS: ${MYSQL_ROOT_PASSWORD}
MAX_BACKUPS: 6
INIT_BACKUP: 1
# 3 Minuten, um 0 uhr, 6 uhr und 18 uhr
CRON_TIME: 3 0,6,18, * * *
# Make it small
GZIP_LEVEL: 9
# Datenbank Percona
mysql:
image: bitnami/mysql:8.0
container_name: ${COMPOSE_PROJECT_NAME}-MYSQLDB
restart: ${RESTART}
volumes:
- mysql-data:/bitnami/mysql/data
- ./configs/mysql:/etc/mysql/conf.d
environment:
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
MYSQL_DATABASE: ${MYSQL_DATABASE}
MYSQL_USER: ${MYSQL_USER}
MYSQL_PASSWORD: ${MYSQL_PASSWORD}
TZ: ${TIMEZONE}
# PHP & Crons
php:
image: thecodingmachine/php:8.3-v4-apache
container_name: ${COMPOSE_PROJECT_NAME}-phpFPM
restart: ${RESTART}
environment:
# Nur für Apache
TZ: ${TIMEZONE}
APACHE_RUN_USER: docker
APACHE_RUN_GROUP: docker
APACHE_DOCUMENT_ROOT: /var/www/html/${COMPOSE_PROJECT_NAME}-Projekt/public
# APACHE_DOCUMENT_ROOT: /var/www/html/${COMPOSE_PROJECT_NAME}-Projekt
# Extensions
PHP_EXTENSION_BCMATH: 1
PHP_EXTENSION_GD: 1
PHP_EXTENSION_GMP: 1
PHP_EXTENSION_IMAGICK: 1
PHP_EXTENSION_INTL: 1
PHP_EXTENSION_MYSQLI: 1
PHP_EXTENSION_PGSQL: 0
# PHP Daten
PHP_INI_DISPLAY_ERRORS: 0
PHP_INI_DATE_TIMEZONE: ${TIMEZONE}
PHP_INI_ERROR_REPORTING: E_ALL
PHP_INI_MAX_EXECUTION_TIME: 360
PHP_INI_MAX_INPUT_VARS: 10000
PHP_INI_MEMORY_LIMIT: 1g
PHP_INI_POST_MAX_SIZE: 64M
PHP_INI_REALPATH_CACHE_TTL: 3600
PHP_INI_UPLOAD_MAX_FILESIZE: 64M
# ZEND
PHP_INI_ZEND__ASSERTIONS: -1
PHP_INI_ZEND__DETECT_UNICODE: 0
# Opcode Cache
PHP_INI_OPCACHE__ENABLE: 1
PHP_INI_OPCACHE__ENABLE_CLI: 1
PHP_INI_OPCACHE__MAX_ACCERLERATED_FILES: 20000
PHP_INI_OPCACHE__ENABLE_FILE_OVERRIDE: 1
PHP_INI_OPCACHE__INTERNED_STRINGS_BUFFER: 20
# Cron Jobs
CRON_USER_1: root
CRON_SCHEDULE_1: 02 03 * * *
CRON_COMMAND_1: /backup/HTML-Backup.sh
CRON_USER_2: docker
CRON_SCHEDULE_2: 1,3,5,7,9,11,13,15,17,19,21,23,25,27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59 * * * *
CRON_COMMAND_2: /var/www/html/${COMPOSE_PROJECT_NAME}-Projekt/bin/console messenger:consume async low_priority --time-limit=60
# CRON_USER_3: docker
# CRON_SCHEDULE_3: 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59 * * * *
# CRON_COMMAND_3: /var/www/html/${COMPOSE_PROJECT_NAME}-Projekt/bin/console core:archive
# Traefik Einstellungen
labels:
- traefik.enable=true
# Netzwerk
- traefik.docker.network=${PROXY_NETWORK}
# Domain - Routers
- traefik.http.routers.${COMPOSE_PROJECT_NAME}.rule=${HOSTRULE}
# VPN - START
# - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.ipwhitelist.ipStrategy=true
# - "traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.ipwhitelist.sourcerange=217.91.4.40, 217.91.161.217, 138.201.136.57, 128.140.38.44"
# VPN - ENDE
# Header - START
- traefik.http.routers.${COMPOSE_PROJECT_NAME}.middlewares=${COMPOSE_PROJECT_NAME}_Middleware
- traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.headers.customrequestheaders.X_Forwarded_Protocol=https
- traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.headers.customrequestheaders.X-Forwarded-Proto=https
- traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.headers.customrequestheaders.X-Forwarded-Ssl=on
- traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.headers.customrequestheaders.X-Forwarded-Port=443
# CORS Headers
# - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.headers.accesscontrolallowheaders=*
# - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.headers.accesscontrolallowmethods=*
# - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.headers.accesscontrolalloworiginlist=*
# - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.headers.accesscontrolexposeheaders=*
# - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.headers.accesscontrolmaxage=100
# - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Middleware.headers.addvaryheader=true
# Header - ENDE
networks:
- default
- ${PROXY_NETWORK}
volumes:
- backup-data:/backup
- www-data:/var/www/html
# REDIS Server
# Daten auf dem Container UID 1001
# Standard Port 6379
redis:
image: bitnami/redis:latest
container_name: ${COMPOSE_PROJECT_NAME}-Redis
restart: ${RESTART}
environment:
- ALLOW_EMPTY_PASSWORD=yes
# REDIS_PASSWORD: password123
# REDIS_PORT_NUMBER: 7000
volumes:
- redis-data:/bitnami/redis/data
networks:
traefik_proxy:
external: true
name: ${PROXY_NETWORK}